loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Luan Huy Pham 1 ; Massimiliano Albanese 1 and Benjamin W. Priest 2

Affiliations: 1 Center for Secure Information Systems, George Mason University, 4400 University Drive, Fairfax, VA 22030 and U.S.A. ; 2 Thayer School of Engineering, Dartmouth College, 14 Engineering Drive, Hanover, NH 03755 and U.S.A.

Keyword(s): Advanced Persistent Threats, Threat Modeling, Steiner Tree.

Related Ontology Subjects/Areas/Topics: Information and Systems Security ; Network Security ; Security in Information Systems ; Security Metrics and Measurement ; Wireless Network Security

Abstract: In recent years, Advanced Persistent Threats (APTs) have emerged as increasingly sophisticated cyber attacks, often waged by state actors or other hostile organizations against high-profile targets. APT actors employ a diversified set of sophisticated tools and advanced capabilities to penetrate target systems, evade detection, and maintain a foothold within compromised systems for extended periods of time. Stealth and persistence enable APT actors to conduct long-term espionage and sabotage operations. Despite significant efforts to develop APT detection and mitigation capabilities, the stealthy nature of APTs poses significant challenges, and defending from such threats is still an open research problem. In particular, quantitative models to capture how APTs may create and maintain a foothold within a target system are lacking. To address this gap, we propose a quantitative framework to (i) assess the cost incurred by APT actors to compromise and persist within a target system; (ii ) estimate the value they gain over time by persisting in the system; (iii) simulate how the footprint of an APT evolves over time when, to maintain stealth, attackers have constraints on the volume of potentially detectable activity they can engage in. We also propose a preliminary defender model, and results from the evaluation show that our approach is promising, thus encouraging further research in this direction. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.238.6.55

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Huy Pham, L.; Albanese, M. and W. Priest, B. (2018). A Quantitative Framework to Model Advanced Persistent Threats. In Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - SECRYPT; ISBN 978-989-758-319-3; ISSN 2184-3236, SciTePress, pages 282-293. DOI: 10.5220/0006872604480459

@conference{secrypt18,
author={Luan {Huy Pham}. and Massimiliano Albanese. and Benjamin {W. Priest}.},
title={A Quantitative Framework to Model Advanced Persistent Threats},
booktitle={Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - SECRYPT},
year={2018},
pages={282-293},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006872604480459},
isbn={978-989-758-319-3},
issn={2184-3236},
}

TY - CONF

JO - Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - SECRYPT
TI - A Quantitative Framework to Model Advanced Persistent Threats
SN - 978-989-758-319-3
IS - 2184-3236
AU - Huy Pham, L.
AU - Albanese, M.
AU - W. Priest, B.
PY - 2018
SP - 282
EP - 293
DO - 10.5220/0006872604480459
PB - SciTePress