Toward the Use of Artificial Intelligence (AI) for Advanced Persistent Threat Detection
• Technical Report
Publisher
Software Engineering Institute
CMU/SEI Report Number
CMU/SEI-2024-TR-001DOI (Digital Object Identifier)
10.1184/R1/25282333Topic or Tag
Abstract
This report examines the feasibility and usefulness of implementing artificial intelligence (AI) and machine learning (ML) in cyber defense with a particular focus on advanced persistent threats (APTs). In this report, we examine the current state of AI-enabled APT defense. We begin by describing the stages that an APT must go through to succeed. Next, we perform a commercial market analysis of APT defenses. We then perform a bibliometric analysis to map out the academic research landscape on APTs. We highlight the strengths and limitations of research on the use of AI for APT defense. Finally, we offer practical recommendations that will help organizations start incorporating AI into their layered APT defense strategies.
Cite This Technical Report
Walsh, M., Worrell, C., & Scanlon, T. (2024, August 8). Toward the Use of Artificial Intelligence (AI) for Advanced Persistent Threat Detection. (Technical Report CMU/SEI-2024-TR-001). Retrieved December 21, 2024, from https://doi.org/10.1184/R1/25282333.
@techreport{walsh_2024,
author={Walsh, Matthew and Worrell, Clarence and Scanlon, Tom},
title={Toward the Use of Artificial Intelligence (AI) for Advanced Persistent Threat Detection},
month={{Aug},
year={{2024},
number={{CMU/SEI-2024-TR-001},
howpublished={Carnegie Mellon University, Software Engineering Institute's Digital Library},
url={https://doi.org/10.1184/R1/25282333},
note={Accessed: 2024-Dec-21}
}
Walsh, Matthew, Clarence Worrell, and Tom Scanlon. "Toward the Use of Artificial Intelligence (AI) for Advanced Persistent Threat Detection." (CMU/SEI-2024-TR-001). Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, August 8, 2024. https://doi.org/10.1184/R1/25282333.
M. Walsh, C. Worrell, and T. Scanlon, "Toward the Use of Artificial Intelligence (AI) for Advanced Persistent Threat Detection," Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, Technical Report CMU/SEI-2024-TR-001, 8-Aug-2024 [Online]. Available: https://doi.org/10.1184/R1/25282333. [Accessed: 21-Dec-2024].
Walsh, Matthew, Clarence Worrell, and Tom Scanlon. "Toward the Use of Artificial Intelligence (AI) for Advanced Persistent Threat Detection." (Technical Report CMU/SEI-2024-TR-001). Carnegie Mellon University, Software Engineering Institute's Digital Library, Software Engineering Institute, 8 Aug. 2024. https://doi.org/10.1184/R1/25282333. Accessed 21 Dec. 2024.
Walsh, Matthew; Worrell, Clarence; & Scanlon, Tom. Toward the Use of Artificial Intelligence (AI) for Advanced Persistent Threat Detection. CMU/SEI-2024-TR-001. Software Engineering Institute. 2024. https://doi.org/10.1184/R1/25282333