Skip to main content
SpringerLink
Log in
Book cover

International Conference on Science of Cyber Security

SciSec 2018: Science of Cyber Security pp 207–215Cite as

Defending Against Advanced Persistent Threat: A Risk Management Perspective

  • Conference paper
  • First Online:

  • 833 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11287))

Abstract

Advanced persistent threat (APT) as a new form of cyber attack has posed a severe threat to modern organizations. When an APT has been detected, the target organization has to develop a response resource allocation strategy to mitigate her potential loss. This paper suggests a risk management approach to solving this APT response problem. First, we present three state evolution models. Thereby we assess the organization’s potential loss. On this basis, we propose two kinds of game-theoretic models of the APT response problem. This work initiates the study of the APT response problem.

Supported by National Natural Science Foundation of China (Grant No. 61572006).

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Virvilis, N., Gritzalis, D., Apostolopoulos, T.: Trusted computing vs. advanced persistent threat: can a defender win this game? In: Proceedings of IEEE 10th International Conference on UIC/ATC, pp. 396–403 (2013)

    Google Scholar 

  2. Tankard, C.: Advanced persistent threats and how to monitor and deter them. Netw. Secur. 2011(8), 16–19 (2011)

    Article  Google Scholar 

  3. Cole, E.: Advanced Persistent Threat: Understanding the Danger and How to Protect Your Organization, 1st edn. Elsevier, Amsterdam (2013)

    Google Scholar 

  4. Freund, J., Jones, J.: Measuring and Managing Information Risk: A Fair Approach, 1st edn. Butterworth-Heinemann, Oxford (2014)

    Google Scholar 

  5. Hubbard, D.W., Seiersen, R.: How to Measure Anything in Cybersecurity Risk, 1st edn. Wiley, Hoboken (2016)

    Book  Google Scholar 

  6. Friedberg, I., Skopik, F., Settanni, G., Fiedler, R.: Combating advanced persistent threats: from network event correlation to incident detection. Comput. Secur. 48, 35–57 (2015)

    Article  Google Scholar 

  7. Marchetti, M., Pierazzi, F., Colajanni, M., Guido, A.: Analysis of high volumes of network traffic for advanced persistent threat detection. Comput. Netw. 109, 127–141 (2016)

    Article  Google Scholar 

  8. Britton, N.F.: Essential Mathematical Biology, 1st edn. Springer, Heidelberg (2003). https://doi.org/10.1007/978-1-4471-0049-2

    Book  MATH  Google Scholar 

  9. Van Mieghem, P., Omic, J.S., Kooij, R.E.: Virus spread in networks. IEEE/ACM Trans. Netw. 17(1), 1–14 (2009)

    Article  Google Scholar 

  10. Xu, S., Lu, W., Xu, L.: Push-and pull-based epidemic spreading in networks: thresholds and deeper insights. ACM Trans. Auton. Adapt. Syst. 7(3), 32 (2012)

    Article  Google Scholar 

  11. Xu, S., Lu, W., Xu, L., Zhan, Z.: Adaptive epidemic dynamics in networks: thresholds and control. ACM Trans. Auton. Adapt. Syst. 8(4), 19 (2014)

    Article  Google Scholar 

  12. Yang, L.X., Draief, M., Yang, X.: The impact of the network topology on the viral prevalence: a node-based approach. PLOS One 10(7), e0134507 (2015)

    Article  Google Scholar 

  13. Yang, L.X., Draief, M., Yang, X.: Heterogeneous virus propagation in networks: a theoretical study. Math. Methods Appl. Sci. 40(5), 1396–1413 (2017)

    Article  MathSciNet  Google Scholar 

  14. Yang, L.X., Yang, X., Wu, Y.: The impact of patch forwarding on the prevalence of computer virus. Appl. Math. Model. 43, 110–125 (2017)

    Article  MathSciNet  Google Scholar 

  15. Yang, L.X., Yang, X., Tang, Y.Y.: A bi-virus competing spreading model with generic infection rates. IEEE Trans. Netw. Sci. Eng. 5(1), 2–13 (2018)

    Article  Google Scholar 

  16. Xu, S., Lu, W., Li, H.: A stochastic model of active cyber defense dynamics. Internet Math. 11, 28–75 (2015)

    MathSciNet  Google Scholar 

  17. Yang, L.X., Li, P., Yang, X., Tang, Y.Y.: Security evaluation of the cyber networks under advanced persistent threats. IEEE Access 5, 20111–20123 (2017)

    Article  Google Scholar 

  18. Roy, S., Ellis, C., Shiva, S., Dasgupta, D., Shandilya, V., Wu, Q.: A survey of game theory as applied to network security. In: Proceedings of the 43rd Hawaii International Conference on System Sciences, pp. 1–10 (2010)

    Google Scholar 

  19. Alpcan, T., Basar, T.: Network Security: A Decision and Game-Theoretic Approach, 1st edn. Cambridge University Press, Cambridge (2010)

    MATH  Google Scholar 

  20. Manshaei, M.H., Zhu, Q., Alpcan, T., Bacşar, T., Hubaux, J.P.: Game theory meets network security and privacy. ACM Comput. Surv. 45(3), 25 (2013)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Big Data and Software Engineering, Chongqing University, Chongqing, 400044, China

    Xiang Zhong, Xiaofan Yang, Qingyu Xiong & Junhao Wen

  2. School of Information Technology, Deakin University, Melbourne, VIC, 3125, Australia

    Lu-Xing Yang

  3. Beijing Advanced Innovation Center for Big Data and Brain Computing, Beihang University, Beijing, 100083, China

    Yuan Yan Tang

  4. Department of Computer and Information Science, The University of Macau, Macau, China

    Yuan Yan Tang

Authors
  1. Xiang Zhong
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Lu-Xing Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Xiaofan Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Qingyu Xiong
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Junhao Wen
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Yuan Yan Tang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Xiaofan Yang .

Editor information

Editors and Affiliations

  1. Institute of Information Engineering and School of Cybersecurity University of Chinese Academy of Sciences, Beijing, China

    Feng Liu

  2. The University of Texas at San Antonio, San Antonio, TX, USA

    Shouhuai Xu

  3. Google and Columbia University, New York, NY, USA

    Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Zhong, X., Yang, LX., Yang, X., Xiong, Q., Wen, J., Tang, Y.Y. (2018). Defending Against Advanced Persistent Threat: A Risk Management Perspective. In: Liu, F., Xu, S., Yung, M. (eds) Science of Cyber Security. SciSec 2018. Lecture Notes in Computer Science(), vol 11287. Springer, Cham. https://doi.org/10.1007/978-3-030-03026-1_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-03026-1_16

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-03025-4

  • Online ISBN: 978-3-030-03026-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation