Abstract
Advanced persistent threat (APT) as a new form of cyber attack has posed a severe threat to modern organizations. When an APT has been detected, the target organization has to develop a response resource allocation strategy to mitigate her potential loss. This paper suggests a risk management approach to solving this APT response problem. First, we present three state evolution models. Thereby we assess the organization’s potential loss. On this basis, we propose two kinds of game-theoretic models of the APT response problem. This work initiates the study of the APT response problem.
Supported by National Natural Science Foundation of China (Grant No. 61572006).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Virvilis, N., Gritzalis, D., Apostolopoulos, T.: Trusted computing vs. advanced persistent threat: can a defender win this game? In: Proceedings of IEEE 10th International Conference on UIC/ATC, pp. 396–403 (2013)
Tankard, C.: Advanced persistent threats and how to monitor and deter them. Netw. Secur. 2011(8), 16–19 (2011)
Cole, E.: Advanced Persistent Threat: Understanding the Danger and How to Protect Your Organization, 1st edn. Elsevier, Amsterdam (2013)
Freund, J., Jones, J.: Measuring and Managing Information Risk: A Fair Approach, 1st edn. Butterworth-Heinemann, Oxford (2014)
Hubbard, D.W., Seiersen, R.: How to Measure Anything in Cybersecurity Risk, 1st edn. Wiley, Hoboken (2016)
Friedberg, I., Skopik, F., Settanni, G., Fiedler, R.: Combating advanced persistent threats: from network event correlation to incident detection. Comput. Secur. 48, 35–57 (2015)
Marchetti, M., Pierazzi, F., Colajanni, M., Guido, A.: Analysis of high volumes of network traffic for advanced persistent threat detection. Comput. Netw. 109, 127–141 (2016)
Britton, N.F.: Essential Mathematical Biology, 1st edn. Springer, Heidelberg (2003). https://doi.org/10.1007/978-1-4471-0049-2
Van Mieghem, P., Omic, J.S., Kooij, R.E.: Virus spread in networks. IEEE/ACM Trans. Netw. 17(1), 1–14 (2009)
Xu, S., Lu, W., Xu, L.: Push-and pull-based epidemic spreading in networks: thresholds and deeper insights. ACM Trans. Auton. Adapt. Syst. 7(3), 32 (2012)
Xu, S., Lu, W., Xu, L., Zhan, Z.: Adaptive epidemic dynamics in networks: thresholds and control. ACM Trans. Auton. Adapt. Syst. 8(4), 19 (2014)
Yang, L.X., Draief, M., Yang, X.: The impact of the network topology on the viral prevalence: a node-based approach. PLOS One 10(7), e0134507 (2015)
Yang, L.X., Draief, M., Yang, X.: Heterogeneous virus propagation in networks: a theoretical study. Math. Methods Appl. Sci. 40(5), 1396–1413 (2017)
Yang, L.X., Yang, X., Wu, Y.: The impact of patch forwarding on the prevalence of computer virus. Appl. Math. Model. 43, 110–125 (2017)
Yang, L.X., Yang, X., Tang, Y.Y.: A bi-virus competing spreading model with generic infection rates. IEEE Trans. Netw. Sci. Eng. 5(1), 2–13 (2018)
Xu, S., Lu, W., Li, H.: A stochastic model of active cyber defense dynamics. Internet Math. 11, 28–75 (2015)
Yang, L.X., Li, P., Yang, X., Tang, Y.Y.: Security evaluation of the cyber networks under advanced persistent threats. IEEE Access 5, 20111–20123 (2017)
Roy, S., Ellis, C., Shiva, S., Dasgupta, D., Shandilya, V., Wu, Q.: A survey of game theory as applied to network security. In: Proceedings of the 43rd Hawaii International Conference on System Sciences, pp. 1–10 (2010)
Alpcan, T., Basar, T.: Network Security: A Decision and Game-Theoretic Approach, 1st edn. Cambridge University Press, Cambridge (2010)
Manshaei, M.H., Zhu, Q., Alpcan, T., Bacşar, T., Hubaux, J.P.: Game theory meets network security and privacy. ACM Comput. Surv. 45(3), 25 (2013)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Zhong, X., Yang, LX., Yang, X., Xiong, Q., Wen, J., Tang, Y.Y. (2018). Defending Against Advanced Persistent Threat: A Risk Management Perspective. In: Liu, F., Xu, S., Yung, M. (eds) Science of Cyber Security. SciSec 2018. Lecture Notes in Computer Science(), vol 11287. Springer, Cham. https://doi.org/10.1007/978-3-030-03026-1_16
Download citation
DOI: https://doi.org/10.1007/978-3-030-03026-1_16
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-03025-4
Online ISBN: 978-3-030-03026-1
eBook Packages: Computer ScienceComputer Science (R0)