Multi-stage detection method for APT attack based on sample feature reinforcement
Given the problems that the current APT attack detection methods were difficult to perceive the diversity of stage flow features and generally hard to detect the long duration APT attack sequences and potential APT attacks with different attack stages, a multi-stage detection method for APT attack b...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2022-12-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2022238/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841539951343173632 |
|---|---|
| author | Lixia XIE Xueou LI Hongyu YANG Liang ZHANG Xiang CHENG |
| author_facet | Lixia XIE Xueou LI Hongyu YANG Liang ZHANG Xiang CHENG |
| author_sort | Lixia XIE |
| collection | DOAJ |
| description | Given the problems that the current APT attack detection methods were difficult to perceive the diversity of stage flow features and generally hard to detect the long duration APT attack sequences and potential APT attacks with different attack stages, a multi-stage detection method for APT attack based on sample feature reinforcement was proposed.Firstly, the malicious flow was divided into different attack stages and the APT attack identification sequences were constructed by analyzing the characteristics of the APT attack.In addition, sequence generative adversarial network was used to simulate the generation of identification sequences in the multi-stage of APT attacks.Sample feature reinforcement was achieved by increasing the number of sequence samples in different stages, which improved the diversity of multi-stage sample features.Finally, a multi-stage detection network was proposed.Based on the multi-stage perceptual attention mechanism, the extracted multi-stage flow features and identification sequences were calculated by attention to obtain the stage feature vectors.The feature vectors were used as auxiliary information to splice with the identification sequences.The detection model’s perception ability in different stages was enhanced and the detection accuracy was improved.The experimental results show that the proposed method has remarkable detection effects on two benchmark datasets and has better effects on multi-class potential APT attacks than other models. |
| format | Article |
| id | doaj-art-009a8e1e719c46e8b6e3bcb2e3dfae65 |
| institution | Kabale University |
| issn | 1000-436X |
| language | zho |
| publishDate | 2022-12-01 |
| publisher | Editorial Department of Journal on Communications |
| record_format | Article |
| series | Tongxin xuebao |
| spelling | doaj-art-009a8e1e719c46e8b6e3bcb2e3dfae652025-01-14T06:28:35ZzhoEditorial Department of Journal on CommunicationsTongxin xuebao1000-436X2022-12-0143667659390912Multi-stage detection method for APT attack based on sample feature reinforcementLixia XIEXueou LIHongyu YANGLiang ZHANGXiang CHENGGiven the problems that the current APT attack detection methods were difficult to perceive the diversity of stage flow features and generally hard to detect the long duration APT attack sequences and potential APT attacks with different attack stages, a multi-stage detection method for APT attack based on sample feature reinforcement was proposed.Firstly, the malicious flow was divided into different attack stages and the APT attack identification sequences were constructed by analyzing the characteristics of the APT attack.In addition, sequence generative adversarial network was used to simulate the generation of identification sequences in the multi-stage of APT attacks.Sample feature reinforcement was achieved by increasing the number of sequence samples in different stages, which improved the diversity of multi-stage sample features.Finally, a multi-stage detection network was proposed.Based on the multi-stage perceptual attention mechanism, the extracted multi-stage flow features and identification sequences were calculated by attention to obtain the stage feature vectors.The feature vectors were used as auxiliary information to splice with the identification sequences.The detection model’s perception ability in different stages was enhanced and the detection accuracy was improved.The experimental results show that the proposed method has remarkable detection effects on two benchmark datasets and has better effects on multi-class potential APT attacks than other models.http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2022238/APT attack detectionmulti-stage flow featuresample feature reinforcementmulti-stage perceptual attention |
| spellingShingle | Lixia XIE Xueou LI Hongyu YANG Liang ZHANG Xiang CHENG Multi-stage detection method for APT attack based on sample feature reinforcement Tongxin xuebao APT attack detection multi-stage flow feature sample feature reinforcement multi-stage perceptual attention |
| title | Multi-stage detection method for APT attack based on sample feature reinforcement |
| title_full | Multi-stage detection method for APT attack based on sample feature reinforcement |
| title_fullStr | Multi-stage detection method for APT attack based on sample feature reinforcement |
| title_full_unstemmed | Multi-stage detection method for APT attack based on sample feature reinforcement |
| title_short | Multi-stage detection method for APT attack based on sample feature reinforcement |
| title_sort | multi stage detection method for apt attack based on sample feature reinforcement |
| topic | APT attack detection multi-stage flow feature sample feature reinforcement multi-stage perceptual attention |
| url | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2022238/ |
| work_keys_str_mv | AT lixiaxie multistagedetectionmethodforaptattackbasedonsamplefeaturereinforcement AT xueouli multistagedetectionmethodforaptattackbasedonsamplefeaturereinforcement AT hongyuyang multistagedetectionmethodforaptattackbasedonsamplefeaturereinforcement AT liangzhang multistagedetectionmethodforaptattackbasedonsamplefeaturereinforcement AT xiangcheng multistagedetectionmethodforaptattackbasedonsamplefeaturereinforcement |