Visible to the public Biblio

Filters: Author is Carat, Guillaume  [Clear All Filters]
2020-08-07
Berady, Aimad, Viet Triem Tong, Valerie, Guette, Gilles, Bidan, Christophe, Carat, Guillaume.  2019.  Modeling the Operational Phases of APT Campaigns. 2019 International Conference on Computational Science and Computational Intelligence (CSCI). :96—101.
In the context of Advanced Persistent Threat (APT) attacks, this paper introduces a model, called Nuke, which tries to provide a more operational reading of the attackers' lifecycle in a compromised network. It allows to consider the notions of regression; and repetitiveness of final objectives achievement. By confronting this model with examples of recent attacks (Equifax data breach and TV5Monde sabotage), we emphasize the importance of the attack chronology in the Cyber Threat Intelligence (CTI) reports, as well as the Tactics, Techniques and Procedures (TTP) used by the attacker during his progression.