A Practical Study on Advanced Persistent Threats
Recently, many Advanced Persistent Threats (APTs) have emerged. APTs persistently collect information and data on a specific target using diverse attack techniques, examine the vulnerabilities of the target, and then carry out hacking using the data and examination result. An APT is very intelligent, as it selects a clear target and carries out specific attacks, unlike traditional hacking attempts. The APT has a very precise attack type because it employs indirect attacks on the terminals of the employees working for the target, as well as direct attacks. For this reason, it is very difficult to detect and handle an APT. In this paper, the recent attack methods used by APTs are described, and the attack pattern is analyzed to propose efficient countermeasures for preventing and handling APTs.
KeywordsAPT Security Cyber Attacks Threats Analysis
Unable to display preview. Download preview PDF.
- 1.Chen, T.M.: Stuxnet, the real start of cyber warfare? IEEE Network (2010)Google Scholar
- 2.Farwell, J.P., Rohozinski, R.: Stuxnet and the Future of Cyber War. Survival: Global Politics and Strategy (2011)Google Scholar
- 3.Symantec, Symantec report finds that more than a third of global targeted attacks are aimed against small businesses. Symantec Press Release (July 20, 2012) Google Scholar
- 4.Binde, B.E., McRee, R., O’Connor, T.J.: Assessing Outbound Traffic to Uncover Advanced Persistent Threat. SANS Technology Institute (2011)Google Scholar
- 5.Information-technology Promotion Agency, Design and Operational Guide to Cope with “Advanced Persistent Threats”. Japan (IPA) (August 2011) Google Scholar
- 6.Deibert, R., Manchanda, A., Rohozinski, R., Villeneuve, N.: Tracking GhostNet: Investigating a cyber espionage network. Information Warfare Monitor (2009)Google Scholar
- 7.Smith, A.M., Toppel, N.Y.: Case study: Using security awareness to combat the advanced persistent threat. In: 13th Colloquium for Information Systems Security (2009)Google Scholar
- 8.Hoglund, G.: Advanced Persistent Threat, What APT Means to Your Enterprise. HBGary (2009)Google Scholar
- 9.Perschke, S.: DLP tools deliver strong endpoint protection. Network World (August 13, 2012)Google Scholar
- 10.ISO 27000 Directory 2007, An Introduction To ISO 27001 (ISO27001) (2007), http://www.27000.org/iso-27001.html