A New Method for Detecting Advanced Persistent Threats Utilising Machine Learning
Main Article Content
Abstract
Cyber security is now receiving a great deal of attention owing to the dependency of humans on modern technologies and systems. As a result, defending these systems from cyber attacks has evolved into an absolutely necessary activity in today's world. An advanced persistent threat is a sophisticated cyber-attack in which hostile actors acquire unauthorised network access and stay undetected for a long time. Increasing numbers of sophisticated persistent threats are assaults and risks to enterprises are documented. Machine learning is one way of identifying sophisticated persistent threat assaults. Nevertheless, there is a shortage of datasets that include the whole of an advanced persistent threat assault lifetime, therefore this approach has not been addressed in many earlier types of studies. This research intends to construct a new dataset that spans the whole attack lifecycle of a complex persistent threat assault to identify normal, reconnaissance, and data exfiltration activities. The new empirical dataset will be depending on sophisticated persistent threat assaults utilizing tactics, and strategies. In addition, this paper introduces MLAPT, a new machine learning-based approach that can identify and forecast APT assaults in a systematic manner with high accuracy and speed.