Analysis of the Asymmetrical Relationships between State Actors and APT Threat Groups

Kim, Yu‐Kyung; Lee, Jemin Justin; Go, Myong-Hyun; Lee, Kyung-Ho

doi:10.1109/ictc49870.2020.9289506

Cited by 5 publications

(3 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Phishing exploits the weakest link in the system by impersonating a trusted entity for sensitive information (i.e., account credentials) [7,8], and the annual financial loss from the phishing activities in the U.S. accounts of 61 million USD to 3 billion USD [9]. According to the FBI's Internet Crime Report, phishing was the most common type of cybercrime in 2020.…”

Section: Literature Reviewmentioning

confidence: 99%

“…In McClure's presentation at RSA conference 2015 suggests that senior Sony executives, including CEO Michael Lynton, received fake Apple ID verification emails that contained a link to "ioscareteam.net" [30]. Kim et al [8] pointed out the spear phishing techniques were most widely used as "Initial Access" in the SPE hacking which carried out spreading malwares, deleting files, and corrupt master boot records (MBR).…”

Section: Phishing Campaignsmentioning

confidence: 99%

See 1 more Smart Citation

Focusing on the Weakest Link: A Similarity Analysis on Phishing Campaigns Based on the ATT&CK Matrix

Shin

Kim

Lee

et al. 2022

Security and Communication Networks

View full text Add to dashboard Cite

In the past, phishing techniques were a common means of attack carried out by individuals or small groups via spam mail on a randomly selected target. However, in recent years, phishing techniques have been adopted by advanced persistent threat (APT) groups to attack organizations such as the Sony Pictures Enterprise and Korea Hydro & Nuclear Power. As such, our study aims to analyze the past campaigns conducted by the APT groups. We aim to propose a countermeasure that corresponds to the phishing campaign by collecting datasets pertaining to the phishing techniques. Based on our past study, we collected private and public data from 16 different cases that utilize a phishing attack. Our research adopted MITRE’s ATT&CK framework and tactic, techniques, and procedures (TTPs) to extract and examine the various campaigns. The framework proposed in this study makes considerable contributions to both the private and public sectors, as the framework aids the organizations in counteracting the malicious threats performed by the APT groups.

show abstract

Section: Literature Reviewmentioning

confidence: 99%

Section: Phishing Campaignsmentioning

confidence: 99%

Focusing on the Weakest Link: A Similarity Analysis on Phishing Campaigns Based on the ATT&CK Matrix

Shin

Kim

Lee

et al. 2022

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…In other words, mobile malware attacks threaten cybersecurity in terms of confidentiality, integrity, and availability of data [3]. Established attack groups are capable of penetrating and destroying servers, networks, client software, client hardware, and mobile device users [7,8].…”

Section: Introductionmentioning

confidence: 99%

A Systematic Overview of the Machine Learning Methods for Mobile Malware Detection

Kim

Lee

et al. 2022

Security and Communication Networks

Self Cite

View full text Add to dashboard Cite

With the deployment of the 5G cellular system, the upsurge of diverse mobile applications and devices has increased the potential challenges and threats posed to users. Industry and academia have attempted to address cyber security challenges by implementing automated malware detection and machine learning algorithms. This study expands on previous research on machine learning-based mobile malware detection. We critically evaluate 154 selected articles and highlight their strengths and weaknesses as well as potential improvements. We explore the mobile malware detection techniques used in recent studies based on attack intentions, such as server, network, client software, client hardware, and user. In contrast to other SLR studies, our study classified the means of attack as supervised and unsupervised learning. Therefore, this article aims at providing researchers with in-depth knowledge in the field and identifying potential future research and a framework for a thorough evaluation. Furthermore, we review and summarize security challenges related to cybersecurity that can lead to more effective and practical research.

show abstract

A Game Theoretic Approach to the Design of Mitigation Strategies for Generic Ransomware

Baksi

Upadhyaya

2023

Communications in Computer and Information Science

View full text Add to dashboard Cite

Analysis of the Asymmetrical Relationships between State Actors and APT Threat Groups

Cited by 5 publications

References 6 publications

Focusing on the Weakest Link: A Similarity Analysis on Phishing Campaigns Based on the ATT&CK Matrix

Focusing on the Weakest Link: A Similarity Analysis on Phishing Campaigns Based on the ATT&CK Matrix

A Systematic Overview of the Machine Learning Methods for Mobile Malware Detection

A Game Theoretic Approach to the Design of Mitigation Strategies for Generic Ransomware

Contact Info

Product

Resources

About