Mitigating Advanced Persistent Threats Using A Combined Static-Rule And Machine Learning-Based Technique

ADELAIYE, Oluwasegun

Please use this identifier to cite or link to this item: http://localhost:8080/xmlui/handle/123456789/1266

Title:	Mitigating Advanced Persistent Threats Using A Combined Static-Rule And Machine Learning-Based Technique
Authors:	ADELAIYE, Oluwasegun
Keywords:	Information Security Traffic analysis Intrusion detection Zero-day Packet capture
Issue Date:	2019
Publisher:	IEEE
Citation:	3. Adelaiye, O., & Ajibola, A. (2019). Mitigating Advanced Persistent Threats Using A Combined Static-Rule And Machine Learning-Based Technique. In 2019 15th International Conference on Electronics, Computer and Computation (ICECCO) (pp. 1-6). IEEE.
Abstract:	Advanced Persistent Threat is a targeted attack method used to maintain undetected unauthorized access over an extended period to exfiltrate valuable data. The inability of traditional methods in mitigating this attack is a major problem, which poses huge threats to organizations. This paper proposes the combined use of pattern recognition and machine learning based techniques in militating the attack. Using basic statistical test approach, a dataset containing 1,047,908 PCAP instances is analyzed and results show patterns exist in identifying between malicious data traffic and normal data traffic. The machine learning on the other hand, is evaluated using three algorithms successfully: KNN, Decision Tree and Random Forest. All algorithms showed very high accuracies in correctly classifying the data traffic. Using the algorithm with the highest accuracy, Random Forest is optimized for better effectiveness.
URI:	http://localhost:8080/xmlui/handle/123456789/1266
Appears in Collections:	Research Articles

Files in This Item:

File	Description	Size	Format
Mitigating_Advanced_Persistent_Threats_Using_A_Combined_Static-Rule_And_Machine_Learning-Based_Technique.pdf		171.33 kB	Adobe PDF	View/Open

Show full item record