Abstract
Recently, many Advanced Persistent Threats (APTs) have emerged. APTs persistently collect information and data on a specific target using diverse attack techniques, examine the vulnerabilities of the target, and then carry out hacking using the data and examination result. An APT is very intelligent, as it selects a clear target and carries out specific attacks, unlike traditional hacking attempts. The APT has a very precise attack type because it employs indirect attacks on the terminals of the employees working for the target, as well as direct attacks. For this reason, it is very difficult to detect and handle an APT. In this paper, the recent attack methods used by APTs are described, and the attack pattern is analyzed to propose efficient countermeasures for preventing and handling APTs.
This research was supported by the KCC(Korea Communications Commission), Korea, under the R&D program supervised by the KCA(Korea Communications Agency)"(KCA-2012-12-912-06-003).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Chen, T.M.: Stuxnet, the real start of cyber warfare? IEEE Network (2010)
Farwell, J.P., Rohozinski, R.: Stuxnet and the Future of Cyber War. Survival: Global Politics and Strategy (2011)
Symantec, Symantec report finds that more than a third of global targeted attacks are aimed against small businesses. Symantec Press Release (July 20, 2012)
Binde, B.E., McRee, R., O’Connor, T.J.: Assessing Outbound Traffic to Uncover Advanced Persistent Threat. SANS Technology Institute (2011)
Information-technology Promotion Agency, Design and Operational Guide to Cope with “Advanced Persistent Threats”. Japan (IPA) (August 2011)
Deibert, R., Manchanda, A., Rohozinski, R., Villeneuve, N.: Tracking GhostNet: Investigating a cyber espionage network. Information Warfare Monitor (2009)
Smith, A.M., Toppel, N.Y.: Case study: Using security awareness to combat the advanced persistent threat. In: 13th Colloquium for Information Systems Security (2009)
Hoglund, G.: Advanced Persistent Threat, What APT Means to Your Enterprise. HBGary (2009)
Perschke, S.: DLP tools deliver strong endpoint protection. Network World (August 13, 2012)
ISO 27000 Directory 2007, An Introduction To ISO 27001 (ISO27001) (2007), http://www.27000.org/iso-27001.html
Park, N., Kwak, J., Kim, S., Won, D., Kim, H.: WIPI Mobile Platform with Secure Service for Mobile RFID Network Environment. In: Shen, H.T., Li, J., Li, M., Ni, J., Wang, W. (eds.) APWeb Workshops 2006. LNCS, vol. 3842, pp. 741–748. Springer, Heidelberg (2006)
Park, N.: Implementation of Terminal Middleware Platform for Mobile RFID computing. International Journal of Ad Hoc and Ubiquitous Computing 8(4), 205–219 (2011)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Jeun, I., Lee, Y., Won, D. (2012). A Practical Study on Advanced Persistent Threats. In: Kim, Th., et al. Computer Applications for Security, Control and System Engineering. Communications in Computer and Information Science, vol 339. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35264-5_21
Download citation
DOI: https://doi.org/10.1007/978-3-642-35264-5_21
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-35263-8
Online ISBN: 978-3-642-35264-5
eBook Packages: Computer ScienceComputer Science (R0)