A decision matrix model to identify and evaluate APT vulnerabilities at the user plane
Source of Publication
2018 41st International Convention on Information and Communication Technology, Electronics and Microelectronics, MIPRO 2018 - Proceedings
© 2018 Croatian Society MIPRO. While advances in cyber-security defensive mechanisms have substantially prevented malware from penetrating into organizational Information Systems (IS) networks, organizational users have found themselves vulnerable to threats emanating from Advanced Persistent Threat (APT) vectors, mostly in the form of spear phishing. In this respect, the question of how an organizational user can differentiate between a genuine communication and a similar looking fraudulent communication in an email/APT threat vector remains a dilemma. Therefore, identifying and evaluating the APT vector attributes and assigning relative weights to them can assist the user to make a correct decision when confronted with a scenario that may be genuine or a malicious APT vector. In this respect, we propose an APT Decision Matrix model which can be used as a lens to build multiple APT threat vector scenarios to identify threat attributes and their weights, which can lead to systems compromise.
Institute of Electrical and Electronics Engineers Inc.
APT, Phishing, security, spear phishing, threat
Nicho, Mathew and Khan, Shafaq Naheed, "A decision matrix model to identify and evaluate APT vulnerabilities at the user plane" (2018). All Works. 82.
Indexed in Scopus