Evaluating Advanced Persistent Threats Mitigation Effects:A Review

Home Page
About
Submit A Journal
Submit A Conference
Submit Paper/Book
- Submit a Preprint
- Submit a Book
Contact

International Journal of Information Security Science
Volume:7 Issue:4
Evaluating Advanced Persistent Threats Mitigation Effects:A Review

Evaluating Advanced Persistent Threats Mitigation Effects:A Review

Authors : Oluwasegun Ishaya ADELAİYE, Aminat SHOWOLE, Silas Ageebee FAKİ

Pages : 159-171

View : 42 | Download : 7

Publication Date : 2018-12-01

Article Type : Research Paper

Abstract :Advanced Persistent Threat APT is a targeted attack method used by a sophisticated, determined and skilled adversary to maintain undetected access over an extended period for exfiltration of valuable data. APT poses high threat levels to organizations especially government organizations. 60% of the problem is the inability to detect penetration using traditional mitigation methods. Numerous researches indicate that vulnerabilities exists in most organizations and when exploited will have major fininacial implications and also affect the organizationâ€™s reputation. Traditional methods for mitigating threats against security breaches have proved ineffective. This project aims at evaluating the utilization and effectiveness of Advanced Persistent Threats Mitigation techniques using existing literature and thereby providing a synopsis on APT. A method-based approach is adopted, reviewing the researches and a comparative analysis of the methods used in the mitigation of APT. The study compares 25 researches, which proposed methods in mitigating the threat, were filtered separating mitigation methods from review articles, identifying the threats etc. from a wide range of research reports between 2011 and 2017. These 25 researches were analysed to show the effectiveness of 12 mitigation methods utilized by the researchers. In mitigating APT multiple methods are employed by 72% of the researchers. The major methods used in mitigating APT are Traffic/data analysis 30% , Pattern recognition 21% and anomaly Detection 16% . These three methods work inline with providing effective internal audit, risk management and cooperate governance as highlighted in COBIT5 an IT management and governance framework by ISACA.
Keywords : Anomaly detection, Data exfiltration, Exploit, Pattern recognition, Traffic analysis, Zero day

ORIGINAL ARTICLE URL

* There may have been changes in the journal, article,conference, book, preprint etc. informations. Therefore, it would be appropriate to follow the information on the official page of the source. The information here is shared for informational purposes. IAD is not responsible for incorrect or missing information.