Haider, Raja Zeeshan <br/><br/>
Innovative Techniques for Cyber Threat Management Against Advanced Persistent Therats (APTs) / 
Raja Zeeshan Haider 
 - Rawalpindi,  MCS (NUST),  2025 
 - xi, 102 p 
<br/><br/>The information age has been revolutionizing the world by bringing a plethora<br/>of opportunities with associated challenges. Cyber threats are eminent due to<br/>the increased dependence on the internet and the information infrastructure.<br/>The rapid evolution of cyber threats, particularly Advanced Persistent Threats<br/>(APTs), has highlighted the critical need for comprehensive and innovative threat<br/>management techniques. Detection of targeted attacks requires innovative and<br/>cutting-edge techniques for timely mitigation. The research examines a multipronged<br/>approach by considering the way existing solutions can be upgraded<br/>and the way new technology domains can be incorporated for the cyber threat<br/>management of APTs. C2-DNSEye, an encompassing framework has been introduced<br/>for detecting APTs, during developmental stages through the discovery of<br/>command and control channels, established by employing the Domain Name System<br/>(DNS). C2-DNSEye integrates host-specific activity with the corresponding<br/>network-specific activity, to determine the maliciousness of a DNS request. C2-<br/>DNSEye enables the detection of targeted attacks with an F1-Score of 98.70%.<br/>Likewise, the emerging technology domain of digital twins has been incorporated<br/>for effective cyber threat management. A novel intrusion indicator-based ontology<br/>modelling has been defined to facilitate the adoption of digital twins for APTs<br/>simulation and orchestration in the virtual environment. The ontology modelling<br/>facilitates the virtual replication of physical systems for threat monitoring and<br/>prediction through simulation and real-time input of attack indicators. The ontology<br/>delineates mechanisms to determine the operational effectiveness and cyber<br/>readiness of the Critical Information Infrastructure (CII) through virtual modelling,<br/>attack simulation, and anomaly detection. APT campaigns of HoneyBee,<br/>Sunburst, Hangover, Fin7 and DarkHotel have been evaluated under the pretext<br/>of the proposed ontology. Furthermore, the ontology modelling stipulates threat<br/>hunting mechanisms to make CII cyber resilient. 
<br/><br/><label>Subjects--Topical Terms: </label><br/>PhD Information Security Thesis 
<br/><br/><label>Subjects--Geographic Terms: </label><br/>PhD IS Thesis
<br/><br/><label>Dewey Class. No.: </label>005.8,HAI