What is it about?
This research paper proposes A-DEMO, a framework aimed at researchers and security analysts, that provides a structured methodology for the proper analysis, documentation and emulation of real-world cyberattacks along with mitigation actions. As a case study for validation of A-DEMO, a rootkit attack emulation against a replicated healthcare infrastructure is implemented and documented.
Featured Image
Photo by Artem Bryzgalov on Unsplash
Why is it important?
Realistic attacks are yet not deployed and emulated sufficiently. This research assists and guides the approach to deploy and execute realistic security scenarios based on the MITRE ATT&CK framework.
Perspectives
We hope that this article could be a walkthrough and sets up the methodology to document and re-use past cyberattacks to replicate them realistically and be able to experiment with the mitigation techniques.
Dr. Stylianos Karagiannis
Ionian University
Read the Original
This page is a summary of: A-DEMO: ATT&CK Documentation, Emulation and Mitigation Operations, November 2021, ACM (Association for Computing Machinery),
DOI: 10.1145/3503823.3503884.
You can read the full text:
Resources
Contributors
The following have contributed to this page
