Skip to Main content Skip to Navigation
Conference papers

Multi-agent System for APT Detection

Abstract : Advanced Persistent Threats (APTs) are targeted cyber attacks committed over a long period of time by highly skilled attackers. The ever increasing number of successful attacks indicates that classical network protection solutions (firewalls, Intrusion Detections Systems, proxies etc.) are no longer sufficient. Therefore, in this paper we propose a new system that combines multiples approaches using advanced aggregation techniques to achieve a better detection performance. We also test the system on real data from a small corporate network, and show that our system is able to attain a high probability of detection to probability of false alarm ratio.
Document type :
Conference papers
Complete list of metadata

Cited literature [4 references]  Display  Hide  Download

https://hal.archives-ouvertes.fr/hal-01525732
Contributor : Thibault Debatty Connect in order to contact the contributor
Submitted on : Tuesday, May 23, 2017 - 12:56:18 PM
Last modification on : Monday, May 29, 2017 - 11:34:02 AM
Long-term archiving on: : Friday, August 25, 2017 - 12:43:22 AM

File

rsda2014-mees-debatty.pdf
Files produced by the author(s)

Identifiers

Collections

Citation

Wim Mees, Thibault Debatty. Multi-agent System for APT Detection. 2014 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW 2014), Nov 2014, Naples, Italy. pp.401-406, ⟨10.1109/ISSREW.2014.86⟩. ⟨hal-01525732⟩

Share

Metrics

Les métriques sont temporairement indisponibles