Advance Persistent Threat Detection Using Long Short Term Memory (LSTM) Neural Networks

被引：14

作者：

Charan, P. V. Sai ^{[1
]}

Kumar, T. Gireesh ^{[1
]}

Anand, P. Mohan ^{[1
]}

机构：

[1] Amrita Univ, Amrita Vishwa Vidyapeetham, Amrita Sch Engn, TIFAC CORE Cyber Secur, Coimbatore, Tamil Nadu, India

来源：

EMERGING TECHNOLOGIES IN COMPUTER ENGINEERING: MICROSERVICES IN BIG DATA ANALYTICS | 2019年 / 985卷

关键词：

LSTM; APT; Hadoop; Splunk; Hive;

D O I：

10.1007/978-981-13-8300-7_5

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Advance Persistent Threat (APT) is a malware attack on sensitive corporate, banking networks and stays there for a long time undetected. In real time corporate networks, identifying the presence of intruder is a big challenging task to security experts. Recent APT attacks like Carbanak and The Big Bang ringing alarms globally. New methods for data exfiltration and evolving malware techniques are two main reasons for rapid and robust APT evolution. In this paper, we propose a method for APT detection System for real time corporate and banking organizations by using Long Short Term Memory (LSTM) Neural networks in order to analyze huge amount of SIEM (Security Information and Event Management) system event logs.

引用

页码：45 / 54

页数：10

共 18 条

[1] Ali PD, 2017, 2017 INNOVATIONS IN POWER AND ADVANCED COMPUTING TECHNOLOGIES (I-PACT)
[2] Anastasov I, 2014, 2014 WORLD CONGRESS ON COMPUTER APPLICATIONS AND INFORMATION SYSTEMS (WCCAIS)
[3] [Anonymous], P 13 INT C APPL INF
[4] [Anonymous], 2018, MCAFEE LABS THREATS
[5] [Anonymous], 2018, DEEPLOCKER AI CAN PO
[6] [Anonymous], 2015, GREAT BANK ROBB CARB
[7] Armour D.J., 2012, U.S. Patent No, Patent No. [8,185,353, 8185353]
[8] Brickell E.F., 2011, U.S. Patent No, Patent No. [7,908,653, 7908653]
[9] Charan P. V. Sai, 2019, Smart Intelligent Computing and Applications. Proceedings of the Second International Conference on SCI 2018. Smart Innovation, Systems and Technologies (SIST 104), P97, DOI 10.1007/978-981-13-1921-1_10
[10] Graves A, 2012, STUD COMPUT INTELL, V385, P1, DOI [10.1162/neco.1997.9.1.1, 10.1007/978-3-642-24797-2]

← 1 2 →