Journal ArticleOPEN ACCESS

Advanced threat intelligence: detection and classification of anomalous behavior in system processes

Elektrotechnik und Informationstechnik (2020) 137(1) 38-44
DOI: 10.1007/s00502-019-00780-x
4Citations
Citations of this article
8Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

With the advent of Advanced Persistent Threats (APTs), it has become increasingly difficult to identify and understand attacks on computer systems. This paper presents a system capable of explaining anomalous behavior within network-enabled user sessions by describing and interpreting kernel event anomalies detected by their deviation from normal behavior. The prototype has been developed at the Josef Ressel Center for Unified Threat Intelligence on Targeted Attacks (TARGET) at St. Pölten University of Applied Sciences.

Author supplied keywords

Cite

CITATION STYLE

APA

Luh, R., & Schrittwieser, S. (2020). Advanced threat intelligence: detection and classification of anomalous behavior in system processes. Elektrotechnik Und Informationstechnik, 137(1), 38–44. https://doi.org/10.1007/s00502-019-00780-x

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free