Detection of APTs by Machine Learning: A Performance Comparison
[EN]Recent advances in machine learning and deep learning have significantly impacted multiple domains, including computervision, natural language processing and cybersecurity. In the context of increasingly sophisticated Advanced Persistent Threats(APTs), deep learning models have shown strong pote...
| Autores: | , , , , |
|---|---|
| Tipo de recurso: | artículo |
| Fecha de publicación: | 2025 |
| País: | España |
| Institución: | Universidad de Salamanca (USAL) |
| Repositorio: | GREDOS. Repositorio Institucional de la Universidad de Salamanca |
| OAI Identifier: | oai:gredos.usal.es:10366/169824 |
| Acceso en línea: | http://hdl.handle.net/10366/169824 |
| Access Level: | acceso abierto |
| Palabra clave: | APTs Deep learning Machine learning NetFlow traffic analysis Neural networks 1203.17 Informática 1203.18 Sistemas de Información, Diseño Componentes 1209 Estadística |
| Sumario: | [EN]Recent advances in machine learning and deep learning have significantly impacted multiple domains, including computervision, natural language processing and cybersecurity. In the context of increasingly sophisticated Advanced Persistent Threats(APTs), deep learning models have shown strong potential for network intrusion detection by addressing the limitations of tra-ditional methods. This study presents a comparative evaluation of classical and deep learning models for APT detection, high-lighting the ability of deep architectures, such as Convolutional Neural Networks and Long Short-Term Memory networks, toautomatically extract complex temporal and spatial patterns from network traffic data. A key objective is to maximise detectionaccuracy while minimising false positives and false negatives. Experimental results show that Convolutional Neural Networksapplied to the SCVIC-APT-2021 dataset achieved outstanding performance, with 99.24% accuracy, 99.39% precision, 99.24% re-call and a 99.24% F1-score. These results confirm the robustness of deep learning techniques for APT detection and underscoretheir effectiveness in identifying malicious activity in modern network environments. |
|---|