International Journal of Innovative Research in Information Security (IJIRIS)
Recently, long-term, advanced cyber-attacks targeting a specific enterprise or organization have been occurring again. These attacks occur over a long period and bypass detection by security systems unlike the existing attack pattern. For such reason, they create problems such as delayed real-time response and detection after damages have already been incurred. This paper introduces the design of technology that applies real-time network traffic monitoring to detect unknown functional cyber-attack on the network. Specifically, the algorithm was verified and evaluated in terms of performance in an actual commercial environment.