Advanced Persistent Threat: Detection and Defence

04/22/2020
by   Mohammad Bilal Khan, et al.
0

The critical assessment presented within this paper explores existing research pertaining to the Advanced Persistent Threat (APT) branch of cyber security, applying the knowledge extracted from this research to discuss, evaluate and opinionate upon the areas of discussion as well as involving personal experiences and knowledge within this field. The synthesis of current literature delves into detection capabilities and techniques as well as defensive solutions for organisations with respect to APTs. Higher-tier detection and defensive strategies bear greater importance with larger organisations; especially government departments or organisations whose work impacts the public on a large scale. Successful APT attacks can result in the exfiltration of sensitive data, network down time and the infection of machines which allow for remote access from Command-and-control (C2) servers. This paper presents a well-rounded analysis of the Advanced Persistent Threat problem and provides well-reasoned conclusions of how to mitigate the security risk.

READ FULL TEXT
POST COMMENT

Comments

There are no comments yet.

Authors

page 1

03/28/2021

Data-Driven Threat Hunting Using Sysmon

Threat actors can be persistent, motivated and agile, and leverage a div...
03/27/2021

Strategically-Motivated Advanced Persistent Threat: Definition, Process, Tactics and a Disinformation Model of Counterattack

Advanced persistent threat (APT) is widely acknowledged to be the most s...
03/04/2021

Analyzing the Usefulness of the DARPA OpTC Dataset in Cyber Threat Detection Research

Maintaining security and privacy in real-world enterprise networks is be...
06/17/2019

A baseline for unsupervised advanced persistent threat detection in system-level provenance

Advanced persistent threats (APT) are stealthy, sophisticated, and unpre...
04/29/2020

Big Fish, Little Fish, Critical Infrastructure: An Analysis of Phineas Fisher and the 'Hacktivist' Threat to Critical Infrastructure

The hacktivist threat actor is listed in many risk decision documents. Y...
11/14/2020

Brief Report on QoSec, Context Aware Security and the Role of Physical Layer Security in 6G Wireless

While the security literature predominantly focuses on the core network,...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.