TY  - BOOK
AU  - Haider, Raja Zeeshan
AU  - Supervised by Dr. Baber Aslam
TI  - Innovative Techniques for Cyber Threat Management Against Advanced Persistent Therats (APTs)
U1  - 005.8,HAI 
PY  - 2025///
CY  - Rawalpindi
PB  - MCS (NUST)
KW  - PhD Information Security Thesis
KW  - PhD IS Thesis
N1  - The information age has been revolutionizing the world by bringing a plethora
of opportunities with associated challenges. Cyber threats are eminent due to
the increased dependence on the internet and the information infrastructure.
The rapid evolution of cyber threats, particularly Advanced Persistent Threats
(APTs), has highlighted the critical need for comprehensive and innovative threat
management techniques. Detection of targeted attacks requires innovative and
cutting-edge techniques for timely mitigation. The research examines a multipronged
approach by considering the way existing solutions can be upgraded
and the way new technology domains can be incorporated for the cyber threat
management of APTs. C2-DNSEye, an encompassing framework has been introduced
for detecting APTs, during developmental stages through the discovery of
command and control channels, established by employing the Domain Name System
(DNS). C2-DNSEye integrates host-specific activity with the corresponding
network-specific activity, to determine the maliciousness of a DNS request. C2-
DNSEye enables the detection of targeted attacks with an F1-Score of 98.70%.
Likewise, the emerging technology domain of digital twins has been incorporated
for effective cyber threat management. A novel intrusion indicator-based ontology
modelling has been defined to facilitate the adoption of digital twins for APTs
simulation and orchestration in the virtual environment. The ontology modelling
facilitates the virtual replication of physical systems for threat monitoring and
prediction through simulation and real-time input of attack indicators. The ontology
delineates mechanisms to determine the operational effectiveness and cyber
readiness of the Critical Information Infrastructure (CII) through virtual modelling,
attack simulation, and anomaly detection. APT campaigns of HoneyBee,
Sunburst, Hangover, Fin7 and DarkHotel have been evaluated under the pretext
of the proposed ontology. Furthermore, the ontology modelling stipulates threat
hunting mechanisms to make CII cyber resilient
ER  -