Title: Threat led advanced persistent threat penetration test
Authors: Ala' Masarweh; Jaafer Al-Saraireh
Addresses: King Hussein School of Computing Sciences, Princess Sumaya University for Technology, Amman, 11941, Jordan ' King Hussein School of Computing Sciences, Princess Sumaya University for Technology, Amman, 11941, Jordan
Abstract: Cyber security attacks have been on the rise in recent years. One of the most destructive attacks are known as advanced persistent threat (APT) attacks which can inflict massive damages to a network. A common approach of testing the security of an IT infrastructure is a penetration test (PT), which identifies security flaws in a system. However, this approach covers only the present vulnerabilities in a system without minding any new potential ones that could harm such systems. The goal in this research paper is to implement an enhanced PT approach called threat led APT PT to test the security of a target network against present vulnerabilities. The enhanced PT approach presented in this research work resulted in significantly enhancing the security of a network up to 28.5%. The proposed PT approach is compared to other custom PT approaches, which failed to achieve the same results as the proposed approach.
Keywords: penetration testing; cyber threat intelligence; CTI; advanced persistent threat; APT.
International Journal of Security and Networks, 2022 Vol.17 No.3, pp.203 - 219
Received: 04 Oct 2021
Accepted: 08 Nov 2021
Published online: 13 Sep 2022 *