Advanced Persistent Threat intelligent profiling technique: A survey. (October 2022)
- Record Type:
- Journal Article
- Title:
- Advanced Persistent Threat intelligent profiling technique: A survey. (October 2022)
- Main Title:
- Advanced Persistent Threat intelligent profiling technique: A survey
- Authors:
- Tang, BinHui
Wang, JunFeng
Yu, Zhongkun
Chen, Bohan
Ge, Wenhan
Yu, Jian
Lu, TingTing - Abstract:
- Abstract: With the boom in Internet and information technology, cyber-attacks are becoming more frequent and sophisticated, especially Advanced Persistent Threat (APT) attacks. Unlike traditional attacks, APT attacks are more targeted, stealthy, and adversarial, rendering it challenging to manually analyze threat behaviors for APT detection, attribution, and response. Therefore, the research community has focused on intelligent defense methods. Intelligent threat profiling is dedicated to analyzing APT attacks and improving defense capability with Knowledge Graph and Deep Learning methods. With this insight, this paper provides the first systematic review of intelligent threat profiling techniques for APT attacks, covering three aspects: data, methods, and applications. The contents include data processing techniques, threat modeling, representation, reasoning methods, etc. Furthermore, this paper summarizes the latest research in applications, proposes the research framework and technical architecture, and provides insights into future research trends. This paper contributes to recognizing the advantages and challenges of intelligent threat profiling. It paves the way for integrating knowledge graphs and deep learning to achieve intelligent security. Graphical abstract: Highlights: The first review paper on intelligent threat profiling of Advanced Persistent Threat. Summarizes the research findings on three aspects: data, methods and applications. Proposes the researchAbstract: With the boom in Internet and information technology, cyber-attacks are becoming more frequent and sophisticated, especially Advanced Persistent Threat (APT) attacks. Unlike traditional attacks, APT attacks are more targeted, stealthy, and adversarial, rendering it challenging to manually analyze threat behaviors for APT detection, attribution, and response. Therefore, the research community has focused on intelligent defense methods. Intelligent threat profiling is dedicated to analyzing APT attacks and improving defense capability with Knowledge Graph and Deep Learning methods. With this insight, this paper provides the first systematic review of intelligent threat profiling techniques for APT attacks, covering three aspects: data, methods, and applications. The contents include data processing techniques, threat modeling, representation, reasoning methods, etc. Furthermore, this paper summarizes the latest research in applications, proposes the research framework and technical architecture, and provides insights into future research trends. This paper contributes to recognizing the advantages and challenges of intelligent threat profiling. It paves the way for integrating knowledge graphs and deep learning to achieve intelligent security. Graphical abstract: Highlights: The first review paper on intelligent threat profiling of Advanced Persistent Threat. Summarizes the research findings on three aspects: data, methods and applications. Proposes the research framework and technical architecture of intelligent threat profiling. Analyzes the challenges and provides insights into future research trends. … (more)
- Is Part Of:
- Computers & electrical engineering. Volume 103(2022)
- Journal:
- Computers & electrical engineering
- Issue:
- Volume 103(2022)
- Issue Display:
- Volume 103, Issue 2022 (2022)
- Year:
- 2022
- Volume:
- 103
- Issue:
- 2022
- Issue Sort Value:
- 2022-0103-2022-0000
- Page Start:
- Page End:
- Publication Date:
- 2022-10
- Subjects:
- Advanced Persistent Threat -- Threat profiling -- Knowledge graph -- Deep learning -- Deep graph learning -- Threat detection -- Threat attribution -- Threat response -- Threat intelligence -- Heterogeneous graph learning
Computer engineering -- Periodicals
Electrical engineering -- Periodicals
Electrical engineering -- Data processing -- Periodicals
Ordinateurs -- Conception et construction -- Périodiques
Électrotechnique -- Périodiques
Électrotechnique -- Informatique -- Périodiques
Computer engineering
Electrical engineering
Electrical engineering -- Data processing
Periodicals
Electronic journals
621.302854 - Journal URLs:
- http://www.sciencedirect.com/science/journal/00457906/ ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.compeleceng.2022.108261 ↗
- Languages:
- English
- ISSNs:
- 0045-7906
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.680000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 24061.xml