A Federated Learning Approach for Multi-stage Threat Analysis in Advanced Persistent Threat Campaigns

arXiv:2406.13186v1 Announce Type: new
Abstract: Multi-stage threats like advanced persistent threats (APT) pose severe risks by stealing data and destroying infrastructure, with detection being challenging. APTs use novel attack vectors and evade signature-based detection by obfuscating their network presence, often going unnoticed due to their novelty. Although machine learning models offer high accuracy, they still struggle to identify true APT behavior, overwhelming analysts with excessive data. Effective detection requires training on multiple datasets from various clients, which introduces privacy issues …

advanced advanced persistent threat advanced persistent threats analysis apt apts arxiv attack attack vectors campaigns cs.cr data detection evade federated federated learning infrastructure network novel persistent persistent threat persistent threats presence risks signature signature-based detection stage stealing threat threat analysis threats