Research Article Open Access

Advanced Persistent Threats Attribution-Extending MICTIC Framework

Pedro Ramos Brandao1, Henrique São Mamede2 and Miguel Pupo Correia3
  • 1 Department of Computer Science, Instituto Superior de Tecnologias Avançadas-ISTEC, Portugal
  • 2 Department of Computer Science, INESC TEC, Universidade Aberta, Portugal
  • 3 Department of Computer Science, Instituto Superior Técnico, Universidade de Lisboa, Portugal

Abstract

This research is inserted in the context of cybersecurity and specifically in the attribution of Advanced Persistent Threats (APT). The investigation that gave rise to the article studies the MICTIC Framework, validating it and proposing an extension to facilitate the assignment of APTs. In this research, we present the motivation for this proposal and its validation. Also, the MICTIC is presented layer by layer and the extended version is submitted for validation through a survey of around 50 university professors and researchers. Due to the fact the MICTIC by itself has not been validated, we decided to do that in conjunction with the extension proposal. Attribution is very important because lets you know who promoted or who carried out an APT-type attack. On the other hand, just the fact that there are sophisticated Attribution mechanisms can act as a deterrent to future attacks. This research contributes to greater ease in obtaining the Assignment of APTs and consequently in understanding how this type of cybercrime works. so much so that there are few studies on the Assignment of APTs. This study objectively contributes to achieving the APT attribution by combining technological and non-technological techniques. It contributes to achieving computer security environments since an APT Attribution is a high deterrent to an APT group getting uncovered and an Attribution being assigned to it. Typically, cybercriminals who have been identified have stopped operating, whereas the opposite is not true; unidentified actors persist with attacks for a long time. Thus, this study also contributes to the overall maintenance of cybersecurity.

Journal of Computer Science
Volume 20 No. 11, 2024, 1403-1421

DOI: https://doi.org/10.3844/jcssp.2024.1403.1421

Submitted On: 10 December 2023 Published On: 8 September 2024

How to Cite: Brandao, P. R., Mamede, H. S. & Correia, M. P. (2024). Advanced Persistent Threats Attribution-Extending MICTIC Framework. Journal of Computer Science, 20(11), 1403-1421. https://doi.org/10.3844/jcssp.2024.1403.1421

  • 392 Views
  • 174 Downloads
  • 0 Citations

Download

Keywords

  • Advanced Persistent Threat
  • MICTIC
  • APT Assignment
  • APT Attribution