Detection of advanced persistent threat: A genetic programming approach

Created by W.Langdon from gp-bibliography.bib Revision:1.8414

@Article{Al-Mamun:2024:asoc,

• author = "Abdullah {Al Mamun} and Harith Al-Sahaf and Ian Welch and Masood Mansoori and Seyit Camtepe",
• title = "Detection of advanced persistent threat: A genetic programming approach",
• journal = "Applied Soft Computing",
• year = "2024",
• volume = "167",
• pages = "112447",
• keywords = "genetic algorithms, genetic programming, APT, Advanced Persistent Threat, Evolutionary computation, Machine Learning, CKC",
• ISSN = "1568-4946",
• URL = "https://www.sciencedirect.com/science/article/pii/S1568494624012213",
• DOI = "doi:10.1016/j.asoc.2024.112447",
• abstract = "Advanced Persistent Threats (APTs) are an intimidating class of cyberattacks known for their persistence, sophistication, and targeted nature. These attacks, coordinated by highly motivated adversaries, pose a grave risk to organizations and individuals, often operating stealthily and evading detection. While existing research primarily focuses on applying Machine Learning (ML) methods to analyse network traffic data for APT detection, this article introduces a novel approach that uses Genetic Programming (GP). The proposed method not only detects APT attacks but also identifies their specific life cycle stages through the evolutionary capabilities of GP. Its effectiveness lies in its ability to excel in detecting intricate patterns, even within classes with a limited number of instances, a feat that is often challenging for traditional ML techniques. The method involves evolving and optimising its models to effectively learn and adapt to complex APT behaviours. Experimentation with a publicly available dataset showcases the efficacy of the proposed method across diverse APT stages. The results demonstrate that the proposed method, GPC, achieves a 3.71percent improvement in balanced accuracy compared to the best-performing model from related works. Moreover, a thorough analysis of the best-evolved GP model uncovers valuable insights about identified features and significant patterns. This research advances the APT detection paradigm by leveraging GP's capabilities, providing a fresh and effective perspective on countering these persistent threats",

}

Genetic Programming entries for Abdullah Al Mamun Harith Al-Sahaf Ian Welch Masood Mansoori Seyit Camtepe

Citations