Loading...
| Friend's email | |
| Your name | |
| Your email | |
| enter code | |
This page was sent successfuly
- Type of Document: M.Sc. Thesis
- Language: Farsi
- Document No: 53641 (19)
- University: Sharif University of Technology
- Department: Computer Engineering
- Advisor(s): Amini, Morteza
- Abstract:
- The long-term Attacks are some special multi-level attacks which remain inside of systems for a long time to finally perform the damage. One of the most famous kinds of these attacks is Advanced Persistent Threats. These kinds of attack are low-level, distributed inside of the network and their goal is stealing information or corrupting a process in the organization. Banks are one of the most vulnerable organizations which have suffered from these attacks, so the main purpose of this research is detecting them and give warning to the security admin. The goal of financial APTs is stealing money and to achieve that, they have to create some transactions and send them to the core banking. We have developed a framework with three stages that starts with fraud detection and ends with detecting security violations. By detecting malicious and abnormal transactions, using fraud detection techniques, we could traceback operations into the systems of the internal network. An APT malware always uses some direct or indirect violations of policies, so by using event correlation techniques and tracing memory transitions, we could find these violations and make sure that an APT has occurred in our case study. With using these two methods in our framework, we achieved more than 90 percent of accuracy and very low error rate. The evaluation was conducted on over 4500 real transactions and two main scenarios of financial attacks. The performance of the proposed approach is also completely suitable for big data processing in all stages
- Keywords:
- Advanced Persistent Treats ; Event Correlation ; Long Term APT Detection ; Financial Fraud Detection (FFD) ; Information Retrieval
Digital Object List
محتواي کتاب
Bookmark