School of Computer Science, Universiti Sains Malaysia, Gelugor 11800, Penang, Malaysia.
Sensors (Basel). 2022 Jun 21;22(13):4662. doi: 10.3390/s22134662.
During the last several years, the Internet of Things (IoT), fog computing, computer security, and cyber-attacks have all grown rapidly on a large scale. Examples of IoT include mobile devices such as tablets and smartphones. Attacks can take place that impact the confidentiality, integrity, and availability (CIA) of the information. One attack that occurs is Advanced Persistent Threat (APT). Attackers can manipulate a device's behavior, applications, and services. Such manipulations lead to signification of a deviation from a known behavioral baseline for smartphones. In this study, the authors present a Systematic Literature Review (SLR) to provide a survey of the existing literature on APT defense mechanisms, find research gaps, and recommend future directions. The scope of this SLR covers a detailed analysis of most cybersecurity defense mechanisms and cutting-edge solutions. In this research, 112 papers published from 2011 until 2022 were analyzed. This review has explored different approaches used in cybersecurity and their effectiveness in defending against APT attacks. In a conclusion, we recommended a Situational Awareness (SA) model known as Observe-Orient-Decide-Act (OODA) to provide a comprehensive solution to monitor the device's behavior for APT mitigation.
在过去的几年中,物联网 (IoT)、雾计算、计算机安全和网络攻击都在大规模迅速发展。物联网的例子包括移动设备,如平板电脑和智能手机。可能会发生影响信息机密性、完整性和可用性 (CIA) 的攻击。一种发生的攻击是高级持续性威胁 (APT)。攻击者可以操纵设备的行为、应用程序和服务。这种操纵导致智能手机的已知行为基准发生显著偏离。在这项研究中,作者进行了系统文献综述 (SLR),以对现有的 APT 防御机制文献进行调查,发现研究空白,并提出未来的方向。本 SLR 的范围涵盖了对大多数网络安全防御机制和最先进解决方案的详细分析。在这项研究中,分析了 2011 年至 2022 年期间发表的 112 篇论文。本综述探讨了网络安全中使用的不同方法及其在防御 APT 攻击方面的有效性。最后,我们建议采用一种称为观察-定向-决策-行动 (OODA) 的态势感知 (SA) 模型,为监控设备行为以减轻 APT 提供全面的解决方案。