Visible to the public Modeling an Information-Based Advanced Persistent Threat Attack on the Internal Network

TitleModeling an Information-Based Advanced Persistent Threat Attack on the Internal Network
Publication TypeConference Paper
Year of Publication2019
AuthorsYan, Dingyu, Liu, Feng, Jia, Kun
Conference NameICC 2019 - 2019 IEEE International Conference on Communications (ICC)
Keywordsadvanced persistent threat, APT, APT attack, computer network security, cyberattack, decision making, defense mechanism ineffective, Human Behavior, IEL, information-based advanced persistent threat attack, information-based APT attack, initial entry model, intelligence gathering, internal network, invasive software, lateral movement, mathematical framework, Mathematical model, Metrics, pubcrawl, Reconnaissance, resilience, Resiliency, Scalability, Silicon, strategy decision-making, weaponization movement, Weapons
AbstractAn advanced persistent threat (APT) attack is a powerful cyber-weapon aimed at the specific targets in cyberspace. The sophisticated attack techniques, long dwell time and specific objectives make the traditional defense mechanism ineffective. However, most existing studies fail to consider the theoretical modeling of the whole APT attack. In this paper, we mainly establish a theoretical framework to characterize an information-based APT attack on the internal network. In particular, our mathematical framework includes the initial entry model for selecting the entry points and the targeted attack model for studying the intelligence gathering, strategy decision-making, weaponization and lateral movement. Through a series of simulations, we find the optimal candidate nodes in the initial entry model, observe the dynamic change of the targeted attack model and verify the characteristics of the APT attack.
DOI10.1109/ICC.2019.8761077
Citation Keyyan_modeling_2019