APT-Attack Detection Based on Multi-Stage Autoencoders

In the face of emerging technological achievements, cyber security remains a significant issue. Despite new possibilities that arise with such development, these do not come without drawback. Attackers make use to take advantage possible defects in systems. Advanced-persistent-threat (APT) attacks represent sophisticated are executed multiple steps. particular, network systems common target for APT where known or yet undiscovered vulnerabilities exploited. For this reason, intrusion detection (IDS) applied identify malicious behavioural patterns existing datasets. recent times, machine-learning (ML) algorithms used distinguish between benign and anomalous activity The application methods, especially autoencoders, has received attention achieving good results attacks. This paper builds on fact applies several autoencoder-based methods attack two datasets created by combining publicly available benchmark addition that, statistical analysis is determine features supplement anomaly process. An detector implemented evaluated combination both datasets, including experiment instances–APT-attack an independent test dataset zero-day-attack dataset. conducted experiments provide promising plausibility performance algorithms. Finally, discussion provided suggestions improvements detector.