A decision matrix model to identify and evaluate APT vulnerabilities at the user plane

Document Type

Conference Proceeding

Source of Publication

2018 41st International Convention on Information and Communication Technology, Electronics and Microelectronics, MIPRO 2018 - Proceedings

Publication Date

6-28-2018

Abstract

© 2018 Croatian Society MIPRO. While advances in cyber-security defensive mechanisms have substantially prevented malware from penetrating into organizational Information Systems (IS) networks, organizational users have found themselves vulnerable to threats emanating from Advanced Persistent Threat (APT) vectors, mostly in the form of spear phishing. In this respect, the question of how an organizational user can differentiate between a genuine communication and a similar looking fraudulent communication in an email/APT threat vector remains a dilemma. Therefore, identifying and evaluating the APT vector attributes and assigning relative weights to them can assist the user to make a correct decision when confronted with a scenario that may be genuine or a malicious APT vector. In this respect, we propose an APT Decision Matrix model which can be used as a lens to build multiple APT threat vector scenarios to identify threat attributes and their weights, which can lead to systems compromise.

ISBN

9789532330977

Publisher

Institute of Electrical and Electronics Engineers Inc.

First Page

1155

Last Page

1160

Disciplines

Computer Sciences

Keywords

APT, Phishing, security, spear phishing, threat

Scopus ID

85050204275

Indexed in Scopus

yes

Open Access

no

Link to Full Text

Share

COinS