Proposed Approach for Targeted Attacks Detection

Proposed Approach for Targeted Attacks Detection Tato aplikace je zatím určena pro spuštění na stolním počítači. Na tomto mobilním zařízení je také funkční, ale zatím plně nevyužívá jeho možností.

Tato aplikace je zatím určena pro spuštění na stolním počítači. Na tomto mobilním zařízení je také funkční, ale zatím plně nevyužívá jeho možností.

Detailed Information on Publication Record

GHAFIR, Ibrahim and Václav PŘENOSIL. Proposed Approach for Targeted Attacks Detection. In Advanced Computer and Communication Engineering Technology, Lecture Notes in Electrical Engineering. Phuket: Springer International Publishing, 2016, p. 73-80. ISBN 978-3-319-24582-9.

Other formats: BibTeX LaTeX RIS

Basic information
Original name	Proposed Approach for Targeted Attacks Detection
Name in Czech	Návrh přístupu pro cílenou detekci útoků
Authors	GHAFIR, Ibrahim (760 Syrian Arab Republic, guarantor, belonging to the institution) and Václav PŘENOSIL (203 Czech Republic, belonging to the institution).
Edition	Phuket, Advanced Computer and Communication Engineering Technology, Lecture Notes in Electrical Engineering, p. 73-80, 8 pp. 2016.
Publisher	Springer International Publishing

Other information
Original language	English
Type of outcome	Proceedings paper
Field of Study	Informatics
Country of publisher	Switzerland
Confidentiality degree	is not subject to a state or trade secret
Publication form	printed version "print"
WWW	URL
RIV identification code	RIV/00216224:14330/16:00087688
Organization	Fakulta informatiky – Repository – Repository
ISBN	978-3-319-24582-9
ISSN	1876-1100
Keywords (in Czech)	Kybernetické útoky; cílené útoky; pokročilé přetrvávající hrozby; malware; systém detekce narušení.
Keywords in English	Cyber attacks; targeted attacks; advanced persistent threat; malware; intrusion detection system.
Links	OFMASUN201301, research and development project.
Changed by	Changed by: RNDr. Daniel Jakubík, učo 139797. Changed: 2/9/2020 10:18.

Abstract

For years governments, organizations and companies have made great efforts to keep hackers, malware, cyber attacks at bay with different degrees of success. On the other hand, cyber criminals and miscreants produced more advanced techniques to compromise Internet infrastructure. Targeted attack or advanced persistent threat (APT) attack is a new challenge and aims to accomplish a specific goal, most often espionage. APTs are presently the biggest threat to governments and organizations. This paper states research questions and propose a novel approach to intrusion detection system processes network traffic and able to detect potential APT attack. This detection of APT attack is based on the correlation between the events which we get as outputs of our detection methods. Each detection method aims to detect one technique used in one of APT attack steps.

Abstract (in Czech)

Provozovatelé a uživatelé počítačových sítí se dlouhou dobu snaží eliminovat vliv hackerů a jejich škodlivého SW na své informační systémy s různým stupněm úspěšnosti. Na druhou stranu, počítačoví zločinci vytvářejí stále důmyslnější techniky pro kompromitaci internetové infrastruktury. Cílený útok typu pokročilá trvalá hrozba (APT) je novou metodou jak ovládnout atakovanou síť. APT jsou v současnosti největší hrozbou pro státní instituce a jejich organizace. Tento článek diskutuje související teoretický otázky a navrhnuje nový přístup ke struktuře systému detekcí průniků, který zpracovává síťový provoz a schopen odhalit potenciální APT útoky. Tato detekce APT útoků je založena na korelaci mezi událostmi, které získáme jako výstupy našich detekčních metod. Každá metoda detekce si klade za cíl odhalit jednu techniku používanou v jednom z kroků APT kroku.

Type	Name	Uploaded/Created
	Proposed_Approach_for_Targeted_Attacks_Detection.pdf	6/12/2016
Properties Name Proposed_Approach_for_Targeted_Attacks_Detection.pdf Address within IS https://repozitar.cz/auth/repo/23507/344267/ Address for the users outside IS https://repozitar.cz/repo/23507/344267/ Address within Manager https://repozitar.cz/auth/repo/23507/344267/?info Address within Manager for the users outside IS https://repozitar.cz/repo/23507/344267/?info Uploaded/Created Tue 6/12/2016 00:51 Rights Right to read anyone on the Internet Right to upload Right to administer: a concrete person Mgr. Bc. Růžena Zemanová, uco 134451 a concrete person RNDr. Daniel Jakubík, uco 139797 Attributes
	Proposed_Approach_for_Targeted_Attacks_Detection.pdf	2/9/2020
Properties Name Proposed_Approach_for_Targeted_Attacks_Detection.pdf Address within IS https://repozitar.cz/auth/repo/23507/899476/ Address for the users outside IS https://repozitar.cz/repo/23507/899476/ Address within Manager https://repozitar.cz/auth/repo/23507/899476/?info Address within Manager for the users outside IS https://repozitar.cz/repo/23507/899476/?info Uploaded/Created Wed 2/9/2020 10:18 Rights Right to read anyone on the Internet Right to upload Right to administer: a concrete person Mgr. Lucie Vařechová, uco 106253 a concrete person RNDr. Daniel Jakubík, uco 139797 a concrete person Mgr. Jolana Surýnková, uco 220973 Attributes

Print
Add to clipboard Displayed: 9/5/2024 01:04

Detailed Information on Publication Record

Properties

Rights

Properties

Rights

Other applications