<![CDATA[This research proposes a novel approach for detecting and mitigating Advanced Persistent Threats (APTs) in cloud computing infrastruc ture, offering more comprehensive protection compared to previous methods. By integrating detection and mitigation, this study addresses the shortcomings of prior research that focused solely on detection. Based on the conducted research, Artificial Intelligence (AI) detected Cross-Site Scripting (XSS) attacks with an accuracy of 0.9951, SQL Injection (SQLI) at 0.9964, and Remote Code Execution (RCE) at 0.9876. In trials against new attacks, the detection success rates reached 70% for XSS, 98% for SQLI, and 100% for RCE. During the deployment phase, the system successfully identified 23.040 out of 108.394 requests as XSS attacks, 2.684 out of 128.750 as SQLI attacks, and 1.135 out of 46.450 as RCE attacks. The detection and mitigation methods were directly tested on cloud server experiencing APT attacks. The daily attacks on the server reached 1.980, with 663.000 requests. Additionally, the number of attacks directed at authentication or sensitive pages reached 17.913.701. Attack mitigation was tested through seven layers of security, including DNS Protection, Config Server Firewall (CSF), OWASP ModSecurity, HTTP middleware, data filter or sanitizer, template engine, and manual mitigation successfully blocking million of persistent attacks. The DNS protection layer successfully mitigated 59,000 out of a total of 19 million requests. The CSF layer mitigated 173 sources IP of DDoS attacks. The ModSecurity layer mitigated 17,916,204 attacks. All attacks were successfully mitigated before reaching the HTTP Middleware stage or next layer. The use of NIST 2.0 standards helps manage security risks through identification, protection, detection, response, and recovery. Test results indicate that this multi-layered system is more efficient and effective in detecting and mitigating attacks compared to traditional methods. However, the complexity of implementation and maintenance poses challenges that must be addressed. This research significantly contributes to a more adaptive and sustainable cybersecurity strategy.]]>
Copyrights © 2024
