Affiliation:
1. School of Computer Sciences, Universiti Sains Malaysia, Georgetown 11800, Penang, Malaysia
2. Computer Engineering Department, University of Basrah, Basrah 64001, Iraq
3. School of Information Science, Japan Advanced Institute of Science and Technology, 1-1 Asahidai, Nomi 923-1211, Japan
Abstract
Advanced persistent threat (APT) refers to a specific form of targeted attack used by a well-organized and skilled adversary to remain undetected while systematically and continuously exfiltrating sensitive data. Various APT attack vectors exist, including social engineering techniques such as spear phishing, watering holes, SQL injection, and application repackaging. Various sensors and services are essential for a smartphone to assist in user behavior that involves sensitive information. Resultantly, smartphones have become the main target of APT attacks. Due to the vulnerability of smartphone sensors, several challenges have emerged, including the inadequacy of current methods for detecting APTs. Nevertheless, several existing APT solutions, strategies, and implementations have failed to provide comprehensive solutions. Detecting APT attacks remains challenging due to the lack of attention given to human behavioral factors contributing to APTs, the ambiguity of APT attack trails, and the absence of a clear attack fingerprint. In addition, there is a lack of studies using game theory or fuzzy logic as an artificial intelligence (AI) strategy for detecting APT attacks on smartphone sensors, besides the limited understanding of the attack that may be employed due to the complex nature of APT attacks. Accordingly, this study aimed to deliver a systematic review to report on the extant research concerning APT detection for mobile sensors, applications, and user behavior. The study presents an overview of works performed between 2012 and 2023. In total, 1351 papers were reviewed during the primary search. Subsequently, these papers were processed according to their titles, abstracts, and contents. The resulting papers were selected to address the research questions. A conceptual framework is proposed to incorporate the situational awareness model in line with adopting game theory as an AI technique used to generate APT-based tactics, techniques, and procedures (TTPs) and normal TTPs and cognitive decision making. This framework enhances security awareness and facilitates the detection of APT attacks on smartphone sensors, applications, and user behavior. It supports researchers in exploring the most significant papers on APTs related to mobile sensors, services, applications, and detection techniques using AI.
Funder
Ministry of Higher Education Malaysia for Fundamental Research Grant Scheme
Subject
Fluid Flow and Transfer Processes,Computer Science Applications,Process Chemistry and Technology,General Engineering,Instrumentation,General Materials Science
Reference221 articles.
1. A baseline for unsupervised advanced persistent threat detection in system-level provenance;Berrada;Future Gener. Comput. Syst.,2020
2. Advanced Persistent Threat Mitigation Using Multi Level Security—Access Control Framework;Gervasi;Lect. Notes Comput. Sci.,2015
3. Trusted Security Policies for Tackling Advanced Persistent Threat via Spear Phishing in BYOD Environment;Bann;Procedia Comput. Sci.,2015
4. (2022, December 25). Powerful Growth: Global Advanced Persistent Threat (APT) Protection Market. Available online: https://www.globenewswire.com/news-release/2021/11/24/2340616/0/en/Powerful-Growth-Global-Advanced-Persistent-Threat-APT-Protection-Market-to-knock-20-290-7-Million-at-a-CAGR-of-20-9-from-2020-to-2027-Research-Dive.html.
5. Strategically-motivated advanced persistent threat: Definition, process, tactics and a disinformation model of counterattack;Ahmad;Comput. Secur.,2019
Cited by
2 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献