advanced persistent threat - Explore the Science & Experts | ideXlab

Scan Science and Technology

Contact Leading Edge Experts & Companies

advanced persistent threat

The Experts below are selected from a list of 2019 Experts worldwide ranked by ideXlab platform

Jianting Ning – 1st expert on this subject based on the ideXlab platform

  • privacy preserving personal data operation on mobile cloud chances and challenges over advanced persistent threat
    Future Generation Computer Systems, 2018
    Co-Authors: Man Ho Allen Au, Rongxing Lu, Kaitai Alexander Liang, Jianting Ning

    Abstract:

    Abstract Bring your own devices have become a new symbol of industrial and education institutional culture to date. A single individual can gain access to personal data anytime at anywhere of his/her workplace due to the advanced WiFi/5G network and cloud technology. The most convenient way for us to access to cloud data is to use personal smartphone. However, smartphone is somewhat vulnerable (because of its innate disadvantage, e.g., low security protection and limited computation resource) while encountering with malicious attacks in open network. Mobile users may be the victims of a recent new type of attack – advanced persistent threat (APT), since attackers may penetrate into different levels of cloud and mobile infrastructures to eavesdrop, steal and temper data. This survey paper introduces some security/privacy risks on mobile cloud in the view point of applied cryptography. Meanwhile, it provides some insights as possible solutions for the risks.

  • Privacy-preserving personal data operation on mobile cloud—Chances and challenges over advanced persistent threat
    Future Generation Computer Systems, 2018
    Co-Authors: Man Ho Au, Kaitai Liang, J. K. Liu, Rongxing Lu, Jianting Ning

    Abstract:

    Bring your own devices have become a new symbol of industrial and education institutional culture to date. A single individual can gain access to personal data anytime at anywhere of his/her workplace due to the advanced WiFi/5G network and cloud technology. The most convenient way for us to access to cloud data is to use personal smartphone. However, smartphone is somewhat vulnerable (because of its innate disadvantage, e.g., low security protection and limited computation resource) while encountering with malicious attacks in open network. Mobile users may be the victims of a recent new type of attack – advanced persistent threat (APT), since attackers may penetrate into different levels of cloud and mobile infrastructures to eavesdrop, steal and temper data. This survey paper introduces some security/privacy risks on mobile cloud in the view point of applied cryptography. Meanwhile, it provides some insights as possible solutions for the risks.

Ibrahim Ghafir – 2nd expert on this subject based on the ideXlab platform

  • disguised executable files in spear phishing emails detecting the point of entry in advanced persistent threat
    International Conference on Future Networks, 2018
    Co-Authors: Ibrahim Ghafir, Vaclav Prenosil, Mohammad Hammoudeh, Francisco J Aparicionavarro, Khaled M Rabie, Ahmad Jabban

    Abstract:

    In recent years, cyber attacks have caused substantial financial losses and been able to stop fundamental public services. Among the serious attacks, advanced persistent threat (APT) has emerged as a big challenge to the cyber security hitting selected companies and organisations. The main objectives of APT are data exfiltration and intelligence appropriation. As part of the APT life cycle, an attacker creates a Point of Entry (PoE) to the target network. This is usually achieved by installing malware on the targeted machine to leave a back-door open for future access. A common technique employed to breach into the network, which involves the use of social engineering, is the spear phishing email. These phishing emails may contain disguised executable files. This paper presents the disguised executable file detection (DeFD) module, which aims at detecting disguised exe files transferred over the network connections. The detection is based on a comparison between the MIME type of the transferred file and the file name extension. This module was experimentally evaluated and the results show a successful detection of disguised executable files.

