Targeted cyberattacks: A superset of advanced persistent threats

IEEE Security and Privacy

Volumn 11, Issue 1, 2013, Pages 54-61

  Sood, Aditya K ^a   Enbody, Richard J ^a  

^a MICHIGAN STATE UNIVERSITY   (United States)

Author keywords

advanced persistent threats; cyber warfare; cybercrime; targeted attacks

Indexed keywords

ADVANCED PERSISTENT THREATS; CYBER WARFARE; CYBER-ATTACKS; CYBERCRIME; ECONOMIC MODELS; TARGETED ATTACKS;

COMPUTER NETWORKS; ELECTRICAL ENGINEERING;

COMPUTER CRIME;

EID: 84873369793     PISSN: 15407993     EISSN: None     Source Type: Journal    
DOI: 10.1109/MSP.2012.90     Document Type: Article

References (15)

1. F. Li, A. Lai, and D. Ddl, "Evidence of Advanced Persistent Threat: A Case Study of Malware for Political Espionage," 6th Int'l Conf. Malicious and Unwanted Software (Malware 11), IEEE, 2011, pp. 102-109.
2. M. Cova, C. Kruegel, and G. Vigna, "Detection and Analysis of Drive-by-Download Attacks and Malicious JavaScript Code," Proc. 19th Int'l Conf. World Wide Web, ACM, 2012; http://doi.acm.org/10.1145/1772690.1772720.
3. A.K Sood and R.J. Enbody, "Browser Exploit Packs - Death by Bundled Exploits," Proc. 21st Virus Bulletin Conf., 2011; http://secniche.blogspot. com/2011/10/virus-bulletin-2011-conference-browser.html.
4. R. Branco, "Into the Darkness: Dissecting Targeted Attacks," Qualys Blog, Nov. 2011; https://community.qualys.com/blogs/securitylabs/2011/11/ 30/dissecting-targeted-attacks.
5. M. Balduzzi et al., "A Security Analysis of Amazon's Elastic Compute Cloud Service," Proc. 27th Ann. ACM Symp. Applied Computing, ACM, 2012; http://doi.acm.org/10.1145/2245276.2232005.
6. P. Ferrie and P. Szor, "Cabirn Fever," Virus Bulletin Magazine, Aug. 2004; http://vallejo.cc/proyectos/cabir/cabir.pdf.
7. H. Binsallee et al., "On the Analysis of the Zeus Botnet Crimeware Toolkit," IEEE 8th Ann. Conf. Privacy, Security and Trust (PST), IEEE, 2010; http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber= 5593240&isnumber=5593224.
8. A.K Sood and R.J. Enbody, "Browser User Interface Design Flaws," Crosstalk, May 2011; www.crosstalkonline.org/storage/issue- archives/2011/201105/201105-Sood.pdf.
9. H. Okhravi, J.W. Haines, and K. Ingols, "Achieving Cyber Survivability in a Contested Environment Using a Cyber Moving Target," High Frontier: The Journal for Space and Cyberspace Professionals, May 2011; http://web.mit.edu/ha22286/www/papers/journal/Achieving-Cyber-Survivability-in- a-Contested-Environment-Using-a-Cyber-Moving-Target.pdf.
10. N. Christin, "On Critical Infrastructure Protection and International Agreements," School of Public Policy, Univ. of Maryland, Mar. 2011; www.cissm.umd.edu/papers/files/on-critical-infrastructure-protection-and- international-agreements-033111-final.pdf.
11. W. Huang, C. Hsiao, and N. Lin, "Mass Meshing Injection: Sidename.js (now cssminibar.js) Ongoing," Armorize Malware Blog, 15 June 2011; http://blog.armorize.com/2011/06/mass-meshing-injection-sidenamejs.html.
12. W. Huang, C. Hsiao, and N. Lin, "Malvertising on Google Doubleclick Ongoing," Armorize Malware Blog, 25 Aug. 2011; http://blog.armorize.com/ 2011/08/malvertisingon-google-doubleclick.html.
13. A. Stavrou and Z. Wang, "Exploiting Smart-Phone USB Connectivity for Fun and Profit," BlackHat DC Conf., 2011; https://media.blackhat.com/bh- dc-11/Stavrou-Wang/BlackHat-DC-2011-Stavrou-Zhaohui-USB-exploits-wp.pdf.
14. J. Rutkowska, "Thoughts about Trusted Computing," EuSecWest Conf., 2009; http://invisiblethingslab.com/resources/misc09/trusted-computing- thoughts.pdf.
15. "McAfee Threats Report: First Quarter 2012," McAfee, 2012; www.mcafee.com/hk/resources/reports/rp-quarterly-threat-q1-2012.pdf.