Cargando…

A review of threat modelling approaches for APT-style attacks

Threats are potential events, intentional or not, that compromise the confidentiality, integrity, and/or availability of information systems. Defending against threats and attacks requires actionable threat intelligence. Using this intelligence to minimise risk, requires a systematic methodology or...

Descripción completa

Detalles Bibliográficos
Autores principales: Tatam, Matt, Shanmugam, Bharanidharan, Azam, Sami, Kannoorpatti, Krishnan
Formato: Online Artículo Texto
Lenguaje:English
Publicado: Elsevier 2021
Materias:
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7814160/
https://www.ncbi.nlm.nih.gov/pubmed/33506133
http://dx.doi.org/10.1016/j.heliyon.2021.e05969
_version_ 1783638008074862592
author Tatam, Matt
Shanmugam, Bharanidharan
Azam, Sami
Kannoorpatti, Krishnan
author_facet Tatam, Matt
Shanmugam, Bharanidharan
Azam, Sami
Kannoorpatti, Krishnan
author_sort Tatam, Matt
collection PubMed
description Threats are potential events, intentional or not, that compromise the confidentiality, integrity, and/or availability of information systems. Defending against threats and attacks requires actionable threat intelligence. Using this intelligence to minimise risk, requires a systematic methodology or framework that recognises every possible threat scenario. This can be done with Threat Modelling (TM), which assists with identifying, understanding and providing visibility of threats affecting an organisation. The focus of this study is to determine TM limitations, strengths, and any perceivable gaps. It has also focused on identifying any possible enhancements that may improve TM performance and efficiency when modelling sophisticated attacks such as Advanced Persistent Threats (APT).
format Online
Article
Text
id pubmed-7814160
institution National Center for Biotechnology Information
language English
publishDate 2021
publisher Elsevier
record_format MEDLINE/PubMed
spelling pubmed-78141602021-01-26 A review of threat modelling approaches for APT-style attacks Tatam, Matt Shanmugam, Bharanidharan Azam, Sami Kannoorpatti, Krishnan Heliyon Review Article Threats are potential events, intentional or not, that compromise the confidentiality, integrity, and/or availability of information systems. Defending against threats and attacks requires actionable threat intelligence. Using this intelligence to minimise risk, requires a systematic methodology or framework that recognises every possible threat scenario. This can be done with Threat Modelling (TM), which assists with identifying, understanding and providing visibility of threats affecting an organisation. The focus of this study is to determine TM limitations, strengths, and any perceivable gaps. It has also focused on identifying any possible enhancements that may improve TM performance and efficiency when modelling sophisticated attacks such as Advanced Persistent Threats (APT). Elsevier 2021-01-16 /pmc/articles/PMC7814160/ /pubmed/33506133 http://dx.doi.org/10.1016/j.heliyon.2021.e05969 Text en © 2021 The Authors http://creativecommons.org/licenses/by-nc-nd/4.0/ This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/).
spellingShingle Review Article
Tatam, Matt
Shanmugam, Bharanidharan
Azam, Sami
Kannoorpatti, Krishnan
A review of threat modelling approaches for APT-style attacks
title A review of threat modelling approaches for APT-style attacks
title_full A review of threat modelling approaches for APT-style attacks
title_fullStr A review of threat modelling approaches for APT-style attacks
title_full_unstemmed A review of threat modelling approaches for APT-style attacks
title_short A review of threat modelling approaches for APT-style attacks
title_sort review of threat modelling approaches for apt-style attacks
topic Review Article
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7814160/
https://www.ncbi.nlm.nih.gov/pubmed/33506133
http://dx.doi.org/10.1016/j.heliyon.2021.e05969
work_keys_str_mv AT tatammatt areviewofthreatmodellingapproachesforaptstyleattacks
AT shanmugambharanidharan areviewofthreatmodellingapproachesforaptstyleattacks
AT azamsami areviewofthreatmodellingapproachesforaptstyleattacks
AT kannoorpattikrishnan areviewofthreatmodellingapproachesforaptstyleattacks
AT tatammatt reviewofthreatmodellingapproachesforaptstyleattacks
AT shanmugambharanidharan reviewofthreatmodellingapproachesforaptstyleattacks
AT azamsami reviewofthreatmodellingapproachesforaptstyleattacks
AT kannoorpattikrishnan reviewofthreatmodellingapproachesforaptstyleattacks