Abstract
Advanced persistent threat (APT) is extremely dynamic. Recently, new modus and techniques have been developed rapidly to overcome known detection methods. This design proposed new approach through a combination of previously successful mitigation techniques especially based on the DNS traffic analysis that directly represents APT challenges. Our preliminary experiment shows better accuracy and faster response in detecting suspicious behavior.
Original language | English |
---|---|
Pages (from-to) | 1221-1228 |
Number of pages | 8 |
Journal | Far East Journal of Electronics and Communications |
Volume | 17 |
Issue number | 5 |
DOIs | |
Publication status | Published - Oct 2017 |
Keywords
- APT
- Anomaly detection
- DNS
- Traffic analysis