Abstract
Today we live in the age of cyberwar. Cyberwarfare is Internet-based conflict involving politically motivated attacks on information and information systems. Cyberwarfare attacks can disable official websites and networks, disrupt, or disable essential services, steal or alter classified data, and cripple financial systems among many other possibilities. The number and complexity of these cyber-attacks has been increasing steadily. The commonly name used for these attacks is APT (Advanced Persistent Threat). APT commonly target the communication and information systems of government, military, and industrial organizations; a clear indication of the level of sophistication of APT is their impressive arsenal. Advances in attacker sophistication have not been matched by similar defensive one. To defend against such sophisticated adversaries, it is necessary to redesign our defenses and develop technologies focused more on detection than prevention. In recent years, the massive use of the mobile devices has shifted the focus of the attackers on the mobile world. Increasingly, these devices are used in the enterprise and government world. Obviously, the purpose is to detect the presence of APT in the mobile field. The purpose of this paper is to implement a new and unconventional method to detect APT based on detection and not on prevention.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Chen, P., Desmet, L., Huygens, C.: A Study on Advanced Persistent Threats, pp. 63–72. Springer, Heidelberg (2014)
Searle, J., Rasche, G., Wright, A., Dinnage, S.: NESCOR guide to penetration testing for electric utilities (2016)
Yan, J., Govindarasu, M., Liu, C.-C., Ni, M., Vaidya, U.: Risk assessment framework for power control systems with PMU-based intrusion response system. J. Mod. Power Syst. Clean Energy 3(3), 321–331 (2015)
Moore, A.P., Ellison, R.J., Linger, R.C.: Attack modeling for information security and survivability. Carnegie Mellon University (2001)
Grochocki, D., Huh, J.H., Berthier, R., Bobba, R., Sanders, W.H., Crdenas, A.A., Jetcheva, J.G.: AMI threats, intrusion detection requirements and deployment recommendations. In: IEEE Third International Conference on Smart Grid Communications (SmartGridComm) (2012)
Ten, C.W., Liu, C.C., Govindarasu, M.: Vulnerability assessment of cybersecurity for SCADA systems using attack trees. In: IEEE Power Engineering Society General Meeting (2007)
Chen, T.M., Sanchez-Aarnoutse, J.C., Buford, J.: Petri net modeling of cyber-physical attacks on smart grid. IEEE Trans. Smart Grid 2(4), 741–749 (2011)
Zseby, T., Fabini, J.: Security challenges for wide area monitoring in smart grids. Elektrotechnik und Informationstechnik 131(3), 105–111 (2014)
Blask, C., Lee, A., et al.: NESCOR Electric Sector Failure Scenarios and Impact Analyses. Technical report (2013)
Dan, G., Sandberg, H., Bjorkman, G., Ekstedt, M.: Challenges in power system information security. IEEE Secur. Priv. 10(4), 62–70 (2012)
Paudel, S., Smith, P., Zseby, T.: Data integrity attacks in smart grid wide area monitoring. In: 4th International Symposium for ICS and SCADA Cyber Security Research (2016)
Dehghani, M., Khalafi, Z., Khalili, A., Sami, A.: Integrity attack detection in PMU networks using static state estimation algorithm. In: PowerTech. IEEE (2015)
Taha, A.F., Qi, J., Wang, J., Panchal, J.H.: Risk mitigation for dynamic state estimation against cyber-attacks and unknown inputs. In: The Computing Research Repository (2015)
Pal, S., Sikdar, B., Chow, J.: Real-time detection of packet drop attacks on synchrophasor data. In: IEEE International Conference on Smart Grid Communications (2014)
Rahman, M.A., Al-Shaer, E., Bera, P.: A noninvasive threat analyzer for advanced metering infrastructure in smart grid. IEEE Trans. Smart Grid 4(1), 273–287 (2013)
Jauhar, S., Chen, B., Temple, W.G., Dong, X., Kalbarczyk, Z., Sanders, W.H., Nicol, D.M.: Model-based cybersecurity assessment with NESCOR smart grid failure scenarios. In: Proceedings of the 2015 IEEE 21st Pacific Rim International Symposium on Dependable Computing (PRDC), pp. 319–324, 18–20 November 2015
Cazorla, L., Alcaraz, C., Lopez, J.: Cyber stealth attacks in critical information infrastructures. IEEE Syst. J. (2016)
Adamiak, M., Baigent, D., Mackiewicz, R.: IEC 61850 Communication Networks and Systems in Substations (2010)
Kim, T.T., Poor, H.V.: Strategic protection against data injection attacks on power grids. IEEE Trans. Smart Grid 2(2), 326–333 (2011)
Jiang, X., Zhang, J., Harding, B.J., Makela, J.J., Dominguez-Garca, A.D.: Spoofing GPS receiver clock offset of phasor measurement units. IEEE Trans. Power Syst. 28(3), 3253–3262 (2013)
Silowash, G., Cappelli, D., Moore, A., Trzeciak, R., Shimeall, T.J., Flynn, L.: Common sense guide to mitigating insider threats, 4th edn. (No. CMU/SEI-2012-TR-012). Carnegie-Mellon Univ Pittsburgh PA Software Engineering Inst (2012)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Maccari, M., Polzonetti, A., Sagratella, M. (2019). Detection: Definition of New Model to Reveal Advanced Persistent Threat. In: Arai, K., Bhatia, R., Kapoor, S. (eds) Proceedings of the Future Technologies Conference (FTC) 2018. FTC 2018. Advances in Intelligent Systems and Computing, vol 881. Springer, Cham. https://doi.org/10.1007/978-3-030-02683-7_22
Download citation
DOI: https://doi.org/10.1007/978-3-030-02683-7_22
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-02682-0
Online ISBN: 978-3-030-02683-7
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)