• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

关于高级持续性威胁(APT)检测与有效网络态势感知(ECSA)概念模型的系统文献综述。

A systematic literature review for APT detection and Effective Cyber Situational Awareness (ECSA) conceptual model.

作者信息

Salim Duraid Thamer, Singh Manmeet Mahinderjit, Keikhosrokiani Pantea

机构信息

School of Computer Sciences, Universiti Sains Malaysia, Penang, 11800, Malaysia.

Department of Computer Science, College of Basic Education, Mustansiriyah University, Baghdad, Iraq.

出版信息

Heliyon. 2023 Jun 16;9(7):e17156. doi: 10.1016/j.heliyon.2023.e17156. eCollection 2023 Jul.

DOI:10.1016/j.heliyon.2023.e17156
PMID:37449192
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC10336420/
Abstract

Advancements in computing technology and the growing number of devices (e.g., computers, mobile) connected to networks have contributed to an increase in the amount of data transmitted between devices. These data are exposed to various types of cyberattacks, one of which is advanced persistent threats (APTs). APTs are stealthy and focus on sophisticated, specific targets. One reason for the detection failure of APTs is the nature of the attack pattern, which changes rapidly based on advancements in hacking. The need for future researchers to understand the gap in the literature regarding APT detection and to explore improved detection techniques has become crucial. Thus, this systematic literature review (SLR) examines the different approaches used to detect APT attacks directed at the network system in terms of approach and assessment metrics. The SLR includes papers on computer, mobile, and internet of things (IoT) technologies. We performed an SLR by searching six leading scientific databases to identify 75 studies that were published from 2012 to 2022. The findings from the SLR are discussed in terms of the literature's research gaps, and the study provides essential recommendations for designing a model for early APT detection. We propose a conceptual model known as the Effective Cyber Situational Awareness Model to Detect and Predict Mobile APTs (ECSA-tDP-MAPT), designed to effectively detect and predict APT attacks on mobile network traffic.

摘要

计算技术的进步以及连接到网络的设备(如计算机、移动设备)数量的不断增加,导致了设备之间传输的数据量有所增长。这些数据面临各种类型的网络攻击,其中之一就是高级持续性威胁(APTs)。高级持续性威胁具有隐蔽性,且专注于复杂的特定目标。高级持续性威胁检测失败的一个原因是攻击模式的性质,它会随着黑客技术的进步而迅速变化。未来研究人员了解文献中关于高级持续性威胁检测的差距并探索改进检测技术的需求变得至关重要。因此,本系统文献综述(SLR)从方法和评估指标方面研究了用于检测针对网络系统的高级持续性威胁攻击的不同方法。该系统文献综述涵盖了关于计算机、移动设备和物联网(IoT)技术的论文。我们通过搜索六个领先的科学数据库进行了系统文献综述,以识别2012年至2022年发表的75项研究。根据文献的研究差距讨论了系统文献综述的结果,该研究为设计早期高级持续性威胁检测模型提供了重要建议。我们提出了一个概念模型,称为检测和预测移动高级持续性威胁的有效网络态势感知模型(ECSA - tDP - MAPT),旨在有效检测和预测对移动网络流量的高级持续性威胁攻击。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b9ec/10336420/c65f009e9c1e/gr13.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b9ec/10336420/9d7094646a32/gr1.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b9ec/10336420/ff167a11c68a/gr2.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b9ec/10336420/2e8c4822f324/gr3.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b9ec/10336420/2e2fe0a3dd70/gr4.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b9ec/10336420/06804795e0e8/gr5.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b9ec/10336420/70a81dfe055d/gr6.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b9ec/10336420/902a286dd813/gr7.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b9ec/10336420/7d680bb42298/gr8.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b9ec/10336420/3ad1fa239921/gr9.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b9ec/10336420/0445dd969a60/gr10.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b9ec/10336420/9b67eaed76ae/gr11.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b9ec/10336420/f02d09102d1f/gr12.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b9ec/10336420/c65f009e9c1e/gr13.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b9ec/10336420/9d7094646a32/gr1.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b9ec/10336420/ff167a11c68a/gr2.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b9ec/10336420/2e8c4822f324/gr3.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b9ec/10336420/2e2fe0a3dd70/gr4.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b9ec/10336420/06804795e0e8/gr5.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b9ec/10336420/70a81dfe055d/gr6.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b9ec/10336420/902a286dd813/gr7.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b9ec/10336420/7d680bb42298/gr8.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b9ec/10336420/3ad1fa239921/gr9.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b9ec/10336420/0445dd969a60/gr10.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b9ec/10336420/9b67eaed76ae/gr11.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b9ec/10336420/f02d09102d1f/gr12.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b9ec/10336420/c65f009e9c1e/gr13.jpg

