Tecnicas Avanzadas de Ciberseguridad: Integracion y Evolucion de la Kill Chain en Diversos Escenarios

Abstract

The document provides an in-depth analysis of the main attack chain models used in cybersecurity, including the Lockheed Martin Cyber Kill Chain framework, the MITER ATT&CK framework, the Diamond model, and the IoTKC, focusing on their strengths and weaknesses. Subsequently, the need for greater adaptability and comprehensiveness in attack analysis is highlighted, which has led to the growing preference for frameworks such as MITRE ATT&CK and the Diamond model. A review of insider attacks in cloud computing shows how the combination of attack trees and kill chains can offer an effective methodology to identify and detect these types of threats, focusing detection and defense efforts on critical nodes. Likewise, emphasis is placed on the importance of advanced analysis models, such as BACCER, in the identification and detection of attack patterns and decision logic using intelligence techniques and defensive and offensive actions.