A MULTI-FACETED FRAMEWORK OF ADVANCED PERSISTENT THREAT AND SPEAR-PHISHING ATTACKS

ABSTRACT

Advanced Persistent Threat (APT) has become a central issue among large enterprises and governmental networks. The objective of our research is to design a multi-faceted prevention method to protect enterprises against risks, threats, and attacks from spear phishing and advanced persistent threat assaults. The consequences of the APT attack were examined on IT systems of reputable large institutions and identified how they focus on specific high-value targets to steal and compromise sensitive enterprise information. Detecting them is becoming more difficult. However, common security methods have been provided to mitigate APT events. The majority of the existing preventive methods proposed in the literature are not practical for an organization to perform within the time frame of an impending attack. Our study develops a multi-faceted security and prevention framework combining heuristic control methods, advanced monitoring, and access control that can be incorporated from the reconnaissance stage of the APT assaults. The multi-faceted approach can be performed within the time frame, this curtails our framework’s usefulness for effective cyber threat management and prompt incidence responses measures.

Keywords: Advanced Persistent Threat, APT Prevention Framework, Cybersecurity, Spear Phishing Attack