Cyber Kill Chain Analysis
Author(s): MIHAI, Ioan-Cosmin; PRUNĂ, Ștefan; BARBU, Ionuț-Daniel
Author(s) keywords: APT, cyber kill chain, cyber-attacks, incident response
Reference keywords: cyber-attacks, cybercrime
Abstract:
The purpose of this paper is to present a structured approach of Advance Persistent Threats attacks and to analyze the intrusion kill chain in order to determine intrusions indicators. The analysis divides the phases of a cyber-attack and map them to response procedures.
References:
[1]. E.M. Hutchins, M.J. Cloppert, and R.M. Amin, Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains, Proc. 6th Int'l Conf. Information Warfare and Security (ICIW 11), Academic Conferences Ltd., 2010, pp. 113-125.
[2]. F. Duran, S. H. Conrad, G. N. Conrad, D. P. Duggan, and E. B. Held, Building a System for Insider Security. IEEE Security & Privacy, 7(6), 2009, pp. 30-38.
[3]. K. Epstein and B. Elgin, Network Security Breaches Plague NASA, 2008.
[4]. B. Krekel, Capability of the People's Republic of China to Conduct Cyber Warfare and Computer Network Exploitation, October 2009.
[5]. J.A. Lewis, Holistic Approaches to Cybersecurity to Enable Network Centric Operations, April 2008.
[6]. Mandiant, M-Trends: The Advanced Persistent Threat, January 2010.
[7]. Microsoft Security Bulletin MS09-017: Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (967340), May 2009.
Article Title: Cyber Kill Chain Analysis
Author(s): MIHAI, Ioan-Cosmin; PRUNĂ, Ștefan; BARBU, Ionuț-Daniel
Date of Publication: 2014-12-29
Publication: International Journal of Information Security and Cybercrime
ISSN: 2285-9225 e-ISSN: 2286-0096
Digital Object Identifier: 10.19107/IJISC.2014.02.04
Issue: Volume 3, Issue 2, Year 2014
Section: Studies and Analysis of Cybercrime Phenomenon
Page Range: 37-42 (6 pages)
Copyright ©2012-2025
The International Journal of Information Security and Cybercrime (IJISC)
All rights reserved
The International Journal of Information Security and Cybercrime is a trademark of the Romanian Association for Information Security Assurance (RAISA).
No part of this publication may be reproduced, stored in a retrieval system, photocopied, recorded or archived, without the written permission from RAISA. When authors submit their papers for publication, they agree that the copyright for their article be transferred to the Romanian Association for Information Security Assurance, if the articles are accepted for publication. The copyright covers the exclusive rights to reproduce and distribute the article, including reprints and translations.