Methodology for Detecting Advanced Persistent Threats in Oracle Databases

Ray, Loye Lynn; Felch, Henry

doi:10.4018/ijsita.2014010104

International Journal of Strategic Information Technology and Applications

2014

DOI: 10.4018/ijsita.2014010104

|View full text |Cite

Methodology for Detecting Advanced Persistent Threats in Oracle Databases

Loye Lynn Ray

Henry Felch

Abstract: Advanced persistent threats (APTs) have become a big problem for computer systems. Databases are vulnerable to these threats and can give attackers access to an organizations sensitive data. Oracle databases are at greater risk due to their heavy use as back-ends to corporate applications such as enterprise resource planning software. This paper will describe a methodology for finding APTs that may be hiding or operating deep within an Oracle database system. Using a deep understanding of Oracle normal operati… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...

Citation Types

Supporting

Mentioning

Contrasting

Year Published

2018

Publication Types

Select...

Article1

Relationship

Self Cite0

Independent1

Authors

Journals

Cited by 1 publication

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

Hybrid Analysis Technique to detect Advanced Persistent Threats

Chakkaravarthy¹,

Vaidehi

Rajesh³

2018

International Journal of Intelligent Information Technologies

View full text Add to dashboard Cite

Advanced persistent threats (APT) are major threats in the field of system and network security. They are extremely stealthy and use advanced evasion techniques like packing and behaviour obfuscation to hide their malicious behaviour and evade the detection methods. Existing behavior-based detection technique fails to detect the APTs due to its high persistence mechanism and sophisticated code nature. Hence, a novel hybrid analysis technique using Behavior based Sandboxing approach is proposed. The proposed technique consists of four phases namely, Static, Dynamic, Memory and System state analysis. Initially, static analysis is performed on the sample which involves packer detection and signature verification. If the sample is found stealthy and remains undetected, then it is executed inside a sandbox environment to analyze its behavior. Further, memory analysis is performed to extract memory artefacts of the current system state. Finally, system state analysis is performed by correlating clean system state and infected system state to determine whether the system is compromised

show abstract

Hybrid Analysis Technique to detect Advanced Persistent Threats

Chakkaravarthy¹,

Vaidehi

Rajesh³

2018

International Journal of Intelligent Information Technologies

View full text Add to dashboard Cite

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Methodology for Detecting Advanced Persistent Threats in Oracle Databases

Cited by 1 publication

References 16 publications

Hybrid Analysis Technique to detect Advanced Persistent Threats

Hybrid Analysis Technique to detect Advanced Persistent Threats

Contact Info

Product

Resources

About