Advanced Persistent Threats Attribution-Extending MICTIC Framework
- 1 Department of Computer Science, Instituto Superior de Tecnologias Avançadas-ISTEC, Portugal
- 2 Department of Computer Science, INESC TEC, Universidade Aberta, Portugal
- 3 Department of Computer Science, Instituto Superior Técnico, Universidade de Lisboa, Portugal
Abstract
This research is inserted in the context of cybersecurity and specifically in the attribution of Advanced Persistent Threats (APT). The investigation that gave rise to the article studies the MICTIC Framework, validating it and proposing an extension to facilitate the assignment of APTs. In this research, we present the motivation for this proposal and its validation. Also, the MICTIC is presented layer by layer and the extended version is submitted for validation through a survey of around 50 university professors and researchers. Due to the fact the MICTIC by itself has not been validated, we decided to do that in conjunction with the extension proposal. Attribution is very important because lets you know who promoted or who carried out an APT-type attack. On the other hand, just the fact that there are sophisticated Attribution mechanisms can act as a deterrent to future attacks. This research contributes to greater ease in obtaining the Assignment of APTs and consequently in understanding how this type of cybercrime works. so much so that there are few studies on the Assignment of APTs. This study objectively contributes to achieving the APT attribution by combining technological and non-technological techniques. It contributes to achieving computer security environments since an APT Attribution is a high deterrent to an APT group getting uncovered and an Attribution being assigned to it. Typically, cybercriminals who have been identified have stopped operating, whereas the opposite is not true; unidentified actors persist with attacks for a long time. Thus, this study also contributes to the overall maintenance of cybersecurity.
DOI: https://doi.org/10.3844/jcssp.2024.1403.1421
Copyright: © 2024 Pedro Ramos Brandao, Henrique São Mamede and Miguel Pupo Correia. This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.
- 499 Views
- 256 Downloads
- 0 Citations
Download
Keywords
- Advanced Persistent Threat
- MICTIC
- APT Assignment
- APT Attribution