References
- http://www.gfi.com/blog/advanced-persistent-threat-apta-hyped-up-marketing-term-or-a-security-concern/
- http://www.sans.edu/student-files/projects/JWP-Binde-McRee-OConnor-slideswnote.pdf.
- Hacking Exposed 7: Network Security Secrets & Solutions, Chapter 6.
- 3.20 Cyber Terror Incident Analysis Report, Red Alert, 2013.
- 6.25 Cyber Terror Incident Analysis Report, Red Alert, 2013.
-
M-Trends
$^{(R)}$ 2013: Attack the Security Gap -
M-Trends
$^{(R)}$ 2012: An Evolving Threat -
M-Trends
$^{(R)}$ 2011: When Prevention Fails -
M-Trends
$^{(R)}$ 2010: The Advanced Persistent Threat - Trustwave 2012 Global Security Report
- http://digital-forensics.sans.org/blog/2010/06/21/security-intelligence-knowing-enemy
- http://www.fireeye.com, Datasheet
- http://www.damballa.com, FailSafe Datasheet
- http://www.emergingthreats.net
- http://www.metaflows.com, Datasheet
- MetaFlows MSS User Guide
- http://www.packetloop.com
- http://www.scmagazine.com.au/News/329058,sydney-startup-packetloop-to-challenge-siem.aspx
- Bingo FastBig-Real-time Big Data System Introduction
- LogPresso-Real-time Big Data System Introduction
- http://www.splunk.com/view/advanced-persistent-threats/SP-CAAAGG4.
- https://www.virustotal.com/
- http://www.reversinglabs.com/
- http://www.joesecurity.org
- http://www.cuckoosandbox.org/
- Yamada et el., "Anomaly Detection for DNS Servers Using Frequent Host Selection", IEEE
- Hyunsang Choi et el., "Botnet Detection by Monitoring Group Activities in DNS Traffic", IEEE, 2007,
- Kazumichi Sato et el., "Extending black domain name list by using co- occurrence relation between DNS queries", leet10, Usenix
- Thorsten Holz et el., "Measuring and Detecting Fast-Flux Service Networks".
- Emanuele Passerini et el., "FluXOR: Detecting and Monitoring Fast-Flux Service Networks".
- Vagishwari Nagaonkar et el., "Revisiting the Threshold Random Walk Scan Detector", FLOCON 2008.
- Jaeyeon Jung, et el., "Fast Portscan Detection Using Sequential Hypothesis Testing", MIT Computer Science and Artificial Intelligence Laboratory.
- Robert Perdisci, "DGA-based Botnets: Discovery", Classification, and Tracking Seminar, Feb. 25, 2013.
- Identify Fast Flux in your environment, http: //infosecnirvana.com/detecting-fast-flux/
- Ching-Hsiang Hsu et el., "Fast-Flux Bot Detection in Real Time - Academia Sinica".
- http://www.cognitivesecurity.cz/
- MINDS algorithm [Ertoz et al, 2004] The Minnesota Intrusion Detection System.
- Xu et al. algorithm [Xu, Zhang et al, 2005]
- Volume prediction algorithm [Lakhina et al, 2004]
- Entropy prediction algorithm [Lakhina et al, 2005]
- Mi-Suk Kwak, Ah-Bin Kim, and Yoonhee Kim, "Design and implementation an integrated malicious code collection and monitoring system", Journal of KIIT, Vol. 8, No. 2, pp. 119-121, Feb. 2010.
Cited by
- Attacker Tactics and Technology Detection Method based on Attackers’ Behavior Matrix from a Network Perspective vol.18, pp.10, 2014, https://doi.org/10.14801/jkiit.2020.18.10.55