Abstract

The Advanced Persistent Threat has quickly risen as a top-level concern for organizations of all types and sizes. Under today's security paradigm, determined attackers will eventually find their way into their target-s network, often employing social engineering tactics, phishing techniques and backdoor exploits to steal credentials and obtain access. Persistent intrusions target key users within organizations to gain access to trade secrets, intellectual property, computer source code, and any other valuable information available. In order to combat APTs, it is imperative that organizations should know what is going on within their internal networks to fill in the gaps left by perimeter security solutions. The APT detection system enables organizations to have a defence-in-depth methodology. The APT system designed has a combination of modules like IDS, IPS and UTM, SIEM working together as a grid and correlate rules with each other for complete defence. The firewall provides gateway level protection against attacks. The intrusion detection system detects any sort of anomaly behaviour and threat signatures. Intrusion prevention system detects and prevents vulnerability exploits in the network. In short, the advanced persistent system designed is an incorporation of all security modules working together as a grid to provide a secure defense system as it detects low and slow attacks which do not generate usual alarms and responds real quick to the attack.

Authors and Affiliations