 
        Volume 15 , Issue 2 , PP: 147-164, 2025 | Cite this article as | XML | Html | PDF | Full Length Article
Khaled Almasoud 1 *
Doi: https://doi.org/10.54216/JCIM.150212
Advanced Persistent Threats (APT) are intelligent, sophisticated cyberattacks that frequently evade detection by gradually interfering with vital systems or focusing on sensitive data. It is proposed herein the new approach of the Hybrid Dipper Throated Sine Cosine Optimization Algorithm (HDT-SCO) for APT detection in association with the EfficientDense-ViT model. It handles the class imbalance issue with advanced processing Adaptive Synthetic Minority Oversampling Technique (ADASYN), including min-max scaling for normalization, and median imputation for missing values. In terms of feature engineering, ResNet-152 and Symbolic Aggregate Approximation (SAX) are adopted for statistical, deep, and time series feature extraction. HDT-SCO optimizes the selection of relevant features to refine by integrating into it the three approaches: PCA, RFE, RF Feature Importance, and L1 Regularization (Lasso). Compared to current detection techniques, the best detection model shows high performance and efficiency through the hybrid deep learning model known as EfficientDense-ViT, which is a combination of EfficientNet, DenseNet, and Vision Transformers (ViT) that can detect APTs reliably. This method shows considerable improvement in both accuracy (0.98741 for the 70/30 split and 0.99143 for the 80/20 split) and efficiency as compared to existing models in the detection of APTs in cybersecurity.
Cyber Security , APT Detection , Hybrid optimization , HDT-SCO , Deep learning , Vision Transformers (ViT) , EfficientDense-ViT
[1] Laurenza, G. (2020). Critical infrastructures security: improving defense against novel malware and Advanced Persistent Threats.
[2] Alevizos, L., Eiza, M. H., Ta, V. T., Shi, Q., & Read, J. (2022). Blockchain-enabled intrusion detection and prevention system of APTs within zero trust architecture. Ieee Access, 10, 89270-89288.
[3] Lee, K., Lee, J., & Yim, K. (2023). Classification and analysis of malicious code detection techniques based on the APT attack. Applied Sciences, 13(5), 2894.
[4] Sakthivelu, U., & Vinoth Kumar, C. N. S. (2024). A multi-step APT attack detection using hidden Markov models by molecular magnetic sensors. Optical and Quantum Electronics, 56(3), 282.
[5] Sharma, A., Gupta, B. B., Singh, A. K., & Saraswat, V. K. (2023). Advanced persistent threats (apt): evolution, anatomy, attribution and countermeasures. Journal of Ambient Intelligence and Humanized Computing, 14(7), 9355-9381.
[6] Javed, S. H., Ahmad, M. B., Asif, M., Almotiri, S. H., Masood, K., & Ghamdi, M. A. A. (2022). An intelligent system to detect advanced persistent threats in industrial internet of things (I-IoT). Electronics, 11(5), 742.
[7] Reynolds, M. (2021). The art of attack: Attacker mindset for security professionals. John Wiley & Sons.
[8] Wu, J., & Wu, J. (2020). Security risks from vulnerabilities and backdoors. Cyberspace Mimic Defense: Generalized Robust Control and Endogenous Security, 3-38.
[9] Riggs, H., Tufail, S., Parvez, I., Tariq, M., Khan, M. A., Amir, A., ... & Sarwat, A. I. (2023). Impact, vulnerabilities, and mitigation strategies for cyber-secure critical infrastructure. Sensors, 23(8), 4060.
[10] Zimba, A., Chen, H., Wang, Z., & Chishimba, M. (2020). Modeling and detection of the multi-stages of Advanced Persistent Threats attacks based on semi-supervised learning and complex networks characteristics. Future Generation Computer Systems, 106, 501-517.
[11] Roy, S. (2024). Cyber Deception against Adversarial Reconnaissance in Enterprise Network using Semi-Indistinguishable Honeypot (Doctoral dissertation).
[12] Mallaboyev, N. M., Sharifjanovna, Q. M., Muxammadjon, Q., & Shukurullo, C. (2022, May). Information security issues. In Conference Zone (pp. 241-245).
[13] Nichols, R. A. (2020). Analysis of Factors to Reduce Advanced Persistent Threat (APT) Exploitation Risk: A Delphi Study. Capella University.
[14] Xiong, C., Zhu, T., Dong, W., Ruan, L., Yang, R., Cheng, Y., ... & Chen, X. (2020). CONAN: A practical real-time APT detection system with high accuracy and efficiency. IEEE Transactions on Dependable and Secure Computing, 19(1), 551-565.
[15] Zhang, C., Jia, D., Wang, L., Wang, W., Liu, F., & Yang, A. (2022). Comparative research on network intrusion detection methods based on machine learning. Computers & Security, 121, 102861.
[16] Yue, H., Li, T., Wu, D., Zhang, R., & Yang, Z. (2024). Detecting APT attacks using an attack intent-driven and sequence-based learning approach. Computers & Security, 140, 103748.
[17] Joloudari, J. H., Haderbadi, M., Mashmool, A., GhasemiGol, M., Band, S. S., & Mosavi, A. (2020). Early detection of the advanced persistent threat attack using performance analysis of deep learning. IEEE Access, 8, 186125-186137.
[18] Kumari, I., & Lee, M. (2023). A prospective approach to detect advanced persistent threats: Utilizing hybrid optimization technique. Heliyon, 9(11).
[19] Nguyen, H. C., Xuan, C. D., Nguyen, L. T., & Nguyen, H. D. (2023). A new framework for APT attack detection based on network traffic. Journal of Intelligent & Fuzzy Systems, 44(3), 3459-3474.
[20] Oliveira, N., Praça, I., Maia, E., & Sousa, O. (2021). Intelligent cyber attack detection and classification for network-based intrusion detection systems. Applied Sciences, 11(4), 1674.
[21] Vo, M. T., Nguyen, T., Vo, H. A., & Le, T. (2021). Noise-adaptive synthetic oversampling technique. Applied Intelligence, 51(11), 7827-7836.
[22] Panda, M. K., Subudhi, B. N., Veerakumar, T., & Jakhetiya, V. (2023). Modified ResNet-152 network with hybrid pyramidal pooling for local change detection. IEEE Transactions on Artificial Intelligence.
[23] Elhaik, E. (2022). Principal Component Analyses (PCA)-based findings in population genetic studies are highly biased and must be reevaluated. Scientific Reports, 12(1), 14683.
[24] Thongprayoon, C., Jadlowiec, C. C., Leeaphorn, N., Bruminhent, J., Acharya, P. C., Acharya, C., ... & Cheungpasitporn, W. (2021). Feature importance of acute rejection among black kidney transplant recipients by utilizing random forest analysis: an analysis of the UNOS database. Medicines, 8(11), 66.
[25] https://www.kaggle.com/datasets/sowmyamyneni/dapt2020?select=csv