Art of Apt Its Tools & Attack Vectors and Mitigation Techniques
Subhranil Som1, Dev Bhatnagar2, Sunil Kumar Khatri3
1Dev Bhatnagar (Student, Amity Institute of Information Technology, Amity University Noida, Uttar Praadesh).
2Subhranil Som (Associate Professor, Amity Institute of Information Technology, Amity University Noida, Uttar Praadesh).
3Sunil Kumar Khatri (Director, Amity Institute of Information Technology, Amity University Noida, Uttar Praadesh).
Manuscript received on 10 April 2019 | Revised Manuscript received on 15 May 2019 | Manuscript published on 30 May 2019 | PP: 273-287 | Volume-8 Issue-1, May 2019 | Retrieval Number: A3092058119/19©BEIESP
Open Access | Ethics and Policies | Cite | Mendeley | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC-BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: Advanced persistent threat is a primary security concerns to the big organizations and its technical infrastructure, from cyber criminals seeking personal and financial information to state sponsored attacks designed to disrupt, compromising infrastructure, sidestepping security efforts thus causing serious damage to organizations. A skilled cybercriminal using multiple attack vectors and entry points navigates around the defenses, evading IDS/Firewall detection and breaching the network in no time. To understand the big picture, this paper analyses an approach to advanced persistent threat by doing the same things the bad guys do on a network setup. We will walk through various steps from footprinting and reconnaissance, scanning networks, gaining access, maintaining access to finally clearing tracks, as in a real world attack. We will walk through different attack tools and exploits used in each phase and comparative study on their effectiveness, along with explaining their attack vectors and its countermeasures. We will conclude the paper by explaining the factors which actually qualify to be an Advanced Persistent Threat.
Index Terms: APT Footprinting, Reconnaissance, Kali, Wireshark, Meterpreter, HPING3, Metasploit.
Scope of the Article: Information Retrieval