Red Queen's Race: APT win-win game
Autoři | |
---|---|
Rok publikování | 2014 |
Druh | Článek ve sborníku |
Konference | Security Protocols XXII - 22nd International Workshop, Revised Selected Papers |
Fakulta / Pracoviště MU | |
Citace | |
Doi | http://dx.doi.org/10.1007/978-3-319-12400-1_7 |
Obor | Informatika |
Klíčová slova | advanced persistant threats;APT;kill chain;honeypot |
Popis | Advanced persistent threats (APTs) are not only a very prominent buzzword, but often come with a costly impact. A popular approach how to deal with APTs is the kill chain concept. We propose an extension to the kill chain, where the attacker is allowed to continue his attack even after being discovered by defenders. Meanwhile, observing defenders collect valuable intelligence which is to be used to counter future attacks. Benefits and negatives of postponed remediation are presented and related issues are discussed. |
Související projekty: |