Paper Info
Title
Trusted Computing vs. Advanced Persistent Threats: Can a Defender Win This Game?
Abstract
As both the number and the complexity of cyber attacks continuously increase, it is becoming evident that traditional security mechanisms have limited success in detecting sophisticated threats. Stuxnet, Duqu, Flame, Red October and, more recently, Miniduke, have troubled the security community due to their severe complexity and their ability to evade detection in some cases for several years, while exfiltrating gigabytes of data or sabotaging critical infrastructures. The significant technical and financial resources needed for orchestrating such complex attacks are a clear indication that perpetrators are well organized and, likely, working under a state umbrella. In this paper we perform a technical analysis of these advanced persistent threats, highlighting particular characteristics and identifying common patterns and techniques. We also focus on the issues that enabled the malware to evade detection from a wide range of security solutions and propose technical countermeasures for strengthening our defenses against similar threats.
Year
DOI
Venue
2013
10.1109/UIC-ATC.2013.80
Ubiquitous Intelligence and Computing, 2013 IEEE 10th International Conference and 10th International Conference Autonomic and Trusted Computing
Keywords
Field
DocType
advanced persistent threat,technical analysis,trusted computing,clear indication,traditional security mechanism,complex attack,technical countermeasures,advanced persistent threats,security solution,defender win,common pattern,severe complexity,security community
Countermeasure,Advanced persistent threat,Internet privacy,Trusted Computing,Computer security,Computer science,Gigabyte,Stuxnet,Malware,Security community,Technical analysis
Conference
ISBN
Citations 
PageRank 
978-1-4799-2481-3
17
0.87
References 
Authors
8
3
Name
Order
Citations
PageRank
Nikos Virvilis1754.52
Dimitris Gritzalis295599.85
Theodoros Apostolopoulos3211.69