2022
DOI: 10.1109/tifs.2022.3146076
|View full text |Cite
|
Sign up to set email alerts
|

APIVADS: A Novel Privacy-Preserving Pivot Attack Detection Scheme Based on Statistical Pattern Recognition

Abstract: How to cite:Please refer to published version for the most recent bibliographic citation information.

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
5
0

Year Published

2022
2022
2024
2024

Publication Types

Select...
4
2
1

Relationship

1
6

Authors

Journals

citations
Cited by 8 publications
(5 citation statements)
references
References 30 publications
0
5
0
Order By: Relevance
“…Although no clear malicious event was detected, our analysis yielded valuable insights into the network traffic landscape, revealing a significant number of false positives and benign pivoting-like events. The scope of the experiment exceeds previous works [15] and complements results achieved in laboratory settings [7] and host-based methods [18].…”
Section: Discussionmentioning
confidence: 57%
See 2 more Smart Citations
“…Although no clear malicious event was detected, our analysis yielded valuable insights into the network traffic landscape, revealing a significant number of false positives and benign pivoting-like events. The scope of the experiment exceeds previous works [15] and complements results achieved in laboratory settings [7] and host-based methods [18].…”
Section: Discussionmentioning
confidence: 57%
“…Recent approaches to lateral movement detection do not rely solely on system logs but combine multiple data sources, including monitoring network traffic. APIVADS [18] is a privacy-preserving approach to pivoting detection that can be used in complex networks. The proposed approach relies on Net-Flow data collected on the pivot and, thus, it is a de-facto host-based method, even though network-based data are used.…”
Section: Related Work On Pivoting Detectionmentioning
confidence: 99%
See 1 more Smart Citation
“…Tang et al [21] and others extracted three decision features from the traffic data, namely the coefficient of variation of TCP traffic, the wavelet packet energy entropy of TCP (Transmission Control Protocol) traffic , and the Pearson correlation coefficient between TCP and total traffic, to distinguish normal traffic from traffic under LDoS attacks. Marques et al [22] converted the original traffic data into grayscale images used CNN to extract the spatial features of traffic from grayscale images. Meanwhile he used recurrent neural network (RNN) to extract the temporal features of traffic.…”
Section: Feature Extraction and Representation On Trafficmentioning
confidence: 99%
“…Other delivery methods include exploit kits, which take advantage of unpatched vulnerabilities in operating systems and browsers to spread malware or pivot through the network to hide the origin of the attack [14], and malvertising-when attackers create adverts containing malicious code, then serve from a legitimate ad network. Microsoft Office Macros-Visual Basic for Applications (VBA) is a comprehensive language containing commands that can be used maliciously or to download and execute other malware.…”
Section: Introductionmentioning
confidence: 99%