Resilience against APTs: A provenance-based dataset and attack detection framework
| dc.contributor.advisor | Ghorbani, Ali | |
| dc.contributor.advisor | Ray, Suprio | |
| dc.contributor.author | Ghiasvand, Erfan | |
| dc.date.accessioned | 2024-07-24T16:47:42Z | |
| dc.date.available | 2024-07-24T16:47:42Z | |
| dc.date.issued | 2024-06 | |
| dc.description.abstract | The IIoT devices integrate different intelligent sensors, advanced analytics, and robust connectivity within industrial processes. IIoT is susceptible to various attack vectors, with APTs posing a particularly grave concern due to their stealthy and targeted nature. However, existing cybersecurity datasets often lack crucial attributes for APT detection in IIoT environments. The first contribution of this research is to propose CICADA-IIoT, a novel APT dataset in the IIoT setting that includes essential information for the APT detection task. To achieve this, a testbed for IIoT is developed, and over 20 attack techniques frequently used in APT campaigns are included that create some of the invariant phases of an APT campaign. In addition, a self-supervised machine learning-based framework utilizing the heterogeneous nature of the provenance graph data for APT detection is proposed. | |
| dc.description.copyright | © Erfan Ghiasvand, 2024 | |
| dc.format.extent | xi, 101 | |
| dc.format.medium | electronic | |
| dc.identifier.uri | https://unbscholar.lib.unb.ca/handle/1882/38065 | |
| dc.language.iso | en | |
| dc.publisher | University of New Brunswick | |
| dc.rights | http://purl.org/coar/access_right/c_abf2 | |
| dc.subject.discipline | Computer Science | |
| dc.title | Resilience against APTs: A provenance-based dataset and attack detection framework | |
| dc.type | master thesis | |
| oaire.license.condition | other | |
| thesis.degree.discipline | Computer Science | |
| thesis.degree.grantor | University of New Brunswick | |
| thesis.degree.level | masters | |
| thesis.degree.name | M.C.S. |