A Cyber Kill Chain against APT attacks
In the 21st century, as the number of people using computers have increased, intelligent and persistent forms of cyber threats have been damaging the organizations' cyber assets and missions. Hackers have improved their skill set to such a level that they can remotely gain access over even the defense secrets of the Government. The most common thing an attacker does is try to figure out the logical and physical structure of the company’s Active Directory (AD). To overcome this problem we analyze current Cyber Kill Chain (CKC) models that explain the adversarial behavior to perform advanced persistent threat (APT) attacks, and propose a cyber kill chain model that can be used in view of an APT attack. Using the cyber kill chain model we have built MalviDect, a Python based Antivirus Application which detects the virus attack on the system and also responds to the attack using a nuke virus (stealth virus). This application can also be applied in Government organizations such as DRDO to immediately stop the exposure of secret documents.