Advanced persistent threat (APT) is extremely dynamic. Recently, new modus and techniques have been developed rapidly to overcome known detection methods. This design proposed new approach through a combination of previously successful mitigation techniques especially based on the DNS traffic analysis that directly represents APT challenges. Our preliminary experiment shows better accuracy and faster response in detecting suspicious behavior.
|Number of pages||8|
|Journal||Far East Journal of Electronics and Communications|
|Publication status||Published - 1 Oct 2017|
- Anomaly detection
- Traffic analysis