Red Queen's Race: APT win-win game

Investor logo

Warning

This publication doesn't include Faculty of Education. It includes Faculty of Informatics. Official publication website can be found on muni.cz.
Authors

BUKAČ Vít LORENC Václav MATYÁŠ Václav

Year of publication 2014
Type Article in Proceedings
Conference Security Protocols XXII - 22nd International Workshop, Revised Selected Papers
MU Faculty or unit

Faculty of Informatics

Citation
Doi http://dx.doi.org/10.1007/978-3-319-12400-1_7
Field Informatics
Keywords advanced persistant threats;APT;kill chain;honeypot
Description Advanced persistent threats (APTs) are not only a very prominent buzzword, but often come with a costly impact. A popular approach how to deal with APTs is the kill chain concept. We propose an extension to the kill chain, where the attacker is allowed to continue his attack even after being discovered by defenders. Meanwhile, observing defenders collect valuable intelligence which is to be used to counter future attacks. Benefits and negatives of postponed remediation are presented and related issues are discussed.
Related projects:

You are running an old browser version. We recommend updating your browser to its latest version.