Deep Learning-based Solutions for Advanced Persistent Threat (APT) Detection

Advanced Persistent Threats (APTs) are among the greatest cyber security threats organizations face today. They involve an attacker leveraging a range of techniques to gain access to and control over an organization’s network infrastructure, often with malicious intent. Traditional defenses such as antivirus and intrusion prevention systems (IPS) have difficulty detecting and responding to APTs due to their polymorphic nature. As a result, deep learning algorithms - which are well-suited to both identifying patterns in data and adapting to changes - have been proposed as a potential solution to the problem. In this article, we review the current state of deep learning-based solutions for APT detection and discuss ways in which they can be improved to better detect these threats. We then provide an overview of two existing deep learning frameworks - Autoencoders and Convolutional Neural Networks (CNNs) - that have been applied to APT detection in the past. Finally, we conclude by discussing future directions for deep learning-based APT detection.