Modeling Advanced Persistent Threats: A Case Study of APT38
This paper addresses the problem how to model threats. Modeling provides base to develop techniques to prevent attacks and. Help in identifying vulnerabilities and compromises caused by attackers. We propose adopting a process modeling methodology called the Thinging Machine (TM) to construct a conceptual specification of attacks through describing diagrammatically the static depiction and dynamic behavior of attacks. Without loss of generality, we focus on modeling Advanced Persistent Threats, specifically on a recent APT attack called APT38 that is considered to have the topmost cyber threat against banks worldwide. The resultant depiction can presented at various levels of granularity and complexity.
Authors: Sabah Al-Fedaghi, MennatAllah Bayoumi
Published in: ICITST-WorldCIS-WCST-WCICSS-2019
- Date of Conference: 9-11 December 2019
- DOI: 10.20533/ICITST.WorldCIS.WCST.WCICSS.2019.0002
- ISBN: 978-1-913572-06-8
- Conference Location: London, UK