A layered security architecture based on cyber kill chain against advanced persistent threats

A layered security architecture based on cyber kill chain against advanced persistent threats

For access to this article, please select a purchase option:

Buy chapter PDF
(plus tax if applicable)
Buy Knowledge Pack
10 chapters for $120.00
(plus taxes if applicable)

IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.

Learn more about IET membership 

Recommend Title Publication to library

You must fill out fields marked with: *

Librarian details
Your details
Why are you recommending this title?
Select reason:
Security and Privacy for Big Data, Cloud Computing and Applications — Recommend this title to your library

Thank you

Your recommendation has been sent to your librarian.

Inherently, static traditional defense mechanisms which mostly act successfully in detecting known attacks using techniques such as blacklisting and malware signature detection are insufficient in defending against dynamic and sophisticated advanced persistent threat (APT) cyberattacks. These attacks are usually conducted dynamically in several stages and may use different attack paths simultaneously to accomplish their commission. Cyber kill chain (CKC) framework provides a model for all stages of an intrusion from early reconnaissance to actions on objectives when the attacker's goal is met which could be stealing data, disrupting operations or destroying infrastructure. Achieving the final goal, an adversary must progress all stages successfully. Any disruption at any stage of the attack by the defender would mitigate or cease the intrusion campaign. In this chapter, we align 7D defense model with CKC steps to develop a layered architecture to detected APT actors tactics, techniques and procedures in each step of CKC. This model can be applied by defenders to plan resilient defense and mitigation strategies against prospective APT actors.

Chapter Contents:

  • 7.1 Introduction
  • 7.2 Driven defensive model (course of actions)
  • 7.3 Defense mechanism
  • 7.3.1 Mitigation for each phase of CKC model
  • Mitigating of reconnaissance phase
  • Mitigating of weaponization phase
  • Mitigating of delivery phase
  • Mitigating of exploitation phase
  • Mitigating of installation phase
  • Mitigating of command and control phase
  • Mitigating of action on objectives phase
  • 7.4 Mapping 7D, CKC andAPT actors activities
  • 7.5 Conclusion
  • References

Inspec keywords: invasive software

Other keywords: sophisticated advanced persistent threat; attacker; prospective APT actors; malware signature detection; resilient defense; intrusion campaign; attack paths; blacklisting signature detection; cyber kill chain framework; mitigation strategies; advanced persistent threats; layered security architecture; align 7D defense model; static traditional defense mechanisms; dynamic advanced persistent threat; CKC steps; early reconnaissance; layered architecture

Subjects: Data security

Preview this chapter:
Zoom in

A layered security architecture based on cyber kill chain against advanced persistent threats, Page 1 of 2

| /docserver/preview/fulltext/books/pc/pbpc028e/PBPC028E_ch7-1.gif /docserver/preview/fulltext/books/pc/pbpc028e/PBPC028E_ch7-2.gif

Related content

This is a required field
Please enter a valid email address