论文信息 - The “Stuxnet” Virus of 2010 As an Example of A “APT” and Its “Recent” Variances

The “Stuxnet” Virus of 2010 As an Example of A “APT” and Its “Recent” Variances

Due the evolution of technology, a new class of sophisticated threats, called Advanced persistent threats (APTs), has arisen and became a pressing problem specially for the industrial security sector. APTs ignited a fire of information warfare where they form cyber-attacks with a high-risk for very critical and secured infrastructures. They targeted a specific companies and governments. The most significant feature of APTs is their ability for bypass high-profile of security systems and steal or tamper information for doing negative impacts on physical objects. Stuxnet virus is an example of APTs that has a specific target and has an ability to destroy its physical infrastructures. It did not need Internet for spreading. It revealed in 2010 and targeted Iran’s nuclear program by exploiting four zero-day vulnerabilities in Windows Operating System. In the recent years, a number of different APTs have emerged which increased researchers’ attention to analyze them in order to find solutions to protect against existing and future APTs. In this paper, we examine the majority of existing reports and research papers of Stuxnet and APTs to give an overview of characteristics, features, and operations of each of them. We cover Duqu, Flame, Shamoon and Triton as recent variances of Stuxnet. In addition, we highlight the differences and similarities between Stuxnet and these APTs to help in predicting future attacks and encourage the researchers to find solutions to protect against them.

Sumayah Al-Rabiaah | Sumayah Al-Rabiaah

[1] Thomas M. Chen,et al. Lessons from Stuxnet , 2011, Computer.

[2] Mohammad Ibrahim,et al. STUXNET, DUQU and Beyond , 2012 .

[3] Eric Cole,et al. Advanced Persistent Threat: Understanding the Danger and How to Protect Your Organization , 2012 .

[4] P. Watters,et al. Obfuscation of Stuxnet and Flame Malware , 2012 .

[5] Eric Chien,et al. W32.Duqu: The Precursor to the Next Stuxnet , 2012, LEET.

[6] Levente Buttyán,et al. Duqu: Analysis, Detection, and Lessons Learned , 2012 .

[7] Ping Chen,et al. A Study on Advanced Persistent Threats , 2014, Communications and Multimedia Security.

[8] Levente Buttyán,et al. Duqu: A Stuxnet-like malware found in the wild , 2011 .

[9] Dimitris Gritzalis,et al. The Big Four - What We Did Wrong in Advanced Persistent Threat Detection? , 2013, 2013 International Conference on Availability, Reliability and Security.

[10] D. Kushner,et al. The real story of stuxnet , 2013, IEEE Spectrum.

[11] Lawrence J. Trautman,et al. Industrial Cyber Vulnerabilities: Lessons from Stuxnet and the Internet of Things , 2017 .

[12] Stamatis Karnouskos,et al. Stuxnet worm impact on industrial cyber-physical system security , 2011, IECON 2011 - 37th Annual Conference of the IEEE Industrial Electronics Society.