2016 Symposium Posters

Posters > 2016

Using Link Analysis to Improve Advanced Persistent Threat Intelligence and Detection


PDF

Primary Investigator:
Eric Dietz

Project Members
Corey Holzer
Abstract
Over the past decade, the Advanced Persistent Threat (APT) has risen to forefront of cybersecurity threats. APTs are a major contributor to the billions of dollars lost by corporations around the world annually. The threat is significant enough that the Navy Cyber Power 2020 plan identified them as a “must mitigate” threat in order to ensure the security of its warfighting network. However, the manner in which these threats operate makes them difficult to detect. The goal of the current research is to use open source intelligence pertaining to known APTs to establish an APT ontology and then employ the ontology and link analysis with the goal of increasing the amount of intelligence about individual APTs as aggregated from the whole knowledge base.