Survey of publicly available reports on advanced persistent threat actors

Lemay, Antoine; Calvet, Joan Vivancos; Menet, François; Fernandez, José M.

doi:10.1016/j.cose.2017.08.005

Cited by 124 publications

(70 citation statements)

References 2 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…As an open source tools, it also groups as penetration testing or security auditing tools. The action plan for creating the adversary profile are determined in [29] customizable Markov decision processes (MDPs) heuristic to calculate the score. The score is used to calculate the adversary's probabilistic in ordering the different techniques used by the adversary's purposes and based on skills, knowledge etc., The mean and the std deviation are calculated to identify the variances between the actions of the adversaries in listing the profile to secure the assets of the organization.…”

Section: Resultsmentioning

confidence: 99%

See 1 more Smart Citation

Prediction of Adversary’s TTP using Caldera

2019

IJITEE

View full text Add to dashboard Cite

Due to the ubiquity of the internet in all the lines of the disciplines, cyber security becomes essential in day to day life. To make the cyber assets resilient from the challenging attacks like Advanced Persistent Threats (APT), the experts needs a strategic rules and proactive decision-making models The Caldera is a adversarial emulator for both blue and red team to test the APT along with the cyber kill chain(CKC).The resilience could be achieved when the blue team and red team work together in analyzing the cyber threats based on the probabilistic of creating adversarial profile with different characteristic helps in finding the priority of the assets of the organization from the point of an adversary in launching the cyber -attack.

show abstract

Section: Resultsmentioning

confidence: 99%

“…In the table II, [29] Matrix it relates the APT groups and the usage of CKC, in launching the attack. Every APT group focuses on their targets for different purposes through different tactic and techniques which is available for the perpetuality at the instance.…”

Section: Cyber Kill Chain (Ckc)mentioning

confidence: 99%

Prediction of Adversary’s TTP using Caldera

2019

IJITEE

View full text Add to dashboard Cite

show abstract

“…Therefore, here we will first review the most important APT threats and groups that have specifically targeted industrial control systems. For the interested reader, a more detailed review of these APTs -including exploited vulnerabilities, software modules, etc -is available at [10].…”

Section: Attack and Defense Models 31 Review Of Existing Apts Apt Smentioning

confidence: 99%

Tracking Advanced Persistent Threats in Critical Infrastructures Through Opinion Dynamics

Rubio

Román

Zhang

2018

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Advanced persistent threats pose a serious issue for modern industrial environments, due to their targeted and complex attack vectors that are difficult to detect. This is especially severe in critical infrastructures that are accelerating the integration of IT technologies. It is then essential to further develop effective monitoring and response systems that ensure the continuity of business to face the arising set of cyber-security threats. In this paper, we study the practical applicability of a novel technique based on opinion dynamics, that permits to trace the attack throughout all its stages along the network by correlating different anomalies measured over time, thereby taking the persistence of threats and the criticality of resources into consideration. The resulting information is of essential importance to monitor the overall health of the control system and correspondingly deploy accurate response procedures. Advanced Persistent Threat Detection Traceability Opinion Dynamics.

show abstract

“…84 Crowdstrike's initial findings have been largely supported by other cybersecurity firms and by the Intelligence community. 85 Beyond hacking the campaigns, the Department of Homeland Security (DHS) contacted election officials in 21 states to notify them they have been the targets of Russian government hackers. 86 DHS alerted election officials that Russian hackers were trying to hack both voter registration files and public election sites.…”

Section: Cdd Efforts Against Russia and Their Effectsmentioning

confidence: 99%

Back to Reality: Cross Domain Deterrence and Cyberspace

Brantly

2018

SSRN Journal

View full text Add to dashboard Cite

This paper examines cross domain deterrence strategies involving cyber incidents. By focusing on efforts to halt Russian and Chinese cyber operations against the United States this paper examines the importance of developing, maintaining and implementing (when necessary) cross domain deterrence strategies. This paper departs from more theoretic debates on the value and potential success, or lack thereof relating to cyber deterrence strategies and focuses on two cases in which cross domain retaliations were utilized to halt adversary behavior. From these two cases this paper posits a preliminary theory of cross domain deterrence applicable to cyber interactions between states and advances the debates in the field by shifting the center of gravity away from within domain responses to other mechanisms to deter adversary behavior.Brantly 2 Deterrence in cyberspace is a vexing problem plagued a range of challenges including attribution, proportionality and capability. 1 For the better part of the last two decades scholars and practitioners have sought out solutions to the cyber deterrence conundrum by leaning heavily on nuclear analogies or conventional International Relations or criminological paradigms. 2 Parallels to more conventional kinetic attacks are hampered for a variety of reasons, largest of which appears to be a lack of cognitive equivalence between kinetic and cyber means to achieve the same effect. 3 This lack of equivalence often constrains decision-making to within domain response options often predicated on deterrence strategies by denial or punishment within cyberspace. Rarely do cyber activities at the nation state level result cross-domain responses. Tim Maurer lists the two cyber actors most threatening based on capabilities as Russia and China. 4 Both China and Russia have, over the last 20 years, engaged in substantial cyber operations against the United States in the form of attacks against critical infrastructure or sustained economic espionage. The United States has engaged in moderate efforts at deterring both actors external to cyberspace. These efforts have had markedly different effects on the types and continuance of cyber-attacks against the United States.The data pool of cross-domain deterrence in response to cyber-attacks is limited within the public domain. The two most prominent cases to date are U.S. efforts to deter for-profit economic espionage by Chinese actors and efforts to deter Russian information operations and cyber intrusions into U.S. election processes and infrastructures. This chapter focuses on these two instances of cross-domain responses and assesses the strategic impact of these actions on the status quo of state to state interactions. This chapter argues that by signaling to an attacking nation a clear and credible cross-domain response the United States is able to alter the framing and lack of 1 Brantly, Aaron F.Brantly 3 cognitive equivalence of between kinetic and cyber-attacks while simultaneously managing potential escalatory concern. Cross-domain responses b...

show abstract

Survey of publicly available reports on advanced persistent threat actors

Cited by 124 publications

References 2 publications

Prediction of Adversary’s TTP using Caldera

Prediction of Adversary’s TTP using Caldera

Tracking Advanced Persistent Threats in Critical Infrastructures Through Opinion Dynamics

Back to Reality: Cross Domain Deterrence and Cyberspace

Contact Info

Product

Resources

About