Cargando…
A review of threat modelling approaches for APT-style attacks
Threats are potential events, intentional or not, that compromise the confidentiality, integrity, and/or availability of information systems. Defending against threats and attacks requires actionable threat intelligence. Using this intelligence to minimise risk, requires a systematic methodology or...
Autores principales: | , , , |
---|---|
Formato: | Online Artículo Texto |
Lenguaje: | English |
Publicado: |
Elsevier
2021
|
Materias: | |
Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7814160/ https://www.ncbi.nlm.nih.gov/pubmed/33506133 http://dx.doi.org/10.1016/j.heliyon.2021.e05969 |
_version_ | 1783638008074862592 |
---|---|
author | Tatam, Matt Shanmugam, Bharanidharan Azam, Sami Kannoorpatti, Krishnan |
author_facet | Tatam, Matt Shanmugam, Bharanidharan Azam, Sami Kannoorpatti, Krishnan |
author_sort | Tatam, Matt |
collection | PubMed |
description | Threats are potential events, intentional or not, that compromise the confidentiality, integrity, and/or availability of information systems. Defending against threats and attacks requires actionable threat intelligence. Using this intelligence to minimise risk, requires a systematic methodology or framework that recognises every possible threat scenario. This can be done with Threat Modelling (TM), which assists with identifying, understanding and providing visibility of threats affecting an organisation. The focus of this study is to determine TM limitations, strengths, and any perceivable gaps. It has also focused on identifying any possible enhancements that may improve TM performance and efficiency when modelling sophisticated attacks such as Advanced Persistent Threats (APT). |
format | Online Article Text |
id | pubmed-7814160 |
institution | National Center for Biotechnology Information |
language | English |
publishDate | 2021 |
publisher | Elsevier |
record_format | MEDLINE/PubMed |
spelling | pubmed-78141602021-01-26 A review of threat modelling approaches for APT-style attacks Tatam, Matt Shanmugam, Bharanidharan Azam, Sami Kannoorpatti, Krishnan Heliyon Review Article Threats are potential events, intentional or not, that compromise the confidentiality, integrity, and/or availability of information systems. Defending against threats and attacks requires actionable threat intelligence. Using this intelligence to minimise risk, requires a systematic methodology or framework that recognises every possible threat scenario. This can be done with Threat Modelling (TM), which assists with identifying, understanding and providing visibility of threats affecting an organisation. The focus of this study is to determine TM limitations, strengths, and any perceivable gaps. It has also focused on identifying any possible enhancements that may improve TM performance and efficiency when modelling sophisticated attacks such as Advanced Persistent Threats (APT). Elsevier 2021-01-16 /pmc/articles/PMC7814160/ /pubmed/33506133 http://dx.doi.org/10.1016/j.heliyon.2021.e05969 Text en © 2021 The Authors http://creativecommons.org/licenses/by-nc-nd/4.0/ This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/). |
spellingShingle | Review Article Tatam, Matt Shanmugam, Bharanidharan Azam, Sami Kannoorpatti, Krishnan A review of threat modelling approaches for APT-style attacks |
title | A review of threat modelling approaches for APT-style attacks |
title_full | A review of threat modelling approaches for APT-style attacks |
title_fullStr | A review of threat modelling approaches for APT-style attacks |
title_full_unstemmed | A review of threat modelling approaches for APT-style attacks |
title_short | A review of threat modelling approaches for APT-style attacks |
title_sort | review of threat modelling approaches for apt-style attacks |
topic | Review Article |
url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7814160/ https://www.ncbi.nlm.nih.gov/pubmed/33506133 http://dx.doi.org/10.1016/j.heliyon.2021.e05969 |
work_keys_str_mv | AT tatammatt areviewofthreatmodellingapproachesforaptstyleattacks AT shanmugambharanidharan areviewofthreatmodellingapproachesforaptstyleattacks AT azamsami areviewofthreatmodellingapproachesforaptstyleattacks AT kannoorpattikrishnan areviewofthreatmodellingapproachesforaptstyleattacks AT tatammatt reviewofthreatmodellingapproachesforaptstyleattacks AT shanmugambharanidharan reviewofthreatmodellingapproachesforaptstyleattacks AT azamsami reviewofthreatmodellingapproachesforaptstyleattacks AT kannoorpattikrishnan reviewofthreatmodellingapproachesforaptstyleattacks |