Advanced Persistent Threats Attacks in Cyberspace. Threats, Vulnerabilities, Methods of Protection
Artur Rot, Boguslaw Olszewski
DOI: http://dx.doi.org/10.15439/2017F488
Citation: Position Papers of the 2017 Federated Conference on Computer Science and Information Systems, M. Ganzha, L. Maciaszek, M. Paprzycki (eds). ACSIS, Vol. 12, pages 113–117 (2017)
Abstract. According to Kaspersky Lab research, APT -- Advanced Persistent Threats -- are one of the biggest threats in IT as of 2016. Organised groups, keeping contact in various languages, have attacked the IT systems of financial institutions, government, military and diplomatic agencies, telecom and power supply companies, politicians and activists, and private companies, and these attacks were global in scope. APT should be seen as a complex phenomenon, an existing danger to companies, organisations and public entities. This article showcases the problem of APT, the biggest threats related to them, and chosen methods and tools that can be effectively used to counter APT attacks. An effective, multi-layered defence model is outlined in the article as well.
References
- A Case Study In Security Big Data Analysis, 2016, http://www.darkreading.com/analytics/security-monitoring/a-case-study-in-security-big-data-analysis/d/d-id/1137299
- Ashford W., “How to combat advanced persistent threats: APT strategies to protect your organization”, 2016, http://www. computerweekly.com/feature/How-to-combat-advanced-persistent-threats-APT-strategies-to-protect-your-organisation
- Cárdenas A.A., Manadhata P.K., Rajan S. (eds.), Big Data Analytics for Security Intelligence, Cloud Security Alliance, 2013, https://downloads.cloudsecurityalliance.org/initiatives/bdwg/Big_Data_Analytics_for_Security_ Intelligence.pdf
- Cyber Espionage: The harsh reality of advanced security threats, Deloitte: Center for Security & Privacy Solutions, 2016, https://www.isaca.org/chapters1/phoenix/events/Documents/cyber_espionage.pdf
- Gajewski, M., „Cyberataki typu APT nowym frontem wojny”, Chip.pl, 2013, http://www.chip.pl/news/bezpieczenstwo/luki-bezpieczenstwa /2013/03/cyberataki-typu-apt-nowym-frontem-wojny
- Cyberbezpieczenstwo 2016: 5 trendow, jakich powinnismy sie obawiać, http://serwisy.gazetaprawna.pl/nowe-technologie/artykuly/ 914855,cyberbezpieczenstwo-2016-5-trendow-jakich-powinnismy-sie-obawiac.html
- Ghafir I., Prenosil V., “Advanced Persistent Threat Attack Detection: An Overview”, Proceedings of International Conference On Advances in Computing, Electronics and Electrical Technology, Kuala Lumpur, 2014 p. 154
- Kim H., Kim J., Kim I., Chung T., “Behavior-based anomaly detection on Big Data”, The Proceedings of the 13th Australian Information Security Management Conference 2015, Perth, 2015, pp. 73-80
- Hudson B., “Advanced Persistent Threats: Detection, Protection and Prevention”, Sophos, 2013, p. 6. https://www.lifeboatdistribution.com /con-tent/vendor/sophos/whitepaper-sophos-advanced-persistent threats-detection-protection-prevention.pdf
- IBM Security Intelligence with Big Data, http://www-03.ibm.com/security/solution/intelligence-big-data/
- Jover R.P., Giura P., “How vulnerabilities in wireless networks can enable Advanced Persistent Threats”, International Journal on Information Technology (IREIT), No.1 (2) 2013, p. 145- 151, http://www.research.att.com/techdocs/TD_100739
- Kim J., Lee T., Kim H., Park H., “Detection of Advanced Persistent Threat by Analyzing the Big Data Log”, Advanced Science and Technology Letters 2013, vol. 29 (SecTech 2013), p. 32
- Managing cyber risks in an interconnected world. Key findings from The Global State of In-formation Security Survey 2015, PWC, 2014, http://www.pwccn.com/home/webmedia/635527689739110925/rcs_info_security2015.pdf
- Muszynski J., Shipley G., “Narzedzia SIEM (Security Information and Event Management)”, 2016, http://www.computerworld.pl/news/ 325855/Narzedzia.SIEM.Security.Information.and.Event.Management.html
- Pietrzak P., „Jak skutecznie obslugiwac zaawansowane ataki APT (Advanced Persistent Threats)”, https://magazyn.mediarecovery.pl/jak-skutecznie-obslugiwac-zaawansowane-ataki-apt-tzw-advanced-persistent-threats
- Rot A., Sobinska M., “IT security threats in cloud computing sourcing model”, M Ganzha, L Maciaszek, M Paprzycki (eds.) Proceedings of the 2013 Federated Conference on Computer Science and Information, PTI, Cracow 2013, fedcsis.org/proceedings/2013/pliks/fedcsis.pdf
- Rot A., “Zarządzanie ryzykiem w cyberprzestrzeni – wybrane zagadnienia teorii i praktyki”, Projektowanie i realizacja systemow informatycznych zarzadzania. Wybrane aspekty, Komorowski T.M., Swacha J. (eds.), Polish Information Processing Society PTI, Warsaw 2016
- Rot A., “Enterprise Information Technology Security: Risk Management Perspective”, Proceedings of the World Congress on Engineering and Computer Science 2009, Vol II, 2009, pp. 1171-1176
- Using Deep Learning To Detect Threat, SignalSense, White Paper, p. 2. http://www.ten-inc.com/presentations/deep_learning.pdf
- Virgillito D., “Cyber Crime Security Risks for Healthcare Companies”, 2013, http://massivealliance.com/2013/12/18/cyber-crime-security-risks-healthcare
- Why Should Enterprises Choose EventLog Analyzer as Their SIEM Solution? https://www. manageengine.com/products/eventlog/ manageengine-siem-whitepaper.html
- Zscaler Announces Comprehensive Cloud-based APT Solution, https://www.zscaler.com/press/zscaler-announces-comprehensive-cloud-based-apt-solution