Bryon Miller – Home

Featured Publications

Four Foreign Forces: A CTI Analysis of APTs Targeting the U.S.
Journal of Information Warfare, Vol. 23, Issue 4 (2024)

This paper analyzes the cyber threat landscape posed by advanced persistent threats (APTs) attributed to China, Iran, North Korea, and Russia. It focuses on active groups and their cyber activities targeting the United States. Utilizing cyber threat intelligence data from authoritative sources such as Cybersecurity and Infrastructure Security Agency (CISA), Office of the Director of National Intelligence (ODNI), Mandiant, and MITRE, this study identifies twelve key APT groups attributed to the four adversarial nations and creates a quick profile for each nation and group. It explores the common techniques and sub-techniques employed by each nation and then across all four nations. Examination of these nations, groups, and techniques then informs a list of six actionable mitigations that will enhance cybersecurity defenses targeting these adversarial groups in an efficient manner: User Training, Restrict Web-Based Content, Privileged Account Management, Network Intrusion Prevention, Execution Prevention, and Antivirus/Antimalware.

A Multi-Layer Approach to Detecting and Preventing IoT-Based Botnet Attacks
Issues in Information Systems, Vol. 21, Issue 3 (2020)
Received Best Paper Award in the Research Category at IACIS Annual Conference 2020

As the Internet of Things (IoT) becomes ubiquitous and cybersecurity attacks rapidly evolve, IoT devices must be secured. Their infection can lead to compromised networks, stolen information, service disruptions, and botnet attacks. Botnet attacks, such as Distributed Denial of Service (DDoS), strengthen with larger numbers of devices and IoT devices make great targets for this reason. As IoT devices grow in number, the strength and risk of these massive attacks grow. Infamous botnet attacks, such as Mirai, have proven this to be a serious threat. IoT security faces unique challenges including detection difficulties, device limitations, and user attitudes and education. This paper reviews and analyzes 21 articles providing information on tools and techniques for securing IoT devices against these threats. A multi-layer approach to IoT-botnet detection and prevention is suggested consisting of: the outer layer consisting of ISP architecture; the middle layer consisting of advanced detection methods and DDoS detection and mitigation; and the inner layer consisting of user attitudes, education, and security best practices. By addressing security challenges at multiple points along the botnet lifecycle and within each layer, our proposed approach provides a holistic strategy for detecting and preventing botnet attacks.

Prevention of Phishing Attacks: A Three-Pillared Approach
Issues in Information Systems, Vol. 21