高级持续性威胁中攻击特征的分析与检测

Abstract

Abstract: Aiming at the detection problems of advanced persistent threats, we proposed a detection method based on the attributes of network connection. Through four steps of data acquisition, characteristic extraction, anomaly detection and realtime alarm, we selected 12 kinds of attributes of network connection and applied machine learning methods to analyze attribute feature data set, and established detection model of advanced persistent threat attacks. Experimental results show that the proposed method has good detection performance for advanced persistent threat attacks, high detection rate and low false alarm rate.

Key words: advanced persistent threat, attack characteristics, network security detection, machine learning

CLC Number:

TP393

DONG Gang, YU Wei, XUAN Guangzhe. Analysis and Detection of Attack Characteristics inAdvanced Persistent Threats#br#[J].Journal of Jilin University Science Edition, 2019, 57(2): 339-344.

[1]	WANG Chuhang, WANG Xue, HU Huangshui, ZHAO Hongwei, HAN Youjia. Secure Clustering Routing Protocol Based on Improved GA and Trust-Aware for Wireless Sensor Networks [J]. Journal of Jilin University Science Edition, 2021, 59(5): 1237-1244.
[2]	ZENG Hongzhi, SHI Hongsong. Network Intrusion Detection Method Based on Combination of Semi-supervised Technology and Active Learning [J]. Journal of Jilin University Science Edition, 2021, 59(4): 936-942.
[3]	LI Jiao, HU Huangshui, ZHAO Hongwei, LU Xiaofan. Improved LEACH Algorithm for Wireless Sensor Networks Based on Chaotic Genetic Algorithm [J]. Journal of Jilin University Science Edition, 2021, 59(4): 950-955.
[4]	WANG Hongzhi, GUO Manman, HU Huangshui, WU Shasha. Ethernet Communication Link Scheduling Method Based on Improved Fireworks Algorithm [J]. Journal of Jilin University Science Edition, 2021, 59(2): 359-364.
[5]	WU Jianan, WEN Zhihao, HE Manli, WU Jian, LI Nianfeng. Underwater Electric Field Communication Networking Algorithm Considering Environmental Impact [J]. Journal of Jilin University Science Edition, 2021, 59(1): 115-122.
[6]	WU Jianan, WU Jian, DI Huanshuang, WANG Yuying, LI Nianfeng. Load Balancing Clustering Control Algorithm of Imitation Box Fish Based on Logical Partition [J]. Journal of Jilin University Science Edition, 2020, 58(6): 1407-1414.
[7]	CHEN Ying, DONG Siyu. Fusion Method Based on Credible Wavelet Neural Network for Multisensor Data [J]. Journal of Jilin University Science Edition, 2020, 58(4): 953-959.
[8]	GUAN Naiyan, GUO Juanli. Optimal Control Algorithms for HighSpeed InternetCoverage in Heterogeneous Environments [J]. Journal of Jilin University Science Edition, 2020, 58(2): 343-348.
[9]	WANG Hongzhi, QI Xiaosha, HU Huangshui, WANG Xiaoyu. Adaptive Backoff Algorithm Based on MAC Layer Protocol [J]. Journal of Jilin University Science Edition, 2020, 58(2): 349-354.
[10]	LV Hongwu, ZHAO Hang, WANG Hongzhi, HU Huangshui. Fault Diagnosis Algorithm for MVBBased on Fuzzy Neural Network [J]. Journal of Jilin University Science Edition, 2020, 58(1): 104-108.
[11]	CHEN Hanlin, HU Ming, HU Jiejun, YAN Hui. Data and Energy Collaboration Routing Algorithm Based on VANET [J]. Journal of Jilin University Science Edition, 2019, 57(06): 1456-1464.
[12]	YUAN Helu, WEN Changji, WU Jianshuang, ZHU Yungang, YU Helong. Load Balancing Problem Based onGenetic Coral Reef Optimization Algorithm [J]. Journal of Jilin University Science Edition, 2019, 57(06): 1465-1471.
[13]	WANG Hui, RU Xinxin, DAI Tianwang, LOU Yalong, LIU Kun. Attack Profit Path Prediction Algorithm Based on NAPG Model [J]. Journal of Jilin University Science Edition, 2019, 57(5): 1169-1178.
[14]	WANG Hui, DAI Tianwang, RU Xinxin, LOU Yalong, AO Shan. Prediction Method of Node Attack Path Based on OptimizedAG [J]. Journal of Jilin University Science Edition, 2019, 57(04): 917-926.
[15]	ZHU Chaoping, REN Jiping. Heterogeneous Data Fusion Method of Internet ofThings Based on Intelligent Optimization Agorithm [J]. Journal of Jilin University Science Edition, 2019, 57(3): 627-632.

Analysis and Detection of Attack Characteristics inAdvanced Persistent Threats#br#

PDF (PC)

Like

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Metrics

Comments

Recommended 10