BROWSE
Detail
Journal Article
DTB-IDS: An Intrusion Detection System Based on Decision Tree using Behavior Analysis for Preventing APT Attacks
Cited 113 time in 
Share 
Share
- Authors
- Daesung Moon, Hyungjin Im, Ikkyun Kim, Jong Hyuk Park
- Issue Date
- 2017-07
- Citation
- Journal of Supercomputing, v.73, no.7, pp.2881-2895
- ISSN
- 0920-8542
- Publisher
- Springer
- Language
- English
- Type
- Journal Article
- Abstract
- Due to rapid growth of communications and networks, a cyber-attack with malicious codes has been coming as a new paradigm in information security area since last few years. In particular, an advanced persistent threats (APT) attack is bringing out big social issues. The APT attack uses social engineering methods to target various systems for intrusions. It breaks down the security of the target system to leak information or to destroy the system by giving monetary damages on the target. APT attacks make relatively simple attacks such as spear phishing during initial intrusion but a back door is created by leaking the long-term information after initial intrusion, and it transmits the malicious code by analyzing the internal network. In this paper, we propose an intrusion detection system based on the decision tree using analysis of behavior information to detect APT attacks that intellectually change after intrusion into a system. Furthermore, it can detect the possibility on the initial intrusion and minimize the damage size by quickly responding to APT attacks.
- KSP Keywords
- APT attacks, Behavior analysis, Cyber attacks, Decision Tree(DT), Intrusion detection system(IDS), Malicious code, Security area, Social issues, Spear phishing, advanced persistent threat, breaks down