• Login
    View Item 
    •   Maryland Shared Open Access Repository Home
    • ScholarWorks@Towson
    • Towson University Graduate Theses and Dissertations
    • View Item
    •   Maryland Shared Open Access Repository Home
    • ScholarWorks@Towson
    • Towson University Graduate Theses and Dissertations
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.

    Towards improved offensive security assessment using counter APT red teams

    Thumbnail
    Files
    Oakley Dissertation (38.02Mb)
    Links to Files
    https://archives.towson.edu/Documents/Detail/towards-improved-offensive-security-assessment-using-counter-apt-red-teams/166750
    Permanent Link
    http://hdl.handle.net/11603/26950
    Collections
    • Towson University Graduate Theses and Dissertations
    Metadata
    Show full item record
    Author/Creator
    Oakley, Jacob G.
    Date
    2019-04-25
    2018-05
    Type of Work
    application/pdf
    xvi, 241 pages
    Text
    dissertations
    Department
    Towson University. Department of Computer and Information Sciences
    Rights
    There are no restrictions on access to this document. An internet release form signed by the author to display this document online is on file with Towson University Special Collections and Archives. Copyright protected, all rights reserved.
    Abstract
    Defending against cyber criminals, cyber warfare and cyber terrorism all rely on the mitigation of the motivated advanced persistent threats (APTs) that carry out such campaigns. The only proactive solution capable of addressing these threats is ethical hacker conducted emulation during offensive security assessments such as penetration testing and red teaming. Many security industry institutions label their products or services as addressing APTs unfortunately there is no agreed upon standard for the proper processes, tradecraft or techniques involved in doing so. Additionally, academic efforts regarding APTs largely focus on reactive monitoring or automated assessment which simulate known attack sequences and do not necessarily represent realistic future attacks. This dissertation aims to provide a standard for addressing APT attacks by counter-APT red teaming (CAPTR teaming). The CAPTR team concept seeks to build upon traditional red team processes to augment the offensive security assessment process. This will allow security practitioners a level playing field to engage and mitigate the threats and vulnerabilities most likely to be leveraged by APTs. Such an assessment counters the outcome of APT breaches by prioritizing vulnerabilities that enable an actor to compromise the data most important to an organization locally and pivoting outwards to points used for access and exfiltration. When an organization identifies critical items that represent unacceptable losses they should be protected as if an actor, regardless of motivation, were intent on compromising them. Adequate identification and protection of critical items via offensive security assessments originating at such positions represents an approach more efficient and capable of mitigating the impact of an APT breach. In a threat landscape with hyper-focused actors it is the responsibility of the security field to provide an equally focused security assessment solution that goes beyond the attack simulations of traditional penetration tests or red team engagements. This dissertation discerns the need and novelty of the CAPTR teaming concept and ratifies the validity of the assessment paradigm through experimentation as well as case study.


    Towson University
    8000 York Road
    Towson, Maryland 21252

    Website:
    www.towson.edu

    Contact Info:
    azukowski@towson.edu
    410-704-5318
    http://libraries.towson.edu/md-soar


    If you wish to submit a copyright complaint or withdrawal request, please email mdsoar-help@umd.edu.

     

     

    My Account

    LoginRegister

    Browse

    This CollectionBy Issue DateTitlesAuthorsSubjectsType

    Statistics

    View Usage Statistics


    Towson University
    8000 York Road
    Towson, Maryland 21252

    Website:
    www.towson.edu

    Contact Info:
    azukowski@towson.edu
    410-704-5318
    http://libraries.towson.edu/md-soar


    If you wish to submit a copyright complaint or withdrawal request, please email mdsoar-help@umd.edu.