Visible to the public Biblio

Filters: Author is Nicho, M.  [Clear All Filters]
2019-03-15
Nicho, M., Khan, S. N..  2018.  A Decision Matrix Model to Identify and Evaluate APT Vulnerabilities at the User Plane. 2018 41st International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO). :1155-1160.

While advances in cyber-security defensive mechanisms have substantially prevented malware from penetrating into organizational Information Systems (IS) networks, organizational users have found themselves vulnerable to threats emanating from Advanced Persistent Threat (APT) vectors, mostly in the form of spear phishing. In this respect, the question of how an organizational user can differentiate between a genuine communication and a similar looking fraudulent communication in an email/APT threat vector remains a dilemma. Therefore, identifying and evaluating the APT vector attributes and assigning relative weights to them can assist the user to make a correct decision when confronted with a scenario that may be genuine or a malicious APT vector. In this respect, we propose an APT Decision Matrix model which can be used as a lens to build multiple APT threat vector scenarios to identify threat attributes and their weights, which can lead to systems compromise.

2019-01-21
Nicho, M., Oluwasegun, A., Kamoun, F..  2018.  Identifying Vulnerabilities in APT Attacks: A Simulated Approach. 2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS). :1–4.

This research aims to identify some vulnerabilities of advanced persistent threat (APT) attacks using multiple simulated attacks in a virtualized environment. Our experimental study shows that while updating the antivirus software and the operating system with the latest patches may help in mitigating APTs, APT threat vectors could still infiltrate the strongest defenses. Accordingly, we highlight some critical areas of security concern that need to be addressed.