Abstract
In recent years, the growing frequency and intensity of Advanced Persistent Threats (APTs) have significantly undermined the legitimacy and financial stability of government agencies, enterprises, and other entities. Moreover, these attacks have shown the inherent vulnerabilities in conventional border defense strategies. The emergence of the zero trust network architecture can be attributed to the increasing complexity of the cyber threat landscape. With the application of risk assessment, this paper effectively tackles the challenges posed by conventional network defense limitations and enhances the efficiency of the access control decision-making process. Nevertheless, the existing risk assessment approaches primarily focus on conventional security assessment objectives, which exhibits a deficiency in the ability to dynamically assess APT attacks. The Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) Framework introduced in this paper is a novel approach to mitigating APT attacks. This paper aims to mine and analyze the frequent item set and correlation of cyber threat penetration attack techniques. The paper also intends to construct an attack technique relationship diagram and develop a tactical prediction model for cyber threat penetration attacks using the Markov chain model. Finally, our study aims to establish a risk propagation model for APT threats based on the aforementioned model. The approach presented in this paper significantly enhances the capacity of zero trust networks in addressing sophisticated cyber threats.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.