This repository contains research on Advanced Persistent Threats (APT) groups. The research aims to analyze and document various APT groups, their tactics, techniques, and procedures (TTPs), and provide insights into their operations.
Advanced Persistent Threats (APTs) are sophisticated and prolonged cyber-attacks typically orchestrated by nation-states or organized groups. This research focuses on:
- Gathering Information: Researching specific APT groups.
- Payload Collection: Acquiring samples of their malicious payloads.
- TTP Documentation: Recording their tactics, techniques, and procedures.
- Feature Extraction: Identifying features suitable for AI-based methods.
- AI Agent Development: Building AI models to detect APTs’ malicious payloads.
The research assignment is from the course CIS*6530 (W 25) – Cyber Threat Intelligence and Adversarial Risk Analysis by professor Dr. Ali Dehghantanha and with the teaching assistant Keerthana Madanu at University of Guelph