A Comprehensive Survey on Advanced Persistent Threat (APT) Detection Techniques

作     者：Singamaneni Krishnapriya Sukhvinder Singh 

作者机构：Department of Computer ScienceSchool of Engineering and TechnologyPondicherry UniversityKalapet605014India 

出 版 物：《Computers, Materials & Continua》 (计算机、材料和连续体（英文）)

年 卷 期：2024年第80卷第8期

页      面：2675-2719页

核心收录：

学科分类：0839[工学-网络空间安全] 08[工学] 081201[工学-计算机系统结构] 0812[工学-计算机科学与技术（可授工学、理学学位）] 

基　　金：We would like to thank my research supervisor Sukhvinder Singh and my brother S. Chanti who has given their valuable inputs to publish my manuscript in the reputed journal 

主　　题：Advanced persistent threats APT cyber security intrusion detection cyber attacks 

摘      要：The increase in number of people using the Internet leads to increased cyberattack *** Persistent Threats,or APTs,are among the most dangerous targeted *** attacks utilize various advanced tools and techniques for attacking targets with specific *** countries with advanced technologies,like the US,Russia,the UK,and India,are susceptible to this targeted *** is a sophisticated attack that involves multiple stages and specific ***,TTP(Tools,Techniques,and Procedures)involved in the APT attack are commonly new and developed by an attacker to evade the security ***,APTs are generally implemented in multiple *** one of the stages is detected,we may apply a defense mechanism for subsequent stages,leading to the entire APT attack *** detection at the early stage of APT and the prediction of the next step in the APT kill chain are ongoing *** survey paper will provide knowledge about APT attacks and their essential *** follows the case study of known APT attacks,which will give clear information about the APT attack process—in later sections,highlighting the various detection methods defined by different researchers along with the limitations of the *** used in this article comes from the various annual reports published by security experts and blogs and information released by the enterprise networks targeted by the attack.