Publication | Open Access
A New Realistic Benchmark for Advanced Persistent Threats in Network Traffic
26
Citations
10
References
2022
Year
Internet Traffic AnalysisEngineeringMachine LearningInformation SecurityNetwork AnalysisTargeted AttackData ScienceData MiningDenial-of-service AttackNetwork TrafficNew Realistic BenchmarkNetwork Traffic MeasurementNetwork FlowsSecurity DiagnosticsDdos DetectionIntrusion Detection SystemThreat DetectionNetworked Computer SystemsComputer ScienceThreat CharacterizationData SecurityNetwork ScienceEdge ComputingVulnerability DiscoveryAdvanced Persistent ThreatsCyber Threat IntelligenceAdvanced Persistent Threat
In order to define a benchmark for Machine Learning (ML)-based Advanced Persistent Threat (APT) detection in the network traffic, this letter presents SCVIC-APT-2021, a new dataset that can realistically represent the contemporary network architecture and APT characteristics. Following upon this, an ML-based Attack Centric Method (ACM) is introduced to evaluate the APT detection performance on the generated dataset. Furthermore, ACM has been shown to outperform the baseline approaches with a maximum macro average F1 score of 82.27% corresponding to 9.4% improvement with respect to the baseline performance.
| Year | Citations | |
|---|---|---|
Page 1
Page 1