Detecting Advanced Persistent Threat Attack Based On DNS Network Traffic Using Bayesnet Algorithm

Al Darodjat, Irfan Husein and Lim, Charles (2017) Detecting Advanced Persistent Threat Attack Based On DNS Network Traffic Using Bayesnet Algorithm. Bachelor thesis, Swiss German University.

[img]
Preview
Text
Irfan Al Darodjat 12112016 TOC.pdf

Download (249kB) | Preview
[img] Text
Irfan Al Darodjat 12112016 1.pdf
Restricted to Registered users only

Download (243kB)
[img] Text
Irfan Al Darodjat 12112016 2.pdf
Restricted to Registered users only

Download (937kB)
[img] Text
Irfan Al Darodjat 12112016 3.pdf
Restricted to Registered users only

Download (268kB)
[img] Text
Irfan Al Darodjat 12112016 4.pdf
Restricted to Registered users only

Download (434kB)
[img] Text
Irfan Al Darodjat 12112016 5.pdf
Restricted to Registered users only

Download (157kB)
[img]
Preview
Text
Irfan Al Darodjat 12112016 Ref.pdf

Download (212kB) | Preview

Abstract

A new class of threats, known as Advanced Persistent Threats (APTs), has drawn increasing attention from researchers, primarily from the industrial security sector. APTs are cyber attacks executed by sophisticated and well-resourced adversaries targeting specific information in high-profile companies and governments. This research proposed a mechanism to detect APT threat based on DNS traffic using BayesNet classification algorithm. The validation of the classification is performed. The system successfully achieve 99.6% correctly classified instance. From 4 weeks of student and staff traffic, 223 true APT was found. This result means APT Threat exist in Swiss German University (SGU) DNS server. Feature of APT also can be found in DNS traffic. This research is a precursor in SGU highlighting the directions for future research of APT detection.

Item Type: Thesis (Bachelor)
Uncontrolled Keywords: Advanced Persistent Threat; APT; Sophisticated Attacks; Classification; DNS
Subjects: Q Science > QA Mathematics > QA76 Computer software >
Divisions: Faculty of Engineering and Information Technology > Department of Information Technology
Depositing User: Astuti Kusumaningrum
Date Deposited: 12 May 2020 09:24
Last Modified: 12 May 2020 09:24
URI: http://repository.sgu.ac.id/id/eprint/287

Actions (login required)

View Item View Item