Semantics-aware detection of targeted attacks: a survey

Robert Luh, Stefan Marschalek, Manfred Kaiser, Helge Janicke, Sebastian Schrittwieser
2016 Journal in Computer Virology and Hacking Techniques  
In today's interconnected digital world, targeted attacks have become a serious threat to conventional computer systems and critical infrastructure alike. Many researchers contribute to the fight against network intrusions or malicious software by proposing novel detection systems or analysis methods. However, few of these solutions have a particular focus on Advanced Persistent Threats or similarly sophisticated multi-stage attacks. This turns finding domainappropriate methodologies or
more » ... ng new approaches into a major research challenge. To overcome these obstacles, we present a structured review of semantics-aware works that have a high potential for contributing to the analysis or detection of targeted attacks. We introduce a detailed literature evaluation schema in addition to a highly granular model for article categorization. Out of 123 identified papers, 60 were found to be relevant in the context of this study. The selected articles are comprehensively reviewed and assessed in accordance to Kitchenham's guidelines for systematic literature reviews. In conclusion, we combine new insights and the status quo of current research into the concept of an ideal systemic approach capable of semantically processing and evaluating information from different observation points.
doi:10.1007/s11416-016-0273-3 fatcat:flhbpc4uwbandby2adxi62t64u