Abstract
Advanced Persistent Threat (APT) has become one of the most complicated and intractable cyber attack over the last decade. As APT attacks are conducted through series of actions that comprise social engineering, phishing, command and control servers, and remote desktop control, conventional anti-virus mechanisms become insufficient because they were designed to cope with traditional stand-alone malware attacks. Furthermore, data transmission from the compromised network to the APT actors is usually well disguised and embedded in normal transmission, exacerbating the detection of APT attacks to the point that even major anti-virus firms are not sure about the ratio of discovered APT attacks against real attacks. To make things worse, APT actors tend to be well-organized and potentially government-funded groups of hackers and professionals who are capable of developing and maintaining malware specifically made for their own purposes and interpret the stolen data. While most efforts in defending against APT attacks focus on related technologies, this research argues the importance of constructing a holistic understanding by analyzing the behaviors and changes of ATP attacks and actors. This research aims to understand the evolution of technologies and malware on the one hand and the behavioral changes of attacking groups. By doing so, this research is expected to contribute to constructing a clearer roadmap of APT attacks and actors that cyber security providers can use as reference.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.