Bilkent University
Department of Computer Engineering


Cloud Based Protection Against Malware Based APT Attacks


Yakup Korkmaz
MSc Student
Computer Engineering Department
Bilkent University

Advanced Persistent Threat (APT) is a cyber threat targeting a specific entity carried out by an advanced group with the capability and resources to maintain such threat stealthily for relatively long period of time. Malware is a key component of a successfull APT attack and used for stealth communication with operators, exfiltrating gathered intelligence/information and spreading over other hosts in the internal network. Cloud technology, which offers high elasticity, ease of management and high computing power when needed, can help protecting enterprise environments against malware based Advanced Persistent Threat attacks. Because the threat is specifically directed to an enterprise, the malware used for the attack is specifically written or customized to meet the requirements of the environment and can not be detected by the traditional signature-based antivirus softwares in most cases. Therefore, a cloud based system is proposed to fight against APT attacks and detect specifically written or custom malwares in an enterprise environment using existing open-source dynamic analysis systems.


DATE: 26 November, 2012, Monday @ 15:40