Advanced techniques for cyber threat intelligence-based APT detection and mitigation in cloud environments

Adel Alshaikh; Mohammed Alanesi; Daoguo Yang; Abdulrahman Alshaikh

doi:10.1117/12.2681627

1 June 2023 Advanced techniques for cyber threat intelligence-based APT detection and mitigation in cloud environments

Adel Alshaikh, Mohammed Alanesi, Daoguo Yang, Abdulrahman Alshaikh

Author Affiliations +

Proceedings Volume 12718, International Conference on Cyber Security, Artificial Intelligence, and Digital Economy (CSAIDE 2023); 127180M (2023) https://doi.org/10.1117/12.2681627
Event: International Conference on Cyber Security, Artificial Intelligence, and Digital Economy (CSAIDE 2023), 2023, Nanjing, China

Abstract

In this study, we investigate the effectiveness of machine learning models for the detection and mitigation of Advanced Persistent Threats (APTs) in cloud environments, which pose a significant risk to cybersecurity. Using a publicly available APT malware dataset, we evaluate the performance of Random Forest and Support Vector Machines (SVMs) models. Our results demonstrate that both models achieve high accuracy scores, with the Random Forest model achieving a low mean squared error. We present the results of ROC analysis and cross validation scores for the Random Forest model, which further demonstrate its potential for APT detection and mitigation. Our study highlights the significant potential of machine learning-based approaches for improving cybersecurity in cloud environments. However, further research is necessary to evaluate the performance of both models on larger datasets and in different scenarios. To enhance the accuracy and effectiveness of APT detection and mitigation, future work will focus on investigating other machine learning algorithms and techniques, such as deep learning and natural language processing. Overall, our findings provide a promising starting point for further research in this area, emphasizing the potential for machine learning-based approaches to enhance cybersecurity in the cloud. By leveraging these advanced techniques, we can mitigate the risks associated with APT attacks and better protect sensitive data and information.

Citation Download Citation

Adel Alshaikh, Mohammed Alanesi, Daoguo Yang, and Abdulrahman Alshaikh "Advanced techniques for cyber threat intelligence-based APT detection and mitigation in cloud environments", Proc. SPIE 12718, International Conference on Cyber Security, Artificial Intelligence, and Digital Economy (CSAIDE 2023), 127180M (1 June 2023); https://doi.org/10.1117/12.2681627

ACCESS THE FULL ARTICLE

INSTITUTIONAL
Select your institution to access the SPIE Digital Library.

SELECT YOUR INSTITUTION

PERSONAL
Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.

PERSONAL SIGN IN

No SPIE Account? Create one

;

PURCHASE THIS CONTENT

SUBSCRIBE TO DIGITAL LIBRARY

50 downloads per 1-year subscription

Members: $195

Non-members: $335 ADD TO CART

25 downloads per 1 - year subscription

Members: $145

Non-members: $250 ADD TO CART

PURCHASE SINGLE ARTICLE

Includes PDF, HTML & Video, when available

Members: $17.00

Non-members: $21.00 ADD TO CART

PROCEEDINGS
11 PAGES

DOWNLOAD PAPER SAVE TO MY LIBRARY

GET CITATION

RIGHTS & PERMISSIONS

Get copyright permission Get copyright permission on Copyright Marketplace

KEYWORDS

Clouds

Environmental sensing

Data modeling

Random forests

Machine learning

Network security

Performance modeling

Show All Keywords

Keywords/Phrases

Search In:

Publication Years