[go: up one dir, main page]

Seo et al., 2018 - Google Patents

Abnormal behavior detection to identify infected systems using the APChain algorithm and behavioral profiling

Seo et al., 2018

View PDF @Full View
Document ID
18060965117361734566
Author
Seo J
Lee S
Publication year
Publication venue
Security and Communication Networks

External Links

Snippet

Recent cyber‐attacks have used unknown malicious code or advanced attack techniques, such as zero‐day attacks, making them extremely difficult to detect using traditional intrusion detection systems. Botnet attacks, for example, are a very sophisticated type of cyber …
Continue reading at onlinelibrary.wiley.com (PDF) (other versions)

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/563Static detection by source code analysis
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/316User authentication by observing the pattern of computer usage, e.g. typical user behaviour
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection

Similar Documents

Publication Publication Date Title
Ghafir et al. Botdet: A system for real time botnet command and control traffic detection
US10887330B2 (en) Data surveillance for privileged assets based on threat streams
Ho et al. Statistical analysis of false positives and false negatives from real traffic with intrusion detection/prevention systems
Zeidanloo et al. A taxonomy of botnet detection techniques
WO2014129587A1 (en) Network monitoring device, network monitoring method, and network monitoring program
Damghani et al. Classification of attacks on IoT
Hoque et al. FFSc: a novel measure for low‐rate and high‐rate DDoS attack detection using multivariate data analysis
Kshirsagar et al. CPU load analysis & minimization for TCP SYN flood detection
Xue et al. Design and implementation of a malware detection system based on network behavior
Shafee Botnets and their detection techniques
Lu et al. Integrating traffics with network device logs for anomaly detection
Seo et al. Abnormal behavior detection to identify infected systems using the APChain algorithm and behavioral profiling
Nayak et al. Depth analysis on DoS & DDoS attacks
Tyagi et al. A novel HTTP botnet traffic detection method
Obeidat et al. Smart approach for botnet detection based on network traffic analysis
Choi et al. A model of analyzing cyber threats trend and tracing potential attackers based on darknet traffic
Hsu et al. Detecting Web‐Based Botnets Using Bot Communication Traffic Features
Abaid et al. Early detection of in-the-wild botnet attacks by exploiting network communication uniformity: An empirical study
Mohammed Network-based detection and prevention system against DNS-based attacks
Panimalar et al. A review on taxonomy of botnet detection
Anbar et al. Investigating study on network scanning techniques
Kumavat et al. Survey of Detection Techniques for DDoS Attacks
Baazeem Cybersecurity: BotNet Threat Detection Across the Seven-Layer ISO-OSI Model Using Machine Learning Techniques
Stetsenko et al. Signature-based intrusion detection hardware-software complex
Stiawan et al. Classification of habitual activities in behavior-based network detection