A novel approach for detection of APT malware using multi-dimensional hybrid Bayesian belief network

Due to the continuous evolution of adversary tactics, strategies, and processes, the contemporary digital universe is confronted with new obstacles in defending digital assets ranging from secret information to essential infrastructure. The advanced persistent threat (APT) is a new attack methodology used by modern adversaries in which the attacker employs sophisticated and highly evasive exploits and payloads to achieve long-term persistence and lateral movement to accomplish objectives such as high endurance data collection, disruption, or denial of critical infrastructure services. The payloads employed in these sorts of attacks are sophisticated and include advanced approaches for evading contemporary security solutions that depend heavily on signature and rule-based detection methods. Nowadays, individuals rely on behavior analysis combined with artificial intelligence approaches to determine given sample is malicious or not. This paper presents an innovative multi-dimensional hybrid Bayesian belief network model to classify the given sample as malicious or benign in the APT malware detection domain. It is a hybrid method of three analytical models: static analysis Bayesian belief network (SABBN), dynamic analysis Bayesian belief network (DABBN), and event analysis Bayesian belief network (EABBN) that covers the vast range of malware behavioral traits. The suggested framework detects APT Malware with 92.62 percent accuracy and a 0.0538 percent false-positive rate, which is excellent in an area where security solutions lack trustworthy mechanisms.