Advanced Persistent Threats (APTs) represent the most challenging threats to the security and safety of the cyber landscape. APTs are human-driven attacks backed by complex strategies that combine multidisciplinary skills in information technology, intelligence, and psychology. Defending large organisations with tens of thousands of hosts requires similar multi-factor approaches. We propose a novel framework that combines different techniques based on big data analytics and security intelligence to support human analysts in prioritising the hosts that are most likely to be compromised. We show that the collection and integration of internal and external indicators represents a step forward with respect to the state of the art in the field of early detection and mitigation of APT activities.

Countering Advanced Persistent Threats through Security Intelligence and Big Data Analytics / Marchetti, Mirco; Pierazzi, Fabio; Guido, Alessandro; Colajanni, Michele. - (2016), pp. 243-261. ((Intervento presentato al convegno IEEE CyCon 2016 tenutosi a Tallinn, Estonia nel June 2016.

Countering Advanced Persistent Threats through Security Intelligence and Big Data Analytics

MARCHETTI, Mirco;PIERAZZI, FABIO;GUIDO, ALESSANDRO;COLAJANNI, Michele
2016

Abstract

Advanced Persistent Threats (APTs) represent the most challenging threats to the security and safety of the cyber landscape. APTs are human-driven attacks backed by complex strategies that combine multidisciplinary skills in information technology, intelligence, and psychology. Defending large organisations with tens of thousands of hosts requires similar multi-factor approaches. We propose a novel framework that combines different techniques based on big data analytics and security intelligence to support human analysts in prioritising the hosts that are most likely to be compromised. We show that the collection and integration of internal and external indicators represents a step forward with respect to the state of the art in the field of early detection and mitigation of APT activities.
2016
IEEE CyCon 2016
Tallinn, Estonia
June 2016
243
261
Marchetti, Mirco; Pierazzi, Fabio; Guido, Alessandro; Colajanni, Michele
Countering Advanced Persistent Threats through Security Intelligence and Big Data Analytics / Marchetti, Mirco; Pierazzi, Fabio; Guido, Alessandro; Colajanni, Michele. - (2016), pp. 243-261. ((Intervento presentato al convegno IEEE CyCon 2016 tenutosi a Tallinn, Estonia nel June 2016.
File in questo prodotto:
File Dimensione Formato  
cycon2016.pdf

non disponibili

Descrizione: Articolo principale
Tipologia: Versione dell'editore (versione pubblicata)
Dimensione 2.85 MB
Formato Adobe PDF
2.85 MB Adobe PDF   Visualizza/Apri   Richiedi una copia
Pubblicazioni consigliate

Caricamento pubblicazioni consigliate

Licenza Creative Commons
I metadati presenti in IRIS UNIMORE sono rilasciati con licenza Creative Commons CC0 1.0 Universal, mentre i file delle pubblicazioni sono rilasciati con licenza Attribuzione 4.0 Internazionale (CC BY 4.0), salvo diversa indicazione.
In caso di violazione di copyright, contattare Supporto Iris

Utilizza questo identificativo per citare o creare un link a questo documento: http://hdl.handle.net/11380/1135127
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 24
  • ???jsp.display-item.citation.isi??? 13
social impact