Taxonomia de técnicas furtivas e antiforenses utilizadas em ataques cibernéticos

Detalhes bibliográficos
Ano de defesa: 2018
Autor(a) principal: Melo, Sandro Pereira de lattes
Orientador(a): Getschko, Demi
Banca de defesa: Não Informado pela instituição
Tipo de documento: Tese
Tipo de acesso: Acesso aberto
Idioma: por
Instituição de defesa: Pontifícia Universidade Católica de São Paulo
Programa de Pós-Graduação: Programa de Estudos Pós-Graduados em Tecnologias da Inteligência e Design Digital
Departamento: Faculdade de Ciências Exatas e Tecnologia
País: Brasil
Palavras-chave em Inglês:
Área do conhecimento CNPq:
Link de acesso: https://tede2.pucsp.br/handle/handle/21181
Resumo: According to the current academic literature, numerous taxonomic proposals for the classification of cyber threats have been presented. The vast majority of these proposals focus on classifying the types of threats taking into account aspects related to their functionality, purpose and behavior. This thesis differs from others because it presents a taxonomic proposal to classify the Stealth Technique (SF) and Anti-forensics (AF) used by cyber threats to hide information, erase or cover up evidence, eliminate the track of the executed actions, obfuscate malicious codes, generate fake evidence, subvert security controls and perform attacks against their own forensic tools. Following the premise that a taxonomy must be cohesive, of simple maintenance, applicable, extensible and must encompass general types of SF and AF, the taxonomic proposal for classifying SF and AF techniques mentioned in this thesis takes into account factors related to the affected layer of a computer system, the moment of a cyber-attack using the techniques, the component of the operational system compromised, among others. This thesis also provides the following contributions: a brief index of threat indicators and their impact on organizations using data from different sources, prioritizing the CSIRT reports; some brief historical information of current SF and AF characteristics; an explanation of the forensic investigation process and the SF and AT techniques related to the affected forensic stage; and finally, the implementation of the taxonomic proposal to classify the SF and AF techniques