Hidden Markov models for advanced persistent threats

Guillaume Brogi; Elena Di Bernardino

首页> 外文期刊>International Journal of Security and Networks >Hidden Markov models for advanced persistent threats

【24h】

Hidden Markov models for advanced persistent threats

机译：隐藏的马尔可夫模型，用于高级持久威胁

获取原文

获取原文并翻译 | 示例

掌桥外文数据库（机构版） >>

开具论文收录证明 >>

文献代查 >>

页面导航

摘要
著录项
相似文献
相关主题

摘要

Advanced persistent threats (APT) are a serious security risk and tools suited to their detection are needed. These attack campaigns do leave traces in the system, and it is possible to reconstruct part of the attack campaign from these traces. In this article, we describe a hidden Markov model for the evolution of an APT. The aim of this model is to validate whether the evolution of the partially reconstructed attack campaigns are indeed consistent with the evolution of an APT. Since APTs are hard to detect, we also introduce a score to take into account potentially undetected attacks. In addition, the score also allows comparing the fit of APTs of different lengths. We validate and illustrate both the model and the score using data obtained from experts.

机译：高级持久威胁（APT）是一个严重的安全风险，需要适合其检测的工具。这些攻击活动确实在系统中留下追踪，并且可以从这些迹线重建部分攻击活动。在本文中，我们描述了一个APT演变的隐马尔可夫模型。该模型的目的是验证部分重建的攻击运动的演变是否确实与APT的演变一致。由于APTS难以检测，我们还介绍了一个分数来考虑潜在未被发现的攻击。此外，分数还允许比较不同长度的APTS的拟合。我们使用专家获得的数据进行验证和说明模型和分数。

著录项

来源
《International Journal of Security and Networks》 |2019年第4期|共10页
作者
Guillaume Brogi; Elena Di Bernardino;
展开▼
作者单位

Akheros France;

Département IMATH Conservatoire National des Arts et Métiers;

展开▼
收录信息
原文格式 PDF
正文语种 eng
中图分类计算技术、计算机技术;
关键词
intrusion detection; advanced persistent threats; APT; attack campaign; machine learning; hidden Markov models; HMM; score; missing observations; undetected attacks; expert knowledge;

机译：入侵检测;高级持续威胁;APT;攻击活动;机器学习;隐藏的马尔可夫模型;嗯;得分;缺少观察;未被发现的攻击;专家知识;

相似文献

外文文献
中文文献
专利

1. Hidden Markov models for advanced persistent threats [J] . Guillaume Brogi, Elena Di Bernardino International Journal of Security and Networks . 2019,第4期

机译：隐藏的马尔可夫模型，用于高级持久威胁
2. An evolutionary multi-hidden Markov model for intelligent threat sensing in industrial internet of things [J] . Khan Mohammad Ayoub, Abuhasel Khaled Ali Journal of supercomputing . 2021,第6期

机译：一种进化多隐马尔可夫Markov模型，用于工业互联网互联网智能威胁感
3. Modeling social worm propagation for advanced persistent threats [J] . Peng Zhou, Xiaojing Gu, Surya Nepal, Computers & Security . 2021,第Sepa期

机译：建模社会蠕虫传播，以实现高级持续威胁
4. Modelling the Impact of Threat Intelligence on Advanced Persistent Threat Using Games [C] . Andrew Fielder From Lambda Calculus to Cybersecutity Through Program Analysis Conference . 2019

机译：使用游戏模拟威胁情报对高级持久威胁的影响
5. Modern Methods of Hidden Markov Models and Partially Observable Markov Decision Processes in Biostatistics [D] . Xu, Zekun. 2020

机译：隐藏马尔可夫模型的现代方法和止痛性的部分可观察马尔可夫决策过程
6. Conformational Heterogeneity in the Michaelis Complex of Lactate Dehydrogenase: An Analysis of Vibrational Spectroscopy Using Markov and Hidden Markov Models [O] . Xiaoliang Pan, Steven D. Schwartz -1

机译：乳酸脱氢酶Michaelis复合物中的构象异质性：使用马尔可夫和隐马尔可夫模型的振动光谱分析
7. Hidden Markov Models and Alert Correlations for the Prediction of Advanced Persistent Threats [O] . Ibrahim Ghafir, Konstantinos G. Kyriakopoulos, Sangarapillai Lambotharan, 2019

机译：隐藏的马尔可夫模型和警报相关性，以预测高级持久威胁
8. General Markov Modeling of Pop-Up Threats with Applications to Persistent Area Denial [R] . Liu, Y. , Cruz, J. J. , Schumacher, C. J. 2006

机译：弹道威胁的一般马尔可夫模型及其在持久区域拒绝中的应用

Hidden Markov models for advanced persistent threats

摘要

著录项

相似文献

相关主题

期刊订阅