An AI-based, Multi-stage detection system of banking botnets
This addresses the threat of financially-motivated cybercrime for organizations, but appears incremental as it applies existing AI techniques to a specific domain.
The paper tackled the problem of detecting banking botnets by analyzing their lifecycle and presenting a multi-stage AI-based detection system, achieving high success with deep learning models compared to baselines in evaluations on public datasets.
Banking Trojans, botnets are primary drivers of financially-motivated cybercrime. In this paper, we first analyzed how an APT-based banking botnet works step by step through the whole lifecycle. Specifically, we present a multi-stage system that detects malicious banking botnet activities which potentially target the organizations. The system leverages Cyber Data Lake as well as multiple artificial intelligence techniques at different stages. The evaluation results using public datasets showed that Deep Learning based detections were highly successful compared with baseline models.