MinJu Kim  Seok-Won Lee

10.5626/JOK.2019.46.12.1328

Security Requirements Advanced Persistent Threat(APT) attack cyber-attack modeling case study

Advanced Persistent Threat(APT) attack is one of the cyber-attack methods that continuously attacks the specific target with advanced tools. Since attackers use various methods that are specialized to targets, it is difficult to prevent the attacks with common security countermeasures. Currently, there exist various the APT attack stage models. However, the models only express APT attacks simply. Consequently, it is difficult to use them for risk assessment or as a recommendation for security requirements for a specific system. In order to overcome the limitations of such models, we derived factors of APT attack through a case study for defining the features of APT attack. We have also analyzed and defined the factors and their relationships to construct the APT attack factor model. For validation purpose, the model applied to the actual attack case has been referred to as ‘APT 1’. Through the proposed model, it would be possible to gain understanding about the overall flow of APT attacks and classify attack factors not only in terms of technical aspects but also with respect to social engineering facets.