The Library
APIVADS : a novel privacy-preserving pivot attack detection scheme based on statistical pattern recognition
Tools
Marques, Rafael Salema, Al-Khateeb, Haider, Epiphaniou, Gregory and Maple, Carsten (2022) APIVADS : a novel privacy-preserving pivot attack detection scheme based on statistical pattern recognition. IEEE Transactions on Information Forensics and Security, 17 . pp. 700-715. doi:10.1109/TIFS.2022.3146076 ISSN 1556-6013.
|
PDF
WRAP-APIVADS-novel-privacy-preserving-pivot-attack-detection-scheme-based-statistical-pattern-recognition-Epiphaniou-2022.pdf - Accepted Version - Requires a PDF viewer. Download (1477Kb) | Preview |
Official URL: https://doi.org/10.1109/TIFS.2022.3146076
Abstract
Advanced cyber attackers often “pivot” through several devices in such complex infrastructure to obfuscate their footprints and overcome connectivity restrictions. However, prior pivot attack detection strategies present concerning limitations. This paper addresses an improvement of cyber defence with APIVADS, a novel adaptive pivoting detection scheme based on traffic flows to determine cyber adversaries’ presence based on their pivoting behaviour in simple and complex interconnected networks. Additionally, APIVADS is agnostic regarding transport and application protocols. The scheme is optimized and tested to cover remotely connected locations beyond a corporate campus’s perimeters. The scheme considers a hybrid approach between decentralized host-based detection of pivot attacks and a centralized approach to aggregate the results to achieve scalability. Empirical results from our experiments show the proposed scheme is efficient and feasible. For example, a 98.54% detection accuracy near real-time is achievable by APIVADS differentiating ongoing pivot attacks from regular enterprise traffic as TLS, HTTPS, DNS and P2P over the internet.
Item Type: | Journal Article | ||||||
---|---|---|---|---|---|---|---|
Subjects: | Q Science > QA Mathematics > QA76 Electronic computers. Computer science. Computer software T Technology > TK Electrical engineering. Electronics Nuclear engineering |
||||||
Divisions: | Faculty of Science, Engineering and Medicine > Engineering > WMG (Formerly the Warwick Manufacturing Group) | ||||||
Library of Congress Subject Headings (LCSH): | Computer networks -- Security measures, Internet -- Security measures, Computer security, Information warfare, Cyber intelligence (Computer security), Cyberterrorism -- Prevention, Cyberspace -- Security measures, Pattern recognition systems | ||||||
Journal or Publication Title: | IEEE Transactions on Information Forensics and Security | ||||||
Publisher: | IEEE | ||||||
ISSN: | 1556-6013 | ||||||
Official Date: | 24 January 2022 | ||||||
Dates: |
|
||||||
Volume: | 17 | ||||||
Page Range: | pp. 700-715 | ||||||
DOI: | 10.1109/TIFS.2022.3146076 | ||||||
Status: | Peer Reviewed | ||||||
Publication Status: | Published | ||||||
Reuse Statement (publisher, data, author rights): | © 2022 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. | ||||||
Access rights to Published version: | Restricted or Subscription Access | ||||||
Date of first compliant deposit: | 1 February 2022 | ||||||
Date of first compliant Open Access: | 1 February 2022 | ||||||
Related URLs: |
Request changes or add full text files to a record
Repository staff actions (login required)
View Item |
Downloads
Downloads per month over past year