Earticle

현재 위치 Home

Oral Session A-3 : AI Applications

A Federated Intrusion Detection Approach for SOC-Centered APT Defense Systems

첫 페이지 보기
  • 발행기관
    한국차세대컴퓨팅학회 바로가기
  • 간행물
    한국차세대컴퓨팅학회 학술대회 바로가기
  • 통권
    ICNGC 2025 The 11th International Conference on Next Generation Computing 2025 (2025.12)바로가기
  • 페이지
    pp.193-196
  • 저자
    Ali Rashid Mahmud, Atif Ali, Muhammad Rehan Ajmal, Salman Ghani Virk, Subayyal Sheikh, Muhammad Tayyab Khan
  • 언어
    영어(ENG)
  • URL
    https://www.earticle.net/Article/A478492

원문정보

초록

영어
Advanced Persistent Threats (APTs) represent a major headache for Security Operations Centers (SOCs) of the 21st century. Apart from being able to withstand constant monitoring, detection, and response, APTs are also extremely sophisticated and stealthy in nature. Centralized Intrusion Detection Systems (IDS), which are of a traditional nature, are usually not capable of providing adaptive, privacy-preserving, and collaborative detection functionalities across distributed networks. In this paper, a Federated Intrusion Detection Framework (FIDF), which uses Federated Learning (FL) to allow multiple SOC nodes to jointly train a smart detection model without the need to share raw data, is introduced. Local IDS agents, a central SOC aggregator, and a secure threat intelligence exchange mechanism are components of the system. The experimental performance is successful in showing that the detection accuracy is improved, the false positives are reduced, and the response time is enhanced for APT defense. The presented framework is a step toward federated solutions for the creation of a cybersecurity ecosystem that is scalable, privacy-aware, and resilient and is suitable for national defense infrastructures.

목차

Abstract
I. Introduction
II. Literature Review
III. Methodology
IV. Results
A. Quantitative Performance Analysis
B. Detection Efficiency and Latency Trade-off
C. APT Detection Capability
V. Conclusion
VI. References

키워드

Federated Learning Intrusion Detection System Advanced Persistent Threat (APT) Security Operations Center (SOC) Cyber Defense Threat Intelligence.

저자

  • Ali Rashid Mahmud [ MCS, National University of Sciences & Technology, Islamabad, Pakistan. ]
  • Atif Ali [ Research Management Centre (RMC), Multimedia University, Cyberjaye 63100 Malaysia. ]
  • Muhammad Rehan Ajmal [ MCS, National University of Sciences & Technology, Islamabad, Pakistan ]
  • Salman Ghani Virk [ Riphah International University, Islamabad, Pakistan. ]
  • Subayyal Sheikh [ Sir Syed CASE Institute of Technology, Islamabad, Pakistan ]
  • Muhammad Tayyab Khan [ School of Computer Science National College of Business Administration and Economics, Lahore 54000, Pakistan. ]

참고문헌

자료제공 : 네이버학술정보

간행물 정보

발행기관

  • 발행기관명
    한국차세대컴퓨팅학회 [Korean Institute of Next Generation Computing]
  • 설립연도
    2005
  • 분야
    공학>컴퓨터학
  • 소개
    본 학회는 차세대 PC 및 그 관련분야의 학술활동을 통하여 차세대 PC의 학문 및 기술발전을 도모하고 산업발전 및 국제협력 증진을 목적으로 한다.

간행물

  • 간행물명
    한국차세대컴퓨팅학회 학술대회
  • 간기
    반년간
  • 수록기간
    2021~2025
  • 십진분류
    KDC 566 DDC 004

이 권호 내 다른 논문 / 한국차세대컴퓨팅학회 학술대회 ICNGC 2025 The 11th International Conference on Next Generation Computing 2025

    피인용수 : 0(자료제공 : 네이버학술정보)

    함께 이용한 논문 이 논문을 다운로드한 분들이 이용한 다른 논문입니다.

      출처 : 네이버학술정보

        0개의 논문이 장바구니에 담겼습니다.

        페이지 저장
        소속기관 조회
        이용자님의 소속기관(단체)이 서비스에 가입되어 있는지 확인해 보십시오.
        기관회원에 소속되어 있는 이용자는 원문을 무료로 이용할 수 있습니다.