Mitigating Advanced Persistent Threats Using A Combined Static-Rule And Machine Learning-Based Technique

ADELAIYE, Oluwasegun

dc.contributor.author	ADELAIYE, Oluwasegun
dc.date.accessioned	2024-05-21T11:20:16Z
dc.date.available	2024-05-21T11:20:16Z
dc.date.issued	2019
dc.identifier.citation	3. Adelaiye, O., & Ajibola, A. (2019). Mitigating Advanced Persistent Threats Using A Combined Static-Rule And Machine Learning-Based Technique. In 2019 15th International Conference on Electronics, Computer and Computation (ICECCO) (pp. 1-6). IEEE.	en_US
dc.identifier.uri	http://localhost:8080/xmlui/handle/123456789/1266
dc.description.abstract	Advanced Persistent Threat is a targeted attack method used to maintain undetected unauthorized access over an extended period to exfiltrate valuable data. The inability of traditional methods in mitigating this attack is a major problem, which poses huge threats to organizations. This paper proposes the combined use of pattern recognition and machine learning based techniques in militating the attack. Using basic statistical test approach, a dataset containing 1,047,908 PCAP instances is analyzed and results show patterns exist in identifying between malicious data traffic and normal data traffic. The machine learning on the other hand, is evaluated using three algorithms successfully: KNN, Decision Tree and Random Forest. All algorithms showed very high accuracies in correctly classifying the data traffic. Using the algorithm with the highest accuracy, Random Forest is optimized for better effectiveness.	en_US
dc.language.iso	en	en_US
dc.publisher	IEEE	en_US
dc.subject	Information Security	en_US
dc.subject	Traffic analysis	en_US
dc.subject	Intrusion detection	en_US
dc.subject	Zero-day	en_US
dc.subject	Packet capture	en_US
dc.title	Mitigating Advanced Persistent Threats Using A Combined Static-Rule And Machine Learning-Based Technique	en_US
dc.type	Article	en_US