ABSTRACT
After the COVID-19 pandemic, cyberattacks are increasing as non-face-to-face environments such as telecommuting and telemedicine proliferate. Cyberattackers exploit vulnerabilities in remote systems and endpoint devices in major enterprises and infrastructures. To counter these attacks, fast detection and response are essential because advanced persistent threat (APT) attacks intelligently infiltrate endpoint devices for long periods and spread to large-scale environments. However, because conventional security systems are signature-based, fast detection of APT attacks is challenging, and it is difficult to respond flexibly to the environment. In this study, we propose an APT fast detection and response technique using open-source tools that improves the efficiency of existing endpoint information protection systems and swiftly detects the APT attack process. Performance test results based on realistic scenarios using the open-source APT attack library and MITER ATT&CK indicated that fast detection was possible with higher accuracy for the early stages of APT attacks in scenarios where endpoint attack detectors are interworking environments. © 2022 The Authors
ABSTRACT
After the COVID-19 pandemic, cyberattacks are increasing as non-face-to-face environments such as telecommuting and telemedicine proliferate. Cyberattackers exploit vulnerabilities in remote systems and endpoint devices in major enterprises and infrastructures. To counter these attacks, fast detection and response are essential because advanced persistent threat (APT) attacks intelligently infiltrate endpoint devices for long periods and spread to large-scale environments. However, because conventional security systems are signature-based, fast detection of APT attacks is challenging, and it is difficult to respond flexibly to the environment. In this study, we propose an APT fast detection and response technique using open-source tools that improves the efficiency of existing endpoint information protection systems and swiftly detects the APT attack process. Performance test results based on realistic scenarios using the open-source APT attack library and MITER ATT&CK indicated that fast detection was possible with higher accuracy for the early stages of APT attacks in scenarios where endpoint attack detectors are interworking environments.
ABSTRACT
Peduli Lindungi is a national website used to track Indonesian citizens during the pandemic to prevent the widespread of Covid-19. With the urgency of peduli lindungi website usage, peduli lindungi website is supposed to be more reliable for users, and based on the reviews collected from the app store and google play store there is some evidence that the website is being used more than the application, and because there are also inconsistencies in the application based on the review, the user does not want to have similar problems while using the website. From the sample, it is found that the website also has some inconsistencies towards the flow of the system, in some features such as showing vaccine certification, and the clicking buttons which does not seem to be working. These problems that were found are flaws of the website, and with that problem stated, the method of FSM Model and its combination with Model Based Testing (MBT) was found to have a clear observation towards the coverage execution of the testing, which can help to find in which flow does the website has its inconsistencies. Also because peduli lindungi website matches the characteristics for FSM MBT, therefore this method is used in this research. © 2022 IEEE.