Abstract:
Cyber threats have been an issue of great concern since the advent of the
information (computer and internet) age. But of greater concern is the most recent class
of threats, known as Advanced Persistent Threats (APTs). It has drawn increasing
attention all over the world, from researchers, and the industrial security sector. APTs
are sophisticated cyber-attacks executed by sophisticated and well-resourced
adversaries targeting specific information in companies and government. APT is a long-
term campaign involving different steps. This form of attack if successful has significant
implications to countries and large organizations, which may be from financial to
reputational damage. This work presents a comprehensive study on APT, characterizing
its uniqueness and attack model, and analyzing techniques commonly seen in APT
attacks. On evaluating mitigation effects proposed and developed by researches, the use
of a multiple mitigation methods shows good signs in detecting and preventing APT.
Anomaly detection and dynamic analysis show high accuracy levels in detecting APT.
This work also highlights and recommends security tips as well as methods of
implementing countermeasures that can help to mitigate APTs, thereby giving directions
for future research
