Bin Luo^1,2,3, Liangguo Chen^1,2,3, Shuhua Ruan^1,2,3,*, Yonggang Luo^2,3,*

CMC-Computers, Materials & Continua, Vol.78, No.2, pp. 1731-1754, 2024, DOI:10.32604/cmc.2023.045739

Abstract Considering the stealthiness and persistence of Advanced Persistent Threats (APTs), system audit logs are leveraged in recent studies to construct system entity interaction provenance graphs to unveil threats in a host. Rule-based provenance graph APT detection approaches require elaborate rules and cannot detect unknown attacks, and existing learning-based approaches are limited by the lack of available APT attack samples or generally only perform graph-level anomaly detection, which requires lots of manual efforts to locate attack entities. This paper proposes an APT-exploited process detection approach called ThreatSniffer, which constructs the benign provenance graph from attack-free audit logs, fits normal system entity… More >

So-Eun Jeon¹, Sun-Jin Lee¹, Eun-Young Lee¹, Yeon-Ji Lee², Jung-Hwa Ryu², Jung-Hyun Moon², Sun-Min Yi², Il-Gu Lee^1,2,*

CMC-Computers, Materials & Continua, Vol.75, No.2, pp. 4231-4253, 2023, DOI:10.32604/cmc.2023.034287

Abstract Recently, with the normalization of non-face-to-face online environments in response to the COVID-19 pandemic, the possibility of cyberattacks through endpoints has increased. Numerous endpoint devices are managed meticulously to prevent cyberattacks and ensure timely responses to potential security threats. In particular, because telecommuting, telemedicine, and tele-education are implemented in uncontrolled environments, attackers typically target vulnerable endpoints to acquire administrator rights or steal authentication information, and reports of endpoint attacks have been increasing considerably. Advanced persistent threats (APTs) using various novel variant malicious codes are a form of a sophisticated attack. However, conventional commercial antivirus and anti-malware systems that use signature-based… More >

U. Sakthivelu, C. N. S. Vinoth Kumar^*

Intelligent Automation & Soft Computing, Vol.36, No.3, pp. 3691-3707, 2023, DOI:10.32604/iasc.2023.036946

Abstract The detection of cyber threats has recently been a crucial research domain as the internet and data drive people’s livelihood. Several cyber-attacks lead to the compromise of data security. The proposed system offers complete data protection from Advanced Persistent Threat (APT) attacks with attack detection and defence mechanisms. The modified lateral movement detection algorithm detects the APT attacks, while the defence is achieved by the Dynamic Deception system that makes use of the belief update algorithm. Before termination, every cyber-attack undergoes multiple stages, with the most prominent stage being Lateral Movement (LM). The LM uses a Remote Desktop protocol (RDP)… More >

Yussuf Ahmed^1,*, A.Taufiq Asyhari¹, Md Arafatur Rahman²

CMC-Computers, Materials & Continua, Vol.67, No.2, pp. 2497-2513, 2021, DOI:10.32604/cmc.2021.014223

Abstract The number of cybersecurity incidents is on the rise despite significant investment in security measures. The existing conventional security approaches have demonstrated limited success against some of the more complex cyber-attacks. This is primarily due to the sophistication of the attacks and the availability of powerful tools. Interconnected devices such as the Internet of Things (IoT) are also increasing attack exposures due to the increase in vulnerabilities. Over the last few years, we have seen a trend moving towards embracing edge technologies to harness the power of IoT devices and 5G networks. Edge technology brings processing power closer to the… More >