Abstract
Advanced persistent threats (APT) are threat actors with the advanced Technique, Tactic and Procedure (TTP) to gain covert control of the computer network for a long period of time. These threat actors are the highest cyber attack risk factor for enterprise companies and governments. A successful attack by the APT threat Actors has the capabilities to do physical damage. APT groups are typically state-sponsored and are considered the most effective and skilled cyber attackers. The final goal for the APT Attack is to exfiltrate victims data or sabotage system. This aim of this research is to exercise multiple Machine Learning Approach such as k-Nearest Neighbors and H20 Deep Learning Model and also employ Deep Packet Inspection on enterprise network traffic dataset in order to identify suitable approaches to detect data exfiltration by APT threat Actors. This study shows that combining machine learning techniques with Deep Packet Inspection significantly improves the detection of data exfiltration attempts by Advanced Persistent Threat (APT) actors. The findings suggest that this approach can enhance anomaly detection systems, bolstering the cybersecurity defenses of enterprises. Consequently, the research implications could lead to developing more robust strategies against sophisticated and covert cyber threats posed by APTs.
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call