Advanced Persistent Threat (APT)

A Qualitative Exploration of Adversarial Adaptability, Group Dynamics, and Cyber-Intrusion Chains

Abstract:

Conventional cyber attack management is reactive, which is ineffective in curbing sophisticated adversaries, especially Advanced Persistent Threats (APTs). There is an immediate need for proactive cyber-security measures that reflect the adaptive and dynamic nature of these adversaries. Using empirical evidence of observations and interviews conducted at the Industrial Control Systems Computer Emergency Response Team’s (ICS-CERTs) Red-Team/Blue-Team cyber-security training exercise held at Idaho National Laboratory (INL), this paper highlights the human aspects of cyber attacks, with a specific focus on adversarial intrusion chains, adaptability after attack disruptions, and group dynamics.

Detection of DNS-Based Covert Channels

ABSTRACT

A compromised network will normally have some form of covert communication system installed. Covert communication channels can take many forms and can remain undetected until a major data breach has taken place. Compromised networks allow hackers to access private and confidential information so that they can engage in illegal behaviours such as data exfiltration. This article demonstrates that DNS-based covert channels have particular traffic signatures that can be detected in order to mitigate data exfiltration and malware command, and to control traffic.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Keywords

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

  • Journal of Information Warfare
    114 Ballard Street
    Yorktown, VA
    23690
  • 757.234.6664
  • jiw@gbpts.com