A review of threat modelling approaches for APT-style attacks

Tatam, Matt; Shanmugam, Bharanidharan; Azam, Sami; Kannoorpatti, Krishnan

doi:10.1016/j.heliyon.2021.e05969

Cited by 61 publications

(52 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Illustrate threat landscaping, risk likelihood, and mitigation strategy SREP7 Perform Secure Requirement Review, Verification & Validation (Freq: 25) SREP7. 1 Review documentation against the objectives and needs SREP7. 2 Check the documentation against the security requirement documentation acceptance test parameters SREP7.…”

Section: B Practices For Developing Secure Software (Answer Rq2)mentioning

confidence: 99%

See 1 more Smart Citation

Systematic Literature Review on Security Risks and its Practices in Secure Software Development

Khan

et al. 2022

IEEE Access

View full text Add to dashboard Cite

Security is one of the most critical aspects of software quality. Software security refers to the process of creating and developing software that assures the integrity, confidentiality, and availability of its code, data, and services. Software development organizations treat security as an afterthought issue, and as a result, they continue to face security threats. Incorporating security at any level of the Software Development Life Cycle (SDLC) has become an urgent requirement. Several methodologies, strategies, and models have been proposed and developed to address software security, but only a few of them give reliable evidence for creating secure software applications. Software security issues, on the other hand, have not been adequately addressed, and integrating security procedures into the SDLC remains a challenge. The major purpose of this paper is to learn about software security risks and practices so that secure software development methods can be better designed. A systematic literature review (SLR) was performed to classify important studies to achieve this goal. Based on the inclusion, exclusion, and quality assessment criteria, a total of 121 studies were chosen. This study identified 154 security risks and 424 best practices that help software development organizations to manage the security in each phase of the SDLC. To pursue secure SDLC, this study prescribed different security activities, which should be followed in each phase of the SDLC. Successful integration of these activities minimizing effort, time, and budget while delivering secure software applications. The findings of this study assist software development organizations in improving the security level of their software products and also enhancing their security efficiency. This will raise the developer's awareness of secure development practices as well.

show abstract

Section: B Practices For Developing Secure Software (Answer Rq2)mentioning

confidence: 99%

“…"The world in every aspect has been modernized by an immense use of software systems. Software security ensures that the CIA (Confidentiality, Integrity, and Availability) of data and services are not compromised" [1,2]. This can only be done if the security is considered during all SDLC phases [1,2].…”

Section: Introductionmentioning

confidence: 99%

Systematic Literature Review on Security Risks and its Practices in Secure Software Development

Khan

et al. 2022

IEEE Access

View full text Add to dashboard Cite

show abstract

“…A risk model can be defined as a quantitative depiction that identifies the threat possibilities and the impact they will have on a specific asset [43]. Threat modeling is a risk modeling component that identifies, prioritizes, monitors, and evaluates the security risks in an iterative process [43].…”

Section: Threat Modeling Approachesmentioning

confidence: 99%

Exploration of Mobile Device Behavior for Mitigating Advanced Persistent Threats (APT): A Systematic Literature Review and Conceptual Framework

Jabar

Singh

2022

Sensors

View full text Add to dashboard Cite

During the last several years, the Internet of Things (IoT), fog computing, computer security, and cyber-attacks have all grown rapidly on a large scale. Examples of IoT include mobile devices such as tablets and smartphones. Attacks can take place that impact the confidentiality, integrity, and availability (CIA) of the information. One attack that occurs is Advanced Persistent Threat (APT). Attackers can manipulate a device’s behavior, applications, and services. Such manipulations lead to signification of a deviation from a known behavioral baseline for smartphones. In this study, the authors present a Systematic Literature Review (SLR) to provide a survey of the existing literature on APT defense mechanisms, find research gaps, and recommend future directions. The scope of this SLR covers a detailed analysis of most cybersecurity defense mechanisms and cutting-edge solutions. In this research, 112 papers published from 2011 until 2022 were analyzed. This review has explored different approaches used in cybersecurity and their effectiveness in defending against APT attacks. In a conclusion, we recommended a Situational Awareness (SA) model known as Observe–Orient–Decide–Act (OODA) to provide a comprehensive solution to monitor the device’s behavior for APT mitigation.

show abstract

“…One could employ CTI against advanced persistent threats [17], [18] and threat actors attempting long term cyber-physical malicious incursions. To that effect, authors have combined risk assessment with threat modelling to better understand these kinds of cyber-attacks [19]. Cybersecurity managers could devise strategies on how to conduct effective data poisoning attacks over long periods of time to skew algorithms and impair flexible control.…”

Section: Cyber Threat Intelligencementioning

confidence: 99%

cyberaCTIve: a STIX-based Tool for Cyber Threat Intelligence in Complex Models

Czekster¹,

Metere²,

Morisset³

2022

Preprint

View full text Add to dashboard Cite

Cyber threat intelligence (CTI) is practical realworld information that is collected with the purpose of assessing threats in cyber-physical systems (CPS). A practical notation for sharing CTI is STIX. STIX offers facilities to create, visualise and share models; however, even a moderately simple project can be represented in STIX as a quite complex graph, suggesting to spread CTI across multiple simpler sub-projects. Our tool aims to enhance the STIX-based modelling task in contexts when such simplifications are infeasible. Examples can be the microgrid and, more in general, the smart grid.

show abstract

A review of threat modelling approaches for APT-style attacks

Cited by 61 publications

References 23 publications

Systematic Literature Review on Security Risks and its Practices in Secure Software Development

Systematic Literature Review on Security Risks and its Practices in Secure Software Development

Exploration of Mobile Device Behavior for Mitigating Advanced Persistent Threats (APT): A Systematic Literature Review and Conceptual Framework

cyberaCTIve: a STIX-based Tool for Cyber Threat Intelligence in Complex Models

Contact Info

Product

Resources

About