AN ADAPTIVE FRAMEWORK FOR COMBATING ADVANCED PERSISTENT THREATS
Abstract
Advanced persistent threats (APTs) pose a significant risk to nearly every organization. Due to the sophistication of these attacks, they can bypass existing security systems and largely infiltrate the target network. The prevention and detection of APT are challenging because attackers constantly change and evolve their attacking techniques and methods to stay undetected. As a result, APT often successfully compromises companies, organizations, or public authorities. This paper developed an adaptive security framework that continuously investigates the behavior of users of a network to protect it against threats. The framework constitutes of three main sections namely; Intrusion prevention, Intrusion detection, and Response to intrusions. The design model comprises the front end, middleware, and back end. The front end is implemented using HTML and Cascading Style Sheet (CSS) in Netbeans Integrated Development Environment (IDE) version 8.0.2. The middleware is implemented using Java Web of NetBeans IDE while the back end is implemented using MySQL server. The results show that the runtime security of the system is adapted according to the behavior patterns exhibited by the user hence, our system can detect zero-day attacks which signature-based intrusion detection systems cannot detect, thus protecting against these attacks. The work is recommended as a countermeasure against emerging persistent attacks.