SlideShare a Scribd company logo

Advanced persistent threat (apt)

Download as PPTX, PDF
M
mmubashirkhan

This document discusses advanced persistent threats (APTs). It defines APTs, describes their stages including reconnaissance, delivery, exploitation, operation, data collection, and exfiltration. It then presents an APT detection framework called the Attack Pyramid that models APT attacks across physical, user access, network, and application planes and detects relevant events using algorithms and rules. Research papers are cited that further define APTs and propose the Attack Pyramid model for detecting such threats.

Education
1 of 19
Downloaded 483 times
1
2
3
4
5
6
7
8
9
10
11
12
Most read
13
14
15
16
17
Most read
18
19
Most read
Presented by: QuratulAin Najeeb
. • Advance persistent threat . • Stages of APT . • Problem in Detection . • Events . • Detection Framework
Advanced Use of advanced techniques Persistent Remain in system for long period “Low” and “Slow” Threat Agenda of stealing data A P T Elements of APT
Don't destroy systems Don't interrupt normal operation Try to stay hidden and keep the stolen data flowing Trick a user into installing malware Spear-Phishing
6. Exfiltration 5. Data Collection 4.Operation 3. Exploitation 2. Delivery 1. Reconnaissance Collecting information about Organization’s resources Spear phishing emails are prepared and sent Command and control connection is build from targeted employee’s machine via remote access Persistent presence in network and gain access to data Information is packed, compressed and encrypted Data is moved over channels to various external servers
Advanced persistent threat (apt)
Twitter  Starbucks LinkedIn Sniffing Captured: Email address (engineer@gmail.com) Friend’s email (engineer2@gmail.com) Interests (www.ITECH-2013.com)
Hey look! An email from Engineer2. With a catalog attached! Spoofed, of course Most certainly clicking here CLICK HERE TO VIEW “ITECH” EVENT 2013
The PDF gets clicked. Code gets dropped. The backdoor is opened.
The attacker connects to the listening port i.e. Remote Access
At this point, the attacker could do any number of things to get more sensitive data
Advanced persistent threat (apt)
A mean to detect potential vulnerable elements towards the targeted data Attack tree of APT aimed at source data AND
Problem An attack path may go across multiple planes PLANES EVENTS Physical Physical devices, working location User Recording sensitive data access Network Firewall /logs/ IDS/IPS Application Information deliver through gateway
Candidate Events Suspicious Events Attack Events
Attack Pyramid Unfolded Attack Pyramid
Alert System Using Algorithms G={G1,…..Gn} Gi = {P1, . . . , Pn} Pi = {e1 ………….eK } Put together the events relevant to an attack context Detection Rule Signature based rules (Connecting to blacklisted domain) Anomaly detection rules (Send more data than usual) Policy based rules (Overloaded VPN connection)
In research papers APT is defined, and proposed an attack model for problem detection i.e. Attack Pyramid
http://www.research.att.com/techdocs/TD_101075.pdf http://www.infosecurityproject.com/2012/Download/K7_Advanced%20Persist ent%20Threat%20and%20Modern%20Malware_Jones%20Leung.pdf

More Related Content

PPT
Ch04 Network Vulnerabilities and Attacks
Information Technology
 
PDF
Anatomy of a cyber attack
Mark Silver
 
PPT
Cyber Security Emerging Threats
isc2dfw
 
PPTX
Different types of attacks in internet
Rohan Bharadwaj
 
PPTX
Types of Cyber Attacks
Rubal Sagwal
 
PPTX
NETWORK PENETRATION TESTING
Er Vivek Rana
 
PDF
Advanced persistent threats(APT)
Network Intelligence India
 
PDF
Types of Threat Actors and Attack Vectors
LearningwithRayYT
 
Ch04 Network Vulnerabilities and Attacks
Information Technology
 
Anatomy of a cyber attack
Mark Silver
 
Cyber Security Emerging Threats
isc2dfw
 
Different types of attacks in internet
Rohan Bharadwaj
 
Types of Cyber Attacks
Rubal Sagwal
 
NETWORK PENETRATION TESTING
Er Vivek Rana
 
Advanced persistent threats(APT)
Network Intelligence India
 
Types of Threat Actors and Attack Vectors
LearningwithRayYT
 

What's hot (20)

PDF
Threat Modelling
n|u - The Open Security Community
 
PDF
Threat Intelligence
Deepak Kumar (D3)
 
PDF
Global Cyber Threat Intelligence
NTT Innovation Institute Inc.
 
