Al Darodjat, Irfan Husein and Lim, Charles (2017) Detecting Advanced Persistent Threat Attack Based On DNS Network Traffic Using Bayesnet Algorithm. Bachelor thesis, Swiss German University.
|
Text
Irfan Al Darodjat 12112016 TOC.pdf Download (249kB) | Preview |
|
Text
Irfan Al Darodjat 12112016 1.pdf Restricted to Registered users only Download (243kB) |
||
Text
Irfan Al Darodjat 12112016 2.pdf Restricted to Registered users only Download (937kB) |
||
Text
Irfan Al Darodjat 12112016 3.pdf Restricted to Registered users only Download (268kB) |
||
Text
Irfan Al Darodjat 12112016 4.pdf Restricted to Registered users only Download (434kB) |
||
Text
Irfan Al Darodjat 12112016 5.pdf Restricted to Registered users only Download (157kB) |
||
|
Text
Irfan Al Darodjat 12112016 Ref.pdf Download (212kB) | Preview |
Abstract
A new class of threats, known as Advanced Persistent Threats (APTs), has drawn increasing attention from researchers, primarily from the industrial security sector. APTs are cyber attacks executed by sophisticated and well-resourced adversaries targeting specific information in high-profile companies and governments. This research proposed a mechanism to detect APT threat based on DNS traffic using BayesNet classification algorithm. The validation of the classification is performed. The system successfully achieve 99.6% correctly classified instance. From 4 weeks of student and staff traffic, 223 true APT was found. This result means APT Threat exist in Swiss German University (SGU) DNS server. Feature of APT also can be found in DNS traffic. This research is a precursor in SGU highlighting the directions for future research of APT detection.
Item Type: | Thesis (Bachelor) |
---|---|
Uncontrolled Keywords: | Advanced Persistent Threat; APT; Sophisticated Attacks; Classification; DNS |
Subjects: | Q Science > QA Mathematics > QA76 Computer software > |
Divisions: | Faculty of Engineering and Information Technology > Department of Information Technology |
Depositing User: | Astuti Kusumaningrum |
Date Deposited: | 12 May 2020 09:24 |
Last Modified: | 12 May 2020 09:24 |
URI: | http://repository.sgu.ac.id/id/eprint/287 |
Actions (login required)
View Item |