loading
Documents

Research.Publish.Connect.

Paper

Authors: Luan Huy Pham 1 ; Massimiliano Albanese 1 and Benjamin W. Priest 2

Affiliations: 1 Center for Secure Information Systems, George Mason University, 4400 University Drive, Fairfax, VA 22030 and U.S.A. ; 2 Thayer School of Engineering, Dartmouth College, 14 Engineering Drive, Hanover, NH 03755 and U.S.A.

ISBN: 978-989-758-319-3

Keyword(s): Advanced Persistent Threats, Threat Modeling, Steiner Tree.

Related Ontology Subjects/Areas/Topics: Information and Systems Security ; Network Security ; Security in Information Systems ; Security Metrics and Measurement ; Wireless Network Security

Abstract: In recent years, Advanced Persistent Threats (APTs) have emerged as increasingly sophisticated cyber attacks, often waged by state actors or other hostile organizations against high-profile targets. APT actors employ a diversified set of sophisticated tools and advanced capabilities to penetrate target systems, evade detection, and maintain a foothold within compromised systems for extended periods of time. Stealth and persistence enable APT actors to conduct long-term espionage and sabotage operations. Despite significant efforts to develop APT detection and mitigation capabilities, the stealthy nature of APTs poses significant challenges, and defending from such threats is still an open research problem. In particular, quantitative models to capture how APTs may create and maintain a foothold within a target system are lacking. To address this gap, we propose a quantitative framework to (i) assess the cost incurred by APT actors to compromise and persist within a target system; (ii) estimate the value they gain over time by persisting in the system; (iii) simulate how the footprint of an APT evolves over time when, to maintain stealth, attackers have constraints on the volume of potentially detectable activity they can engage in. We also propose a preliminary defender model, and results from the evaluation show that our approach is promising, thus encouraging further research in this direction. (More)

PDF ImageFull Text

Download
Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 54.80.87.166

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Huy Pham L., Albanese M. and W. Priest B. (2018). A Quantitative Framework to Model Advanced Persistent Threats.In Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - Volume 1: SECRYPT, ISBN 978-989-758-319-3, pages 282-293. DOI: 10.5220/0006872604480459

@conference{secrypt18,
author={Luan Huy Pham and Massimiliano Albanese and Benjamin W. Priest},
title={A Quantitative Framework to Model Advanced Persistent Threats},
booktitle={Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - Volume 1: SECRYPT,},
year={2018},
pages={282-293},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006872604480459},
isbn={978-989-758-319-3},
}

TY - CONF

JO - Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - Volume 1: SECRYPT,
TI - A Quantitative Framework to Model Advanced Persistent Threats
SN - 978-989-758-319-3
AU - Huy Pham L.
AU - Albanese M.
AU - W. Priest B.
PY - 2018
SP - 282
EP - 293
DO - 10.5220/0006872604480459

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.