Abstract | ||
---|---|---|
As both the number and the complexity of cyber attacks continuously increase, it is becoming evident that traditional security mechanisms have limited success in detecting sophisticated threats. Stuxnet, Duqu, Flame, Red October and, more recently, Miniduke, have troubled the security community due to their severe complexity and their ability to evade detection in some cases for several years, while exfiltrating gigabytes of data or sabotaging critical infrastructures. The significant technical and financial resources needed for orchestrating such complex attacks are a clear indication that perpetrators are well organized and, likely, working under a state umbrella. In this paper we perform a technical analysis of these advanced persistent threats, highlighting particular characteristics and identifying common patterns and techniques. We also focus on the issues that enabled the malware to evade detection from a wide range of security solutions and propose technical countermeasures for strengthening our defenses against similar threats. |
Year | DOI | Venue |
---|---|---|
2013 | 10.1109/UIC-ATC.2013.80 | Ubiquitous Intelligence and Computing, 2013 IEEE 10th International Conference and 10th International Conference Autonomic and Trusted Computing |
Keywords | Field | DocType |
advanced persistent threat,technical analysis,trusted computing,clear indication,traditional security mechanism,complex attack,technical countermeasures,advanced persistent threats,security solution,defender win,common pattern,severe complexity,security community | Countermeasure,Advanced persistent threat,Internet privacy,Trusted Computing,Computer security,Computer science,Gigabyte,Stuxnet,Malware,Security community,Technical analysis | Conference |
ISBN | Citations | PageRank |
978-1-4799-2481-3 | 17 | 0.87 |
References | Authors | |
8 | 3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Nikos Virvilis | 1 | 75 | 4.52 |
Dimitris Gritzalis | 2 | 955 | 99.85 |
Theodoros Apostolopoulos | 3 | 21 | 1.69 |