ログイン
言語:

WEKO3
  • トップ
  • ランキング
To
lat lon distance
To

Field does not validate



インデックスリンク

インデックスツリー

メールアドレスを入力してください。

WEKO

One fine body…

WEKO

One fine body…

アイテム

  1. 学術雑誌論文
  2. 5 技術(工学)

Detecting Advanced Persistent Threat Exfiltration with Ensemble Deep Learning Tree Models and Novel Detection Metrics

http://hdl.handle.net/10228/0002001922
http://hdl.handle.net/10228/0002001922
1235fc05-a31c-4a63-8cd0-d3e9ff489e52
名前 / ファイル ライセンス アクション
10463076.pdf 10463076.pdf (3.0 MB)
Item type 共通アイテムタイプ(1)
公開日 2025-08-29
タイトル
タイトル Detecting Advanced Persistent Threat Exfiltration with Ensemble Deep Learning Tree Models and Novel Detection Metrics
言語 en
著者 Cai, Xiaojuan

× Cai, Xiaojuan

en Cai, Xiaojuan
Search repository
張, 海波

× 張, 海波

WEKO 35483
Scopus著者ID 57211858936
ORCiD 0000-0002-4275-405X
九工大研究者情報 100001768

ja 張, 海波
en Zhang, Haibo
Search repository
Ahmed, Chuadhry Mujeeb

× Ahmed, Chuadhry Mujeeb

en Ahmed, Chuadhry Mujeeb
Search repository
Koide, Hiroshi

× Koide, Hiroshi

en Koide, Hiroshi
Search repository
著作権関連情報
言語 en
権利情報Resource https://creativecommons.org/licenses/by/4.0/
権利情報 Copyright (c) 2025 The Authors. This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
抄録
内容記述タイプ Abstract
内容記述 Advanced Persistent Threats (APTs) involve attackers maintaining a long-term presence on victim systems, leading to the stealthy exfiltration of sensitive data during network transfers. Despite existing methods to detect and halt APT data exfiltration, these attacks continue to pose significant threats to sensitive information and result in substantial commercial losses. Current approaches primarily focus on preemptive measures, which are insufficient once early-stage detection fails due to a lack of continuous monitoring. We propose an effective and efficient network monitoring method to address this gap and detect APT exfiltration during data transfer. Our approach assumes the presence of an undetected APT attacker within the victim system. We examine data exfiltration across three exfiltration traffic environments: exfiltration over command control channels, exfiltration over transfer size limitations, and their combinations. We introduce two detection metrics: Package Transfer Rate and Byte Transfer Rate. Utilizing these metrics, we measure network traffic, categorize APT attack environments, and train deep neural network models, named EDXGB, using ensembled decision trees to predict APT exfiltration. Our method is validated on two public datasets and compared against six baseline methods. Additionally, we simulate real-world exfiltration scenarios by creating three exfiltration traffic environments for each dataset. The results demonstrate that our method effectively detects APT exfiltration across various network environments, enhancing data protection and secure transfer. The code is open source and available at https://github.com/cxjuan/EDXGB-for-APT.
言語 en
書誌情報 en : IEEE Access

巻 13, p. 81803-81822, 発行日 2025-01
出版社
出版者 IEEE
言語 en
キーワード
言語 en
主題Scheme Other
主題 Advanced persistent threat
キーワード
言語 en
主題Scheme Other
主題 data exfiltration
キーワード
言語 en
主題Scheme Other
主題 deep learning
キーワード
言語 en
主題Scheme Other
主題 privacy preserving
言語
言語 eng
資源タイプ
資源タイプ識別子 http://purl.org/coar/resource_type/c_6501
資源タイプ journal article
出版タイプ
出版タイプ VoR
出版タイプResource http://purl.org/coar/version/c_970fb48d4fbd8a85
DOI
識別子タイプ DOI
関連識別子 https://doi.org/10.1109/ACCESS.2025.3567772
ISSN
収録物識別子タイプ EISSN
収録物識別子 2169-3536
研究者情報
URL https://hyokadb02.jimu.kyutech.ac.jp/html/100001768_ja.html
論文ID(連携)
値 10463076
連携ID
値 14945
戻る
0
views
See details
Views

Versions

Ver.1 2025-08-29 12:01:12.722975
Show All versions

Share

Mendeley Twitter Facebook Print Addthis

Cite as

エクスポート

OAI-PMH
  • OAI-PMH JPCOAR 2.0
  • OAI-PMH JPCOAR 1.0
  • OAI-PMH DublinCore
  • OAI-PMH DDI
Other Formats
  • JSON
  • BIBTEX

Confirm

Powered by WEKO3

Powered by WEKO3