Cyber Attack Thread: A Control-flow Based Approach to Deconstruct and Mitigate Cyber Threats

TL;DR

This paper introduces a control-flow based approach to analyze and mitigate cyber threats by understanding attack threads and defense mechanisms, focusing on complex APT attacks and providing a seven-phase framework for security practitioners.

Contribution

It presents a novel seven-phase cyber attack thread model and discusses technical aspects of attack and defense strategies, emphasizing attacker perspectives.

Findings

Seven-phase attack thread framework introduced

Analysis of APT attack technical aspects provided

Guidelines for defense mechanisms discussed

Abstract

Attacks in cyberspace have got attention due to risk at privacy, breach of trust and financial losses for individuals as well as organizations. In recent years, these attacks have become more complex to analyze technically, as well as to detect and prevent from accessing confidential data. Although there are many methodologies and mechanisms which have been suggested for cyber-attack detection and prevention, but not from the perspective of an attacker. This paper presents the cyber-defence as hindrances, faced by the attacker, by understanding attack thread and defence possibilities with existing security mechanisms. Seven phases of Cyber Attack Thread are introduced and technical aspects are discussed with reference to APT attacks. The paper aims for security practitioner and administrators as well as for the general audience to understand the attack scenario and defensive security measures.