Logo PTI
Polish Information Processing Society
Logo FedCSIS

Annals of Computer Science and Information Systems, Volume 12

Position Papers of the 2017 Federated Conference on Computer Science and Information Systems

Advanced Persistent Threats Attacks in Cyberspace. Threats, Vulnerabilities, Methods of Protection

,

DOI: http://dx.doi.org/10.15439/2017F488

Citation: Position Papers of the 2017 Federated Conference on Computer Science and Information Systems, M. Ganzha, L. Maciaszek, M. Paprzycki (eds). ACSIS, Vol. 12, pages 113117 ()

Full text

Abstract. According to Kaspersky Lab research, APT -- Advanced Persistent Threats -- are one of the biggest threats in IT as of 2016. Organised groups, keeping contact in various languages, have attacked the IT systems of financial institutions, government, military and diplomatic agencies, telecom and power supply companies, politicians and activists, and private companies, and these attacks were global in scope. APT should be seen as a complex phenomenon, an existing danger to companies, organisations and public entities. This article showcases the problem of APT, the biggest threats related to them, and chosen methods and tools that can be effectively used to counter APT attacks. An effective, multi-layered defence model is outlined in the article as well.

References

  1. A Case Study In Security Big Data Analysis, 2016, http://www.darkreading.com/analytics/security-monitoring/a-case-study-in-security-big-data-analysis/d/d-id/1137299
  2. Ashford W., “How to combat advanced persistent threats: APT strategies to protect your organization”, 2016, http://www. computerweekly.com/feature/How-to-combat-advanced-persistent-threats-APT-strategies-to-protect-your-organisation
  3. Cárdenas A.A., Manadhata P.K., Rajan S. (eds.), Big Data Analytics for Security Intelligence, Cloud Security Alliance, 2013, https://downloads.cloudsecurityalliance.org/initiatives/bdwg/Big_Data_Analytics_for_Security_ Intelligence.pdf
  4. Cyber Espionage: The harsh reality of advanced security threats, Deloitte: Center for Security & Privacy Solutions, 2016, https://www.isaca.org/chapters1/phoenix/events/Documents/cyber_espionage.pdf
  5. Gajewski, M., „Cyberataki typu APT nowym frontem wojny”, Chip.pl, 2013, http://www.chip.pl/news/bezpieczenstwo/luki-bezpieczenstwa /2013/03/cyberataki-typu-apt-nowym-frontem-wojny
  6. Cyberbezpieczenstwo 2016: 5 trendow, jakich powinnismy sie obawiać, http://serwisy.gazetaprawna.pl/nowe-technologie/artykuly/ 914855,cyberbezpieczenstwo-2016-5-trendow-jakich-powinnismy-sie-obawiac.html
  7. Ghafir I., Prenosil V., “Advanced Persistent Threat Attack Detection: An Overview”, Proceedings of International Conference On Advances in Computing, Electronics and Electrical Technology, Kuala Lumpur, 2014 p. 154
  8. Kim H., Kim J., Kim I., Chung T., “Behavior-based anomaly detection on Big Data”, The Proceedings of the 13th Australian Information Security Management Conference 2015, Perth, 2015, pp. 73-80
  9. Hudson B., “Advanced Persistent Threats: Detection, Protection and Prevention”, Sophos, 2013, p. 6. https://www.lifeboatdistribution.com /con-tent/vendor/sophos/whitepaper-sophos-advanced-persistent threats-detection-protection-prevention.pdf
  10. IBM Security Intelligence with Big Data, http://www-03.ibm.com/security/solution/intelligence-big-data/
  11. Jover R.P., Giura P., “How vulnerabilities in wireless networks can enable Advanced Persistent Threats”, International Journal on Information Technology (IREIT), No.1 (2) 2013, p. 145- 151, http://www.research.att.com/techdocs/TD_100739
  12. Kim J., Lee T., Kim H., Park H., “Detection of Advanced Persistent Threat by Analyzing the Big Data Log”, Advanced Science and Technology Letters 2013, vol. 29 (SecTech 2013), p. 32
  13. Managing cyber risks in an interconnected world. Key findings from The Global State of In-formation Security Survey 2015, PWC, 2014, http://www.pwccn.com/home/webmedia/635527689739110925/rcs_info_security2015.pdf
  14. Muszynski J., Shipley G., “Narzedzia SIEM (Security Information and Event Management)”, 2016, http://www.computerworld.pl/news/ 325855/Narzedzia.SIEM.Security.Information.and.Event.Management.html
  15. Pietrzak P., „Jak skutecznie obslugiwac zaawansowane ataki APT (Advanced Persistent Threats)”, https://magazyn.mediarecovery.pl/jak-skutecznie-obslugiwac-zaawansowane-ataki-apt-tzw-advanced-persistent-threats
  16. Rot A., Sobinska M., “IT security threats in cloud computing sourcing model”, M Ganzha, L Maciaszek, M Paprzycki (eds.) Proceedings of the 2013 Federated Conference on Computer Science and Information, PTI, Cracow 2013, fedcsis.org/proceedings/2013/pliks/fedcsis.pdf
  17. Rot A., “Zarządzanie ryzykiem w cyberprzestrzeni – wybrane zagadnienia teorii i praktyki”, Projektowanie i realizacja systemow informatycznych zarzadzania. Wybrane aspekty, Komorowski T.M., Swacha J. (eds.), Polish Information Processing Society PTI, Warsaw 2016
  18. Rot A., “Enterprise Information Technology Security: Risk Management Perspective”, Proceedings of the World Congress on Engineering and Computer Science 2009, Vol II, 2009, pp. 1171-1176
  19. Using Deep Learning To Detect Threat, SignalSense, White Paper, p. 2. http://www.ten-inc.com/presentations/deep_learning.pdf
  20. Virgillito D., “Cyber Crime Security Risks for Healthcare Companies”, 2013, http://massivealliance.com/2013/12/18/cyber-crime-security-risks-healthcare
  21. Why Should Enterprises Choose EventLog Analyzer as Their SIEM Solution? https://www. manageengine.com/products/eventlog/ manageengine-siem-whitepaper.html
  22. Zscaler Announces Comprehensive Cloud-based APT Solution, https://www.zscaler.com/press/zscaler-announces-comprehensive-cloud-based-apt-solution