Affiliation:
1. Department of Computing and Information Technology, UNITEC Institute of Technology, Auckland, New Zealand
Abstract
Advanced Persistent Threats (APT) and Targeted Attacks (TA) targeting high-value organizations continue to become more common. These slow (sometimes carried on over the years), fragmented, distributed, seemingly unrelated, very sophisticated, highly adaptable, and, above all, stealthy attacks have existed since the large-scale popularization of computing in the 1990s and have intensified during the 2000s. The aim of attackers has expanded from espionage to attaining financial gain, creating disruption, and hacktivism. These activities have a negative impact on the targets, many times costing significant amounts of money and destabilizing organizations and governments. The resounding goal of this research is to analyze previous academic and industrial research of 72 major APT attacks between 2008 and 2018, using 12 features, and propose a categorization based on the targeted platform, the time elapsed to discovery, targets, type, purpose, propagation methods, and derivative attacks. This categorization provides a view of the effort of the attackers. It aims to help focus the design of intelligent detection systems on increasing the percentage of discovered and stopped attacks.
Reference98 articles.
1. Kaspersky Lab. Kaspersky press releases [Internet]. Kaspersky Lab. 2017 Jun 30. Available from: https://www.kaspersky.com/about/press-releases/2017_behind-the-scenes-of-kaspersky-labs-top-apt-discoveries.
2. Trend Micro. Threat reports [Internet]. Trend Micro. 2017 Feb 28. Available from: https://www.trendmicro.com/vinfo/us/security/research-and-analysis/threat-reports/roundup.
3. Symantec Corporation. ISTR—Internet Security Threat Report. April 2017. Available from: https://docs.broadcom.com/doc/istr-5-1-en-in.
4. Symantec Corporation. ISTR—Internet Security Threat Report [Internet]. March 2018 [cited 2018 March]. Available from: https://www.symantec.com/blogs/threat-intelligence/istr-23-cyber-security-threat-landscape.
5. Chandra V, Challa N, Pasupuleti S. Advanced persistent threat defense system using self-destructive mechanism for cloud security. In: 2nd IEEE International Conference on Engineering and Technology (ICETECH); 17th & 18th March 2016; Coimbatore, TN, India. Piscataway, NJ: IEEE; 2016.