Figure - uploaded by Khalid Abdulrazzaq Alminshid
Content may be subject to copyright.
![Traditional attacks and APT attacks: comparison Source:[16]](profile/Khalid-Alminshid/publication/342700071/figure/tbl1/AS:909912418824193@1593951434468/Traditional-attacks-and-APT-attacks-comparison-Source16.png)
Source publication
![Figure 1-APT attack process. source: [22]](profile/Khalid-Alminshid/publication/342700071/figure/fig1/AS:909912418811906@1593951434328/APT-attack-process-source-22_Q320.jpg)
![Traditional attacks and APT attacks: comparison Source:[16]](profile/Khalid-Alminshid/publication/342700071/figure/tbl1/AS:909912418824193@1593951434468/Traditional-attacks-and-APT-attacks-comparison-Source16_Q320.jpg)
![Groups and Operations of APT29 Source: [23]](profile/Khalid-Alminshid/publication/342700071/figure/tbl2/AS:909912418811908@1593951434496/Groups-and-Operations-of-APT29-Source-23_Q320.jpg)
So far, APT (Advanced Persistent Threats) is a constant concern for information security. Despite that, many approaches have been used in order to detect APT attacks, such as change controlling, sandboxing and network traffic analysis. However, success of 100% couldn’t be achieved. Current studies have illustrated that APTs adopt many complex techn...
Contexts in source publication
Context 1
... are more sophisticated than traditional attacks such as viruses, trojans, malware, worms and, backdoors. Table-1 shows the comparison between the APT attacks and traditional attacks. ...Citations
... (Aldawood & Skinner, 2020;Chetioui et al., 2022) Backdoors Using malware to circumvent standard authentication mechanisms to get unauthorized access to a system. (Alminshid & Omar, 2020;Nie et al., 2019) Key loggers Use of efficient surveillance tool to monitor the victim's typing and mouse movements. (Khilosiya & Makadiya, 2020;Singh et al., 2019) Video recording of victim activity ...
Cyber-attacks targeting high-profile entities are focused, persistent, and employ common vectors with varying levels of sophistication to exploit social-technical vulnerabilities. Advanced persistent threats (APTs) deploy zero-day malware against such targets to gain entry through multiple security layers, exploiting the dynamic interplay of vulnerabilities in the target network. System dynamics (SD) offers an alternative approach to analyze non-linear, complex, and dynamic social-technical systems. This research applied SD to three high-profile APT attacks - Equifax, Carphone, and Zomato - to identify and simulate socio-technical variables leading to breaches. By modeling APTs using SD, managers can evaluate threats, predict attacks, and reduce damage by mitigating specific socio-technical cues. This study provides valuable insights into the dynamics of cyber threats, making it the first to apply SD to APTs.
... For researchers working with unbalanced datasets, the definition of accuracy is the average of the accuracies of all classes, which is crucial. In this report, we used K-Nearest Neighbor (KNN) [34], Random Forest (RF) [3], linear support vector machine (SVM-linear) [31], Decision Tree (DT) [30], and Radial basis function (RBF) support vector machine (SVM-RBF) [11] classifiers to classify and detect benchmark CSE-CIC-IDS2018 intrusion detection dataset. An intrusion detection system should ideally have a 100 percent attack % true-positive rate (TPR) and a 0% falsepositive rate (FPR). ...
Advanced cyber attackers often 'pivot' through several devices in such complex infrastructure to obfuscate their footprints and overcome connectivity restrictions. However, prior pivot attack detection strategies present concerning limitations. This paper addresses an improvement of cyber defence with APIVADS, a novel adaptive pivoting detection scheme based on traffic flows to determine cyber adversaries' presence based on their pivoting behaviour in simple and complex interconnected networks. Additionally, APIVADS is agnostic regarding transport and application protocols. The scheme is optimized and tested to cover remotely connected locations beyond a corporate campus's perimeters. The scheme considers a hybrid approach between decentralized host-based detection of pivot attacks and a centralized approach to aggregate the results to achieve scalability. Empirical results from our experiments show the proposed scheme is efficient and feasible. For example, a 98.54% detection accuracy near real-time is achievable by APIVADS differentiating ongoing pivot attacks from regular enterprise traffic as TLS, HTTPS, DNS and P2P over the internet.
