Article review 1 | Justin Schoenle

Justin Schoenle
Diwakar Yalpi
CYSE 201S
October 2nd, 2024
Article Review #1
The scholarly article “A systematic literature review on advanced persistent threat behaviors and
its detection strategy” from the Oxford Academy journal of cyber security mainly focuses on the
growing problem of advanced persistent threats or ATPs and the huge challenge that they pose
towards defense systems in the cyber world. These attack methods can pass through traditional
security systems. In the context of cyber security this hugely relates to social sciences as it looks
directly at human behavior and motivations to persistently try and hack systems and commit
cybercrimes.
The article’s focus is diving into how and why typical defense systems struggle against
ATPs and how we can prevent and predict these attacks looking at a more behavior-based
approach using tools such as MITRE ATT&CK and the cyber kill chain. Using the two tools
MITRE ATT&CK and the cyber kill chain in conjunction they were better able to predict and see
ATP attack behavior and stages. This proved to be extremely valuable in catching an ATP attack
in the beginning stages. At first the researchers analyzed data from OSNIT as well as multiple
other cyber security reports that are publicly available. This contrasted heavily from the
behavior-based approach mentioned previously as it struggled to show a bigger picture and
motive to ATP attacks as well as the stages and scale of attacks. The article relates to concepts of the class as the deep dive into ATP detections corelates directly
idea of security breaches and crime detection and the mitigation of that issue. To be able to better
stop and prevent these attacks the researchers needed to look more into the behavior and the
patterns of attacks. Allowing better detection and mitigation of attacks will also help prevent
further attacks as once a pattern is recognized then defenders can take action before a full-on
attack or crime happens. As for marginalized groups, none are named or specified as this article
goes into the broader idea of ATP attacks as a whole. ATP attacks can most definitely affect
groups heavily though. Certain systems such as the grid, healthcare, and banking services are all
things that would heavily affect groups of people if they were compromised by ATP attacks.
In conclusion the article raises awareness and calls for action to better prevent and
detect ATP attacks. Integration of multi layered systems geared towards detecting and
stopping these attacks looking at patterns and behaviors to help mitigate and prevent
the problems that ATP attacks raise to system security.

Article Citation
Che Mat, N. I., Jamil, N., Yusoff, Y., & Mat Kiah, M. L. (2024, January 2). A
systematic literature review on advanced persistent threat behaviors and its detection
strategy. OUP Academic.
https://academic.oup.com/cybersecurity/article/10/1/tyad023/7504935?searchresult=1