Advanced Persistent Threats (APTs) represent the most challenging threats to the security and safety of the cyber landscape. APTs are human-driven attacks backed by complex strategies that combine multidisciplinary skills in information technology, intelligence, and psychology. Defending large organisations with tens of thousands of hosts requires similar multi-factor approaches. We propose a novel framework that combines different techniques based on big data analytics and security intelligence to support human analysts in prioritising the hosts that are most likely to be compromised. We show that the collection and integration of internal and external indicators represents a step forward with respect to the state of the art in the field of early detection and mitigation of APT activities.
Countering Advanced Persistent Threats through Security Intelligence and Big Data Analytics / Marchetti, Mirco; Pierazzi, Fabio; Guido, Alessandro; Colajanni, Michele. - (2016), pp. 243-261. (Intervento presentato al convegno IEEE CyCon 2016 tenutosi a Tallinn, Estonia nel June 2016).
Countering Advanced Persistent Threats through Security Intelligence and Big Data Analytics
MARCHETTI, Mirco;PIERAZZI, FABIO;GUIDO, ALESSANDRO;COLAJANNI, Michele
2016
Abstract
Advanced Persistent Threats (APTs) represent the most challenging threats to the security and safety of the cyber landscape. APTs are human-driven attacks backed by complex strategies that combine multidisciplinary skills in information technology, intelligence, and psychology. Defending large organisations with tens of thousands of hosts requires similar multi-factor approaches. We propose a novel framework that combines different techniques based on big data analytics and security intelligence to support human analysts in prioritising the hosts that are most likely to be compromised. We show that the collection and integration of internal and external indicators represents a step forward with respect to the state of the art in the field of early detection and mitigation of APT activities.File | Dimensione | Formato | |
---|---|---|---|
cycon2016.pdf
Accesso riservato
Descrizione: Articolo principale
Tipologia:
Versione pubblicata dall'editore
Dimensione
2.85 MB
Formato
Adobe PDF
|
2.85 MB | Adobe PDF | Visualizza/Apri Richiedi una copia |
Pubblicazioni consigliate
I metadati presenti in IRIS UNIMORE sono rilasciati con licenza Creative Commons CC0 1.0 Universal, mentre i file delle pubblicazioni sono rilasciati con licenza Attribuzione 4.0 Internazionale (CC BY 4.0), salvo diversa indicazione.
In caso di violazione di copyright, contattare Supporto Iris