Red Queen's Race: APT win-win game

Warning

This publication doesn't include Faculty of Arts. It includes Faculty of Informatics. Official publication website can be found on muni.cz.

Authors	BUKAČ Vít LORENC Václav MATYÁŠ Václav
Year of publication	2014
Type	Article in Proceedings
Conference	Security Protocols XXII - 22nd International Workshop, Revised Selected Papers
MU Faculty or unit	Faculty of Informatics
Citation
Doi	http://dx.doi.org/10.1007/978-3-319-12400-1_7
Field	Informatics
Keywords	advanced persistant threats;APT;kill chain;honeypot
Description	Advanced persistent threats (APTs) are not only a very prominent buzzword, but often come with a costly impact. A popular approach how to deal with APTs is the kill chain concept. We propose an extension to the kill chain, where the attacker is allowed to continue his attack even after being discovered by defenders. Meanwhile, observing defenders collect valuable intelligence which is to be used to counter future attacks. Benefits and negatives of postponed remediation are presented and related issues are discussed.
Related projects:	Bezpečnostní protokoly podporující soukromí a detekce průniku v bezdrátových senzorových sítích