A Detailed Study on Advanced Persistent Threats: A Sophisticated Threat
DOI:
https://doi.org/10.51983/ajcst-2018.7.S1.1797Keywords:
Advanced Persistent Threats, Attacks, EffectsAbstract
In the present world computer networks are used to store sensitive information and to provide services for organizations and society. The growth of internet and the increased use of computers in society along with smart devices lead to the increase in cyber crimes and persistent attacks. The most complex and advanced attacks are targeted attacks which are specifically aimed at companies or governments to accomplish the predetermined goals such as economic advantages, strategic benefits, getting control of sensitive information. Hackers try to access sensitive data from cyber space and there by become as advanced malware developers for the security systems. One type of such attack is Advanced Persistent Threats (APT) which targets the governmental institutions, military, multinational enterprises, financial industry, manufacturing and banks. The approach that is followed by the attackers are repeated attempts using different methods such as , stealth approach, adapting to the existing defense mechanisms, stealthily infiltrating the network to avoid any suspicions like involving in sleep modes before commencing any attack. The effects of these attacks are ex-filtration of key intelligence property, stoppage of fundamental services, and destruction of critical infrastructure. This paper is about the detailed study of Advanced Persistent threats to provide an idea about the advanced attacks.
References
V. N. Harikrishnan and T. Gireesh Kumar, "Advanced Persistent Threat Analysis using Splunk," Vol. 118, No. 20, pp. 3761-3768, 2018.
Mandian – FireEye Inc, "M-Trends 2015 A View from the Front Lines," Tech. Rep., 2014.
N. Virvilis and D. Gritzalis, "The Big Four – What We Did Wrong in Advanced Persistent Threat Detection?" In Availability, Reliability and Security (ARES), Eighth International Conference on, Sept 2013, pp. 248–254, 2013.
Splunk Inc., "Splunk for Security: Supporting a Big Data Approach for Security Intelligence," [Online] Available at: http://www.splunk.com/web_assets/pdfs/secure/Splunk_for_Security.pdf, 2014.
R.O.M.A.N. Jasek, M.A.R.T.I.N. Kolarik, and T.O.M.A.S. Vymola, "APT detection system using honeypots," Proceedings of the 13th International Conference on Applied Informatics and Communications (AIC’13), WSEAS Press. 2013.
Marchetti et al., "Analysis of high volumes of network traffic for Advanced Persistent Threat detection," Computer Networks, Vol. 109, pp. 127-141, 2016.
Zhao et al., "Detecting APT malware infections based on malicious DNS and traffic analysis," IEEE Access, Vol. 3, pp.1132-1142, 2015.
Leyla Bilge et al., "Exposure: Finding Malicious Domains Using Passive DNS Analysis," NDSS. 2011.
Igor Anastasov and DancoDavcev, "SIEM implementation for global and distributed environments," Computer Applications and Information Systems (WCCAIS), 2014 World Congress on. IEEE, 2014.
M. Siva Niranjan Raja and A. R. Vasudevan, "Rule Generation for TCP SYN Flood attack in SIEM Environment," Procedia Computer Science, Vol. 115, pp. 580-587, 2017.
L. Bilge, E. Kirda, C. Kruegel, and M. Balduzzi, "EXPOSURE: Finding malicious domains using passive DNS analysis," in Proc. NDSS, 2011.
E. Stalmans and B. Irwin, "A framework for DNS based detection and mitigation of malware infections on a network," in Proc Inf. Secur.South Africa (ISSA), pp. 1- 8, Aug. 2011.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2018 The Research Publication
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.