A systematic literature review on advanced persistent threat behaviors and its detection strategy
Advanced persistent threats (APTs) pose significant security-related challenges to organizations owing to their so- phisticated and persistent nature, and are inimical to the confidentiality , integrity , and availability of organizational information and services. This study systematically reviews...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Published: |
Oxford University Press
2024
|
| Subjects: | |
| Online Access: | http://eprints.um.edu.my/44890/ https://doi.org/10.1093/cybsec/tyad023 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my.um.eprints.44890 |
|---|---|
| record_format |
eprints |
| spelling |
my.um.eprints.448902024-11-18T07:18:25Z http://eprints.um.edu.my/44890/ A systematic literature review on advanced persistent threat behaviors and its detection strategy Mat, Nur Ilzam Che Jamil, Norziana Yusoff, Yunus Kiah, Miss Laiha Mat QA75 Electronic computers. Computer science Advanced persistent threats (APTs) pose significant security-related challenges to organizations owing to their so- phisticated and persistent nature, and are inimical to the confidentiality , integrity , and availability of organizational information and services. This study systematically reviews the literature on methods of detecting APTs by compre- hensively surveying research in the area, identifying gaps in the relevant studies, and proposing directions for future work. The authors provide a detailed analysis of current methods of APT detection that are based on multi-stage attack-related behaviors. We adhered to the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) guidelines and conducted an extensive search of a variety of databases. A total of 45 studies, encompass- ing sources from both academia and the industry, were considered in the final analysis. The findings reveal that APTs have the capability to laterally propagate and achieve their objectives by identifying and exploiting existing systemic vulnerabilities. By identifying shortcomings in prevalent methods of APT detection, we propose integrating the multi- stage attack-related behaviors of APTs with the assessment of the presence of vulnerabilities in the network and their susceptibility to being exploited in order to improve the accuracy of their identification. Such an improved ap- proach uses vulnerability scores and probability metrics to determine the probable sequence of targeted nodes, and visualizes the path of APT attacks. This technique of advanced detection enables the early identification of the most likely targets, which, in turn, allows for the implementation of proactive measures to prevent the network from being further compromised. The research here contributes to the literature by highlighting the importance of integrating multi-stage attack-related behaviors, vulnerability assessment, and techniques of visualization for APT detection to enhance the overall security of organizations. © The Author(s) 2024. Oxford University Press 2024 Article PeerReviewed Mat, Nur Ilzam Che and Jamil, Norziana and Yusoff, Yunus and Kiah, Miss Laiha Mat (2024) A systematic literature review on advanced persistent threat behaviors and its detection strategy. Journal of Cybersecurity, 10 (1). tyad023. ISSN 2057-2085, DOI https://doi.org/10.1093/cybsec/tyad023 <https://doi.org/10.1093/cybsec/tyad023>. https://doi.org/10.1093/cybsec/tyad023 10.1093/cybsec/tyad023 |
| institution |
Universiti Malaya |
| building |
UM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Malaya |
| content_source |
UM Research Repository |
| url_provider |
http://eprints.um.edu.my/ |
| topic |
QA75 Electronic computers. Computer science |
| spellingShingle |
QA75 Electronic computers. Computer science Mat, Nur Ilzam Che Jamil, Norziana Yusoff, Yunus Kiah, Miss Laiha Mat A systematic literature review on advanced persistent threat behaviors and its detection strategy |
| description |
Advanced persistent threats (APTs) pose significant security-related challenges to organizations owing to their so- phisticated and persistent nature, and are inimical to the confidentiality , integrity , and availability of organizational information and services. This study systematically reviews the literature on methods of detecting APTs by compre- hensively surveying research in the area, identifying gaps in the relevant studies, and proposing directions for future work. The authors provide a detailed analysis of current methods of APT detection that are based on multi-stage attack-related behaviors. We adhered to the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) guidelines and conducted an extensive search of a variety of databases. A total of 45 studies, encompass- ing sources from both academia and the industry, were considered in the final analysis. The findings reveal that APTs have the capability to laterally propagate and achieve their objectives by identifying and exploiting existing systemic vulnerabilities. By identifying shortcomings in prevalent methods of APT detection, we propose integrating the multi- stage attack-related behaviors of APTs with the assessment of the presence of vulnerabilities in the network and their susceptibility to being exploited in order to improve the accuracy of their identification. Such an improved ap- proach uses vulnerability scores and probability metrics to determine the probable sequence of targeted nodes, and visualizes the path of APT attacks. This technique of advanced detection enables the early identification of the most likely targets, which, in turn, allows for the implementation of proactive measures to prevent the network from being further compromised. The research here contributes to the literature by highlighting the importance of integrating multi-stage attack-related behaviors, vulnerability assessment, and techniques of visualization for APT detection to enhance the overall security of organizations. © The Author(s) 2024. |
| format |
Article |
| author |
Mat, Nur Ilzam Che Jamil, Norziana Yusoff, Yunus Kiah, Miss Laiha Mat |
| author_facet |
Mat, Nur Ilzam Che Jamil, Norziana Yusoff, Yunus Kiah, Miss Laiha Mat |
| author_sort |
Mat, Nur Ilzam Che |
| title |
A systematic literature review on advanced persistent threat behaviors and its detection strategy |
| title_short |
A systematic literature review on advanced persistent threat behaviors and its detection strategy |
| title_full |
A systematic literature review on advanced persistent threat behaviors and its detection strategy |
| title_fullStr |
A systematic literature review on advanced persistent threat behaviors and its detection strategy |
| title_full_unstemmed |
A systematic literature review on advanced persistent threat behaviors and its detection strategy |
| title_sort |
systematic literature review on advanced persistent threat behaviors and its detection strategy |
| publisher |
Oxford University Press |
| publishDate |
2024 |
| url |
http://eprints.um.edu.my/44890/ https://doi.org/10.1093/cybsec/tyad023 |
| _version_ |
1816130422939058176 |
| score |
13.214268 |