A Practical Study on Advanced Persistent Threats

  • Inkyung Jeun
  • Youngsook Lee
  • Dongho Won
Part of the Communications in Computer and Information Science book series (CCIS, volume 339)


Recently, many Advanced Persistent Threats (APTs) have emerged. APTs persistently collect information and data on a specific target using diverse attack techniques, examine the vulnerabilities of the target, and then carry out hacking using the data and examination result. An APT is very intelligent, as it selects a clear target and carries out specific attacks, unlike traditional hacking attempts. The APT has a very precise attack type because it employs indirect attacks on the terminals of the employees working for the target, as well as direct attacks. For this reason, it is very difficult to detect and handle an APT. In this paper, the recent attack methods used by APTs are described, and the attack pattern is analyzed to propose efficient countermeasures for preventing and handling APTs.


APT Security Cyber Attacks Threats Analysis 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Chen, T.M.: Stuxnet, the real start of cyber warfare? IEEE Network (2010)Google Scholar
  2. 2.
    Farwell, J.P., Rohozinski, R.: Stuxnet and the Future of Cyber War. Survival: Global Politics and Strategy (2011)Google Scholar
  3. 3.
    Symantec, Symantec report finds that more than a third of global targeted attacks are aimed against small businesses. Symantec Press Release (July 20, 2012) Google Scholar
  4. 4.
    Binde, B.E., McRee, R., O’Connor, T.J.: Assessing Outbound Traffic to Uncover Advanced Persistent Threat. SANS Technology Institute (2011)Google Scholar
  5. 5.
    Information-technology Promotion Agency, Design and Operational Guide to Cope with “Advanced Persistent Threats”. Japan (IPA) (August 2011) Google Scholar
  6. 6.
    Deibert, R., Manchanda, A., Rohozinski, R., Villeneuve, N.: Tracking GhostNet: Investigating a cyber espionage network. Information Warfare Monitor (2009)Google Scholar
  7. 7.
    Smith, A.M., Toppel, N.Y.: Case study: Using security awareness to combat the advanced persistent threat. In: 13th Colloquium for Information Systems Security (2009)Google Scholar
  8. 8.
    Hoglund, G.: Advanced Persistent Threat, What APT Means to Your Enterprise. HBGary (2009)Google Scholar
  9. 9.
    Perschke, S.: DLP tools deliver strong endpoint protection. Network World (August 13, 2012)Google Scholar
  10. 10.
    ISO 27000 Directory 2007, An Introduction To ISO 27001 (ISO27001) (2007),
  11. 11.
    Park, N., Kwak, J., Kim, S., Won, D., Kim, H.: WIPI Mobile Platform with Secure Service for Mobile RFID Network Environment. In: Shen, H.T., Li, J., Li, M., Ni, J., Wang, W. (eds.) APWeb Workshops 2006. LNCS, vol. 3842, pp. 741–748. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  12. 12.
    Park, N.: Implementation of Terminal Middleware Platform for Mobile RFID computing. International Journal of Ad Hoc and Ubiquitous Computing 8(4), 205–219 (2011)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Inkyung Jeun
    • 1
  • Youngsook Lee
    • 2
  • Dongho Won
    • 3
  1. 1.Korea Internet & Security AgencyKorea
  2. 2.Department of Cyber Investigation PoliceHowon UniversityKorea
  3. 3.School of Information and Communication EngineeringSungkyunkwan UniversityKorea

Personalised recommendations