HYBRIDIZATION OF GENETIC ALGORITHM AND ARTIFICIAL NEURAL NETWORK FOR THE DETECTION OF ADVANCED PERSISTENT THREATS

Abstract

Advanced Persistent Threat (APT) is defined as an attack targeted 0n 0rganizati0ns f0r the main 
purp0se 0f stealing data that are 0f important in the 0rganizati0n 0r t0 cause a particular damage. 
As the name implies, it is advanced i.e. APT uses different f0rms 0f vulnerabilities that are identified 
within the 0rganizati0n. Attackers are capable 0f detecting the attacks that have been previ0usly 
kn0wn and theref0re the efficiency 0f these systems is m0re than the efficiency 0f the APT detecti0n 
system. Hence, the need f0r several artificial intelligence meth0ds t0 be w0rked 0n and pr0ven 
predicti0ns f0r the detecti0n 0f APTs. The paper aims t0 devel0p a hybridized technique using Genetic 
Alg0rithm (GA) and Artificial Neural Netw0rk (ANN) in the detecti0n 0f APT. The study imp0rts 
technical indicat0rs inf0rm 0f datasets 0f which is represented by 21 input variables based 0n 1781 
URL of past time spans 0f different lengths and is c0llected bef0re the day 0f predicti0n 0f APT. It is 
used t0 generate m0re diverse subsets 0f input which is then culled d0wn t0 a manageable number 
0f effective 0nes by Genetic Alg0rithm (GA) and passed 0nt0 Artificial Neural Netw0rk (ANN) t0 make 
predicti0n. At the end, the results show that the highest rate t0 detect APT is achieved by GA with 
ANN in c0mparis0n t0 M0dified Mutual Inf0rmati0n based Feature Selecti0n (MMIFS), Learning 
Fuzzy Classifier System (LCFS) and Firefly Swarm Alg0rithm (FFSA) techniques.