Abstract
Advanced Persistent Threat (APT) has become one of the most complicated and intractable cyber attack over the last decade. As APT attacks are conducted through series of actions that comprise social engineering, phishing, command and control servers, and remote desktop control, conventional anti-virus mechanisms become insufficient because they were designed to cope with traditional stand-alone malware attacks. Furthermore, data transmission from the compromised network to the APT actors is usually well disguised and embedded in normal transmission, exacerbating the detection of APT attacks to the point that even major anti-virus firms are not sure about the ratio of discovered APT attacks against real attacks. To make things worse, APT actors tend to be well-organized and potentially government-funded groups of hackers and professionals who are capable of developing and maintaining malware specifically made for their own purposes and interpret the stolen data. While most efforts in defending against APT attacks focus on related technologies, this research argues the importance of constructing a holistic understanding by analyzing the behaviors and changes of ATP attacks and actors. This research aims to understand the evolution of technologies and malware on the one hand and the behavioral changes of attacking groups. By doing so, this research is expected to contribute to constructing a clearer roadmap of APT attacks and actors that cyber security providers can use as reference.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Lemay, A., Calvet, J., Menet, F., Fernandez, J.M.: Survey of publicly available reports on advanced persistent threat actors. Comput. Secur. 72, 26–59 (2018)
Li, F., Lai, A., Ddl, D.: Evidence of Advanced Persistent Threat: A case study of malware for political espionage. In: 6th International Conference on Malicious and Unwanted Software, pp. 102–109 (2011)
Mandiant: APT1: Exposing One of China’s Cyber Espionage Units (2013). https://www.fireeye.com/content/dam/fireeye-www/services/pdfs/mandiant-apt1-report.pdf. Accessed 1 Mar 2018
Ussath, M., Jaeger, D., Feng, C., Meinel, C.: Advanced persistent threats: behind the scenes. In: 2016 Annual Conference on Information Science and Systems (CISS), pp. 181–186 (2016)
Marchetti, M., Pierazzi, F., Colajanni, M., Guido, A.: Analysis of high volumes of network traffic for Advanced Persistent Threat detection. Comput. Netw. 109, 127–141 (2016)
Nelson, R.R., Winter, S.: An Evolution Theory of Economic. Change Press (1982)
Osborne, C.: Most companies take over six months to detect data breaches. https://www.zdnet.com/article/businesses-take-over-six-months-to-detect-data-breaches/. Accessed 20 Feb 2018
Aldridge, J.: Remediating Targeted-threat Intrusions (2018). https://media.blackhat.com/bh-us-12/Briefings/Aldridge/BH_US_12_Aldridge_Targeted_Intrustion_WP.pdf. Accessed 20 May 2018
Guido, D.: A case study of intelligence-driven defense. IEEE Secur. Priv. 9, 67–70 (2011)
FireEye: APT37: The Overlooked North Korean Actor (2018). https://www2.fireeye.com/rs/848-DID-242/images/rpt_APT37.pdf. Accessed 1 Mar 2018
Blazquez, D., Domenech, J.: Big data sources and methods for social and economic analyses. Technol. Forecast. Soc. Change 130, 99–113 (2018)
Wang, Y., Xu, W.: Leveraging deep learning with LDA-based text analytics to detect automobile insurance fraud. Decis. Support Syst. 105, 87–95 (2018)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Chen, CM., Lai, GH., Wen, DW.(. (2019). Evolution of Advanced Persistent Threat (APT) Attacks and Actors. In: Chang, CY., Lin, CC., Lin, HH. (eds) New Trends in Computer Technologies and Applications. ICS 2018. Communications in Computer and Information Science, vol 1013. Springer, Singapore. https://doi.org/10.1007/978-981-13-9190-3_7
Download citation
DOI: https://doi.org/10.1007/978-981-13-9190-3_7
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-13-9189-7
Online ISBN: 978-981-13-9190-3
eBook Packages: Computer ScienceComputer Science (R0)