Abstract
A cyber kill chain is a traditional model to analyze cyber security threats, whether there is a malware inside a computer system, covert and illegitimate channels found on a network, or an insider threat. This model has been used by cyber security professionals extensively, however, has found little attention in the academic domain. Further, with the evolution of the threat landscape into more advanced and persistent threats, this model has been challenged due to its weakness to incorporate advanced threats that are able to change their signatures, behaviors and can hide inside a computing node and remain undetected by masquerading their true nature. This chapter describes the traditional kill chain model in detail; discusses weaknesses of this model; proposes a new kill chain analytical model that supports concurrent analysis of threat stages, as opposed to sequential analysis of the existing kill chain model; and explains how the new model mimics the human mental process of threat analysis with examples. The proposed cyber kill chain model strengthens the analysis model of cyber security experts and enriches cyber professionals’ understanding of threats and attacks holistically.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
