- -

A Taxonomy for Threat Actors' Delivery Techniques

RiuNet: Repositorio Institucional de la Universidad Politécnica de Valencia

Compartir/Enviar a

Citas

Estadísticas

  • Estadisticas de Uso

A Taxonomy for Threat Actors' Delivery Techniques

Mostrar el registro sencillo del ítem

Ficheros en el ítem

dc.contributor.author Villalón-Huerta, Antonio es_ES
dc.contributor.author Ripoll-Ripoll, Ismael es_ES
dc.contributor.author Marco-Gisbert, Héctor es_ES
dc.date.accessioned 2023-12-13T19:00:25Z
dc.date.available 2023-12-13T19:00:25Z
dc.date.issued 2022-04 es_ES
dc.identifier.issn 1812-5654 es_ES
dc.identifier.uri http://hdl.handle.net/10251/200727
dc.description.abstract [EN] The main contribution of this paper is to provide an accurate taxonomy for delivery techniques, which allows the detection of novel techniques and the identification of appropriate countermeasures. Delivery is a key stage for offensive cyber operations. During delivery, a threat actor tries to gain an initial foothold into the targeted infrastructure. It is the first step of an offensive cyber operation, where the threat actor interacts with its victim in a hostile way; thus, its success is mandatory for the global achievement of the operation. However, delivery techniques are not well structured among the literature, being in many cases a simple list of techniques with which, if one of them is slightly modified by the threat actor, its detection becomes very difficult. This situation hinders the modeling of hostile actors, a fact that makes it difficult to identify countermeasures to detect and neutralize their malicious activities. In this work, we analyze the current delivery techniques' classification approaches and the problems linked to them. From this analysis, we propose a novel taxonomy that allows the accurate classification of techniques, overcoming the identified problems and allowing both the discovery of new techniques and the detection of gaps in deployed countermeasures. Our proposal significantly reduces the amount of effort needed to identify, analyze, and neutralize hostile activities from advanced threat actors, in particular their initial access stage. It follows a logical structure that can be easy to expand and adapt, and it can be directly used in the industry's commonly accepted standards, such as MITRE ATT&CK. es_ES
dc.language Inglés es_ES
dc.publisher Science Alert es_ES
dc.relation.ispartof Journal of Applied Sciences es_ES
dc.rights Reconocimiento (by) es_ES
dc.subject Cyber kill chain es_ES
dc.subject Delivery es_ES
dc.subject Initial access es_ES
dc.subject Advanced persistent threat es_ES
dc.subject MITRE ATT&CK es_ES
dc.subject.classification ARQUITECTURA Y TECNOLOGIA DE COMPUTADORES es_ES
dc.title A Taxonomy for Threat Actors' Delivery Techniques es_ES
dc.type Artículo es_ES
dc.identifier.doi 10.3390/app12083929 es_ES
dc.rights.accessRights Abierto es_ES
dc.contributor.affiliation Universitat Politècnica de València. Escola Tècnica Superior d'Enginyeria Informàtica es_ES
dc.description.bibliographicCitation Villalón-Huerta, A.; Ripoll-Ripoll, I.; Marco-Gisbert, H. (2022). A Taxonomy for Threat Actors' Delivery Techniques. Journal of Applied Sciences. 12(8):1-23. https://doi.org/10.3390/app12083929 es_ES
dc.description.accrualMethod S es_ES
dc.relation.publisherversion https://doi.org/10.3390/app12083929 es_ES
dc.description.upvformatpinicio 1 es_ES
dc.description.upvformatpfin 23 es_ES
dc.type.version info:eu-repo/semantics/publishedVersion es_ES
dc.description.volume 12 es_ES
dc.description.issue 8 es_ES
dc.relation.pasarela S\462596 es_ES
dc.subject.ods 11.- Conseguir que las ciudades y los asentamientos humanos sean inclusivos, seguros, resilientes y sostenibles es_ES
dc.subject.ods 16.- Promover sociedades pacíficas e inclusivas para el desarrollo sostenible, facilitar acceso a la justicia para todos y crear instituciones eficaces, responsables e inclusivas a todos los niveles es_ES


Este ítem aparece en la(s) siguiente(s) colección(ones)

Mostrar el registro sencillo del ítem