  • Defending against the advanced persistent threat: Detection of disguised executable files
    , 2018
    Co-Authors: Ibrahim Ghafir, Mohammad Hammoudeh, Vaclav Prenosil

    Abstract:

    advanced persistent threat (APT) is one of the most serious types of cyber attacks, which is a new and more complex version of multi-step attack. Within the APT life cycle, the most common technique used to get the point of entry is spear-phishing emails which may contain disguised executable files. This paper presents the disguised executable file detection (DeFD) module, which aims at detecting disguised exe files transferred over the connections. The detection is based on a comparison between the MIME type of the transferred file and the file name extension. This module was experimentally evaluated and the results show successful detection of disguised executable files.

  • detection of advanced persistent threat using machine learning correlation analysis
    Future Generation Computer Systems, 2018
    Co-Authors: Ibrahim Ghafir, Vaclav Prenosil, Mohammad Hammoudeh, Khaled M Rabie, Robert Hegarty, Francisco J Aparicionavarro

    Abstract:

    As one of the most serious types of cyber attack, advanced persistent threats (APT) have caused major concerns on a global scale. APT refers to a persistent, multi-stage attack with the intention to compromise the system and gain information from the targeted system, which has the potential to cause significant damage and substantial financial loss. The accurate detection and prediction of APT is an ongoing challenge. This work proposes a novel machine learning-based system entitled MLAPT, which can accurately and rapidly detect and predict APT attacks in a systematic way. The MLAPT runs through three main phases: (1) threat detection, in which eight methods have been developed to detect different techniques used during the various APT steps. The implementation and validation of these methods with real traffic is a significant contribution to the current body of research; (2) Alert correlation, in which a correlation framework is designed to link the outputs of the detection methods, aims to identify alerts that could be related and belong to a single APT scenario; and (3) Attack prediction, in which a machine learning-based prediction module is proposed based on the correlation framework output, to be used by the network security team to determine the probability of the early alerts to develop a complete APT attack. MLAPT is experimentally evaluated and the presented system is able to predict APT in its early steps with a prediction accuracy of 84.8%.

Rongxing Lu – 3rd expert on this subject based on the ideXlab platform

  • privacy preserving personal data operation on mobile cloud chances and challenges over advanced persistent threat
    Future Generation Computer Systems, 2018
    Co-Authors: Man Ho Allen Au, Rongxing Lu, Kaitai Alexander Liang, Jianting Ning

    Abstract:

    Abstract Bring your own devices have become a new symbol of industrial and education institutional culture to date. A single individual can gain access to personal data anytime at anywhere of his/her workplace due to the advanced WiFi/5G network and cloud technology. The most convenient way for us to access to cloud data is to use personal smartphone. However, smartphone is somewhat vulnerable (because of its innate disadvantage, e.g., low security protection and limited computation resource) while encountering with malicious attacks in open network. Mobile users may be the victims of a recent new type of attack – advanced persistent threat (APT), since attackers may penetrate into different levels of cloud and mobile infrastructures to eavesdrop, steal and temper data. This survey paper introduces some security/privacy risks on mobile cloud in the view point of applied cryptography. Meanwhile, it provides some insights as possible solutions for the risks.

  • Privacy-preserving personal data operation on mobile cloud—Chances and challenges over advanced persistent threat
    Future Generation Computer Systems, 2018
    Co-Authors: Man Ho Au, Kaitai Liang, J. K. Liu, Rongxing Lu, Jianting Ning

    Abstract:

    Bring your own devices have become a new symbol of industrial and education institutional culture to date. A single individual can gain access to personal data anytime at anywhere of his/her workplace due to the advanced WiFi/5G network and cloud technology. The most convenient way for us to access to cloud data is to use personal smartphone. However, smartphone is somewhat vulnerable (because of its innate disadvantage, e.g., low security protection and limited computation resource) while encountering with malicious attacks in open network. Mobile users may be the victims of a recent new type of attack – advanced persistent threat (APT), since attackers may penetrate into different levels of cloud and mobile infrastructures to eavesdrop, steal and temper data. This survey paper introduces some security/privacy risks on mobile cloud in the view point of applied cryptography. Meanwhile, it provides some insights as possible solutions for the risks.