相似文献

1
A systematic literature review for APT detection and Effective Cyber Situational Awareness (ECSA) conceptual model.关于高级持续性威胁(APT)检测与有效网络态势感知(ECSA)概念模型的系统文献综述。
Heliyon. 2023 Jun 16;9(7):e17156. doi: 10.1016/j.heliyon.2023.e17156. eCollection 2023 Jul.
2
Exploration of Mobile Device Behavior for Mitigating Advanced Persistent Threats (APT): A Systematic Literature Review and Conceptual Framework.移动设备行为缓解高级持续性威胁(APT)的探索:系统文献综述与概念框架。
Sensors (Basel). 2022 Jun 21;22(13):4662. doi: 10.3390/s22134662.
3
Cyber Situation Comprehension for IoT Systems based on APT Alerts and Logs Correlation.基于 APT 警报和日志关联的物联网系统网络安全态势感知
Sensors (Basel). 2019 Sep 19;19(18):4045. doi: 10.3390/s19184045.
4
Cyber-Internet Security Framework to Conquer Energy-Related Attacks on the Internet of Things with Machine Learning Techniques.网络-互联网安全框架,利用机器学习技术攻克物联网相关网络攻击。
Comput Intell Neurosci. 2022 Sep 29;2022:8803586. doi: 10.1155/2022/8803586. eCollection 2022.
5
Realguard: A Lightweight Network Intrusion Detection System for IoT Gateways.瑞尔卫士:物联网网关的轻量级网络入侵检测系统。
Sensors (Basel). 2022 Jan 7;22(2):432. doi: 10.3390/s22020432.
6
Influence of Human Factors on Cyber Security within Healthcare Organisations: A Systematic Review.人为因素对医疗机构网络安全的影响:系统综述。
Sensors (Basel). 2021 Jul 28;21(15):5119. doi: 10.3390/s21155119.
7
Detection of Middlebox-Based Attacks in Healthcare Internet of Things Using Multiple Machine Learning Models.基于多种机器学习模型的医疗物联网中基于中间盒的攻击检测。
Comput Intell Neurosci. 2022 Nov 28;2022:2037954. doi: 10.1155/2022/2037954. eCollection 2022.
8
End-to-End Deep Neural Networks and Transfer Learning for Automatic Analysis of Nation-State Malware.用于自动分析国家恶意软件的端到端深度神经网络与迁移学习
Entropy (Basel). 2018 May 22;20(5):390. doi: 10.3390/e20050390.
9
Towards Deep-Learning-Driven Intrusion Detection for the Internet of Things.迈向基于深度学习驱动的物联网入侵检测
Sensors (Basel). 2019 Apr 27;19(9):1977. doi: 10.3390/s19091977.
10
APT Attack Detection Scheme Based on CK Sketch and DNS Traffic.基于 CK 草图和 DNS 流量的 APT 攻击检测方案
Sensors (Basel). 2023 Feb 16;23(4):2217. doi: 10.3390/s23042217.

本文引用的文献

1
Exploration of Mobile Device Behavior for Mitigating Advanced Persistent Threats (APT): A Systematic Literature Review and Conceptual Framework.移动设备行为缓解高级持续性威胁(APT)的探索:系统文献综述与概念框架。
Sensors (Basel). 2022 Jun 21;22(13):4662. doi: 10.3390/s22134662.
2
Machine Learning: Algorithms, Real-World Applications and Research Directions.机器学习:算法、实际应用与研究方向。
SN Comput Sci. 2021;2(3):160. doi: 10.1007/s42979-021-00592-x. Epub 2021 Mar 22.
3
A review of threat modelling approaches for APT-style attacks.
针对高级持续性威胁(APT)式攻击的威胁建模方法综述。
Heliyon. 2021 Jan 16;7(1):e05969. doi: 10.1016/j.heliyon.2021.e05969. eCollection 2021 Jan.
4
IoT Botnet Attack Detection Based on Optimized Extreme Gradient Boosting and Feature Selection.基于优化极端梯度提升和特征选择的物联网僵尸网络攻击检测。
Sensors (Basel). 2020 Nov 6;20(21):6336. doi: 10.3390/s20216336.
5
Cyber Situation Comprehension for IoT Systems based on APT Alerts and Logs Correlation.基于 APT 警报和日志关联的物联网系统网络安全态势感知
Sensors (Basel). 2019 Sep 19;19(18):4045. doi: 10.3390/s19184045.
6
Smartphones and Cognition: A Review of Research Exploring the Links between Mobile Technology Habits and Cognitive Functioning.智能手机与认知:探索移动技术使用习惯与认知功能之间联系的研究综述。
Front Psychol. 2017 Apr 25;8:605. doi: 10.3389/fpsyg.2017.00605. eCollection 2017.