Back to Blog
We conclude our paper with different types of challenges that one would face in defending against APT, and the opportunities for further research ending with a note on what we learned during our writing of this paper. We also present you with different case studies of APT attacks, different monitoring methods and deception methods to be employed for a fine grained control of security of a networked system. Through this survey paper, we intend to bring before you all those methods and techniques that could be used to detect different stages of APT attacks, learning methods that need to be applied and where, to make your threat detection framework smart and undecipherable for those adapting APT attackers. Several works have been published in detecting an APT attack at one or two of its stages, but very limited research exists in detecting APT as a whole from reconnaissance to clean-up as one such solution demands complex correlation and behavior analysis of every event, user, system with in the network and across the network. While it requires time and patience to perform APT, solutions that adapt to the adapting behavior of APT attacker(s) are required. These so called Advanced Persistent Threats are difficult to achieve as well as difficult to detect. With each day bringing new forms of malware with new signatures and behavior that’s close to normal, a single traditional threat detection system would not suffice. As defenders strive hard to secure every endpoint and every link with in their networked system, attackers are finding new ways to penetrate into their target systems. The rate at which the attack tools and techniques are evolving is making any existing security measures, they have, inadequate. While nation sponsored attacks will always be marked for their sophistication, attacks that have become prominent in corporate sectors do not make it any less challenging for the organizations. These class of threats that every nation and organization wants to protect itself against are known as Advanced Persistent Threats. Threats that have been primarily targeting nation states and its associated entities, have long before expanded their target zone to include private and corporate sectors.
0 Comments
Read More
Leave a Reply. |