Affiliation:
1. School of Cybersecurity, Korea University, Seoul 02841, Republic of Korea
2. R. O. K., Cyber Operations Command, Seoul 04383, Republic of Korea
Abstract
In the past, phishing techniques were a common means of attack carried out by individuals or small groups via spam mail on a randomly selected target. However, in recent years, phishing techniques have been adopted by advanced persistent threat (APT) groups to attack organizations such as the Sony Pictures Enterprise and Korea Hydro & Nuclear Power. As such, our study aims to analyze the past campaigns conducted by the APT groups. We aim to propose a countermeasure that corresponds to the phishing campaign by collecting datasets pertaining to the phishing techniques. Based on our past study, we collected private and public data from 16 different cases that utilize a phishing attack. Our research adopted MITRE’s ATT&CK framework and tactic, techniques, and procedures (TTPs) to extract and examine the various campaigns. The framework proposed in this study makes considerable contributions to both the private and public sectors, as the framework aids the organizations in counteracting the malicious threats performed by the APT groups.
Funder
Defense Acquisition Program Administration
Subject
Computer Networks and Communications,Information Systems
Reference50 articles.
1. Cyber threat information sharing: perceived benefits and barriers;A. Zibak
2. MITRE ATT&CK®. MITRE ATT&CK®;Mitre,2021
3. A comprehensive survey of AI-enabled phishing attacks detection techniques
4. {PhishPrint}: evading phishing detection crawlers by prior profiling;B. Acharya,2021
5. PhishTime: continuous longitudinal measurement of the effectiveness of anti-phishing blacklists;A. Oest
Cited by
10 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献