PDF
Cyber Threat Intelligence
mohamed nasri
 
PDF
Cyber Threat Intelligence
ZaiffiEhsan
 
PPTX
IP Security
Keshab Nath
 
PDF
MITRE ATT&CK Framework
n|u - The Open Security Community
 
PPTX
Zero Trust Framework for Network Security​
AlgoSec
 
PPTX
Information security
Lusungu Mkandawire CISA,CISM,CGEIT,CPF,PRINCE2
 
PPT
Intrusion Detection Systems and Intrusion Prevention Systems
Cleverence Kombe
 
PDF
Zero Trust Model Presentation
Gowdhaman Jothilingam
 
PDF
Cybersecurity Roadmap Development for Executives
Krist Davood - Principal - CIO
 
PPTX
OWASP Top 10 2021 What's New
Michael Furman
 
PPTX
Intrusion detection system
Aparna Bhadran
 
PPSX
Next-Gen security operation center
Muhammad Sahputra
 
PDF
Addressing the cyber kill chain
Symantec Brasil
 
PPTX
Security operation center (SOC)
Ahmed Ayman
 
PPTX
Advanced Persistent Threats (APTs) - Information Security Management
Mayur Nanotkar
 
PPTX
Network security (vulnerabilities, threats, and attacks)
Fabiha Shahzad
 
PPTX
Cyber kill chain
Ankita Ganguly
 
Threat Modelling
n|u - The Open Security Community
 
Threat Intelligence
Deepak Kumar (D3)
 
Global Cyber Threat Intelligence
NTT Innovation Institute Inc.
 
Cyber Threat Intelligence
mohamed nasri
 
Cyber Threat Intelligence
ZaiffiEhsan
 
IP Security
Keshab Nath
 
MITRE ATT&CK Framework
n|u - The Open Security Community
 
Zero Trust Framework for Network Security​
AlgoSec
 
Information security
Lusungu Mkandawire CISA,CISM,CGEIT,CPF,PRINCE2
 
Intrusion Detection Systems and Intrusion Prevention Systems
Cleverence Kombe
 
Zero Trust Model Presentation
Gowdhaman Jothilingam
 
Cybersecurity Roadmap Development for Executives
Krist Davood - Principal - CIO
 
OWASP Top 10 2021 What's New
Michael Furman
 
Intrusion detection system
Aparna Bhadran
 
Next-Gen security operation center
Muhammad Sahputra
 
Addressing the cyber kill chain
Symantec Brasil
 
Security operation center (SOC)
Ahmed Ayman
 
Advanced Persistent Threats (APTs) - Information Security Management
Mayur Nanotkar
 
Network security (vulnerabilities, threats, and attacks)
Fabiha Shahzad
 
Cyber kill chain
Ankita Ganguly
 
Ad

Similar to Advanced persistent threat (apt) (20)

PDF
Advanced Persistent Threats in Cybersecurity – Cyber Warfare
Nicolae Sfetcu
 
PPTX
Understanding-and-Defending-Against-Advanced-Persistent-Threats-APT.pptx.pptx
wininlifeacademy5
 
PDF
Advanced Persistent Threats: How They Sneak In and Stay Hidden
BORNSEC CONSULTING
 
PDF
2015-advanced-persistent-threat-awareness_whp_eng_1015
Robin "Montana" Williams
 
PDF
Apt zero day malware
aspiretss
 
PPTX
Break the chain - 7 phases of Advanced Persistent Threats
Inspirisys Solutions Limited
 
PPTX
Understanding advanced persistent threats (APT)
Dan Morrill
 
PDF
Cyber security series advanced persistent threats
Jim Kaplan CIA CFE
 
PDF
Adam Palmer: Managing Advanced Cyber Threats for In-House Counsel
Adam Palmer
 
PDF
Understanding Advanced Cybersecurity Threats for the In-House Counsel
Adam Palmer
 
PPTX
Cyber-Espionage: Understanding the Advanced Threat Landscape
Aaron White
 
PDF
Awareness seminar on Advanced Persistent Threats
Gary Hinson
 
PDF
RSA: Security Analytics Architecture for APT
Lee Wei Yeong
 
PDF
HCA 530, Week 2, Advanced persistent threat healthcare under attack
Matthew J McMahon
 
PPTX
APT in the Financial Sector
LIFARS
 
PPTX
Amien Harisen - APT1 Attack
Indonesia Honeynet Chapter
 
PPTX
Persistence is Key: Advanced Persistent Threats
Sameer Thadani
 
PDF
Intelligent Network Surveillance Technology for APT Attack Detections
AM Publications,India
 
PDF
Advanced Persistent Threats Cutting Through The Hype
Symantec
 
PDF
Detecting Unknown Attacks Using Big Data Analysis
Editor IJMTER
 
Advanced Persistent Threats in Cybersecurity – Cyber Warfare
Nicolae Sfetcu
 
Understanding-and-Defending-Against-Advanced-Persistent-Threats-APT.pptx.pptx
wininlifeacademy5
 
Advanced Persistent Threats: How They Sneak In and Stay Hidden
BORNSEC CONSULTING
 
2015-advanced-persistent-threat-awareness_whp_eng_1015
Robin "Montana" Williams
 
Apt zero day malware
aspiretss
 
Break the chain - 7 phases of Advanced Persistent Threats
Inspirisys Solutions Limited
 
Understanding advanced persistent threats (APT)
Dan Morrill
 
Cyber security series advanced persistent threats
Jim Kaplan CIA CFE
 
Adam Palmer: Managing Advanced Cyber Threats for In-House Counsel
Adam Palmer
 
Understanding Advanced Cybersecurity Threats for the In-House Counsel
Adam Palmer
 
Cyber-Espionage: Understanding the Advanced Threat Landscape
Aaron White
 
Awareness seminar on Advanced Persistent Threats
Gary Hinson
 
RSA: Security Analytics Architecture for APT
Lee Wei Yeong
 
HCA 530, Week 2, Advanced persistent threat healthcare under attack
Matthew J McMahon
 
APT in the Financial Sector
LIFARS
 
Amien Harisen - APT1 Attack
Indonesia Honeynet Chapter
 
Persistence is Key: Advanced Persistent Threats
Sameer Thadani
 
Intelligent Network Surveillance Technology for APT Attack Detections
AM Publications,India
 
Advanced Persistent Threats Cutting Through The Hype
Symantec
 
Detecting Unknown Attacks Using Big Data Analysis
Editor IJMTER
 
Ad

More from mmubashirkhan (11)

PPTX
Two factor authentication presentation mcit
mmubashirkhan
 
PPTX
Situational awareness for computer network security
mmubashirkhan
 
PPTX
Security threats and countermeasure in 3 g network
mmubashirkhan
 
PPTX
Comparison between traditional vpn and mpls vpn
mmubashirkhan
 
PPT
Security in wireless la ns
mmubashirkhan
 
PPTX
Saa s multitenant database architecture
mmubashirkhan
 
PPTX
Improving intrusion detection system by honeypot
mmubashirkhan
 
PPTX
Drive by downloads-cns
mmubashirkhan
 
PPTX
Cyber security issues
mmubashirkhan
 
PPTX
Biometric security tech
mmubashirkhan
 
PPTX
Authentication in manet
mmubashirkhan
 
Two factor authentication presentation mcit
mmubashirkhan
 
Situational awareness for computer network security
mmubashirkhan
 
Security threats and countermeasure in 3 g network
mmubashirkhan
 
Comparison between traditional vpn and mpls vpn
mmubashirkhan
 
Security in wireless la ns
mmubashirkhan
 
Saa s multitenant database architecture
mmubashirkhan
 
Improving intrusion detection system by honeypot
mmubashirkhan
 
Drive by downloads-cns
mmubashirkhan
 
Cyber security issues
mmubashirkhan
 
Biometric security tech
mmubashirkhan
 
Authentication in manet
mmubashirkhan
 

Recently uploaded (20)

PPTX
human mycosis Human fungal infections are called human mycosis..pptx
shilpa939953
 
PDF
3rd Neelam Sanjeevareddy Memorial Lecture.pdf
Academy of Grassroots Studies and Research of India (AGRASRI)
 
PPTX
Week 4 Term 3 Study Techniques revisited.pptx
mansk2
 
PDF
2.FourierTransform-ShortQuestionswithAnswers.pdf
Raji Murugan
 
PDF
O7-L3 Supply Chain Operations - ICLT Program
labyankof
 
PPTX
IMMUNITY IMMUNITY refers to protection against infection, and the immune syst...
shilpa939953
 
PPTX
Introduction_to_Human_Anatomy_and_Physiology_for_B.Pharm.pptx
chetansingh379583
 
PDF
ANTIBIOTICS.pptx.pdf………………… xxxxxxxxxxxxx
HakHe
 
PDF
Business Ethics Teaching Materials for college
CynthiaCastillo40
 
PPTX
Pharmacology of Heart Failure /Pharmacotherapy of CHF
Rajshri Ghogare
 
PDF
Physiotherapy_for_Respiratory_and_Cardiac_Problems WEBBER.pdf
DrMONISHAphysio
 
PDF
FourierSeries-QuestionsWithAnswers(Part-A).pdf
Raji Murugan
 
PDF
Chapter 2 Heredity, Prenatal Development, and Birth.pdf
MarjorieLopezTiu
 
PDF
Origin of periodic table-Mendeleev’s Periodic-Modern Periodic table
Mithil Fal Desai
 
PPTX
PPH.pptx obstetrics and gynecology in nursing
SrideviDevaraj5
 
PDF
102 student loan defaulters named and shamed – Is someone you know on the list?
Kweku Zurek
 
PDF
Anesthesia in Laparoscopic Surgery in India
mohitsuren827
 
PDF
Basic Mud Logging Guide for educational purpose
wdandworks
 
PDF
Saundersa Comprehensive Review for the NCLEX-RN Examination.pdf
sreejithcareers
 
PDF
Module 4: Burden of Disease Tutorial Slides S2 2025
Jonathan Hallett
 
human mycosis Human fungal infections are called human mycosis..pptx
shilpa939953
 
3rd Neelam Sanjeevareddy Memorial Lecture.pdf
Academy of Grassroots Studies and Research of India (AGRASRI)
 
Week 4 Term 3 Study Techniques revisited.pptx
mansk2
 
2.FourierTransform-ShortQuestionswithAnswers.pdf
Raji Murugan
 
O7-L3 Supply Chain Operations - ICLT Program
labyankof
 
IMMUNITY IMMUNITY refers to protection against infection, and the immune syst...
shilpa939953
 
Introduction_to_Human_Anatomy_and_Physiology_for_B.Pharm.pptx
chetansingh379583
 
ANTIBIOTICS.pptx.pdf………………… xxxxxxxxxxxxx
HakHe
 
Business Ethics Teaching Materials for college
CynthiaCastillo40
 
Pharmacology of Heart Failure /Pharmacotherapy of CHF
Rajshri Ghogare
 
Physiotherapy_for_Respiratory_and_Cardiac_Problems WEBBER.pdf
DrMONISHAphysio
 
FourierSeries-QuestionsWithAnswers(Part-A).pdf
Raji Murugan
 
Chapter 2 Heredity, Prenatal Development, and Birth.pdf
MarjorieLopezTiu
 
Origin of periodic table-Mendeleev’s Periodic-Modern Periodic table
Mithil Fal Desai
 
PPH.pptx obstetrics and gynecology in nursing
SrideviDevaraj5
 
102 student loan defaulters named and shamed – Is someone you know on the list?
Kweku Zurek
 
Anesthesia in Laparoscopic Surgery in India
mohitsuren827
 
Basic Mud Logging Guide for educational purpose
wdandworks
 
Saundersa Comprehensive Review for the NCLEX-RN Examination.pdf
sreejithcareers
 
Module 4: Burden of Disease Tutorial Slides S2 2025
Jonathan Hallett
 

Advanced persistent threat (apt)