<![CDATA[Advanced persistent threats (APT) are threat actors with the advanced Technique, Tactic and Procedure (TTP) to gain covert control of the computer network for a long period of time. These threat actors are the highest cyber attack risk factor for enterprise companies and governments. A successful attack by the APT threat Actors has the capabilities to do physical damage. APT groups are typically state-sponsored and are considered the most effective and skilled cyber attackers. The ï¬Ânal goal for the APT Attack is to exï¬Âltrate victims data or sabotage system. This aim of this research is to exercise multiple Machine Learning Approach such as k-Nearest Neighbors and H20 Deep Learning Model and also employ Deep Packet Inspection on enterprise network trafï¬Âc dataset in order to identify suitable approaches to detect data exï¬Âltration by APT threat Actors. This study shows that combining machine learning techniques with Deep Packet Inspection signiï¬Âcantly improves the detection of data exï¬Âltration attempts by Advanced Persistent Threat (APT) actors. The ï¬Ândings suggest that this approach can enhance anomaly detection systems, bolstering the cybersecurity defenses of enterprises. Consequently, the research implications could lead to developing more robust strategies against sophisticated and covert cyber threats posed by APTs.]]>
Copyrights © 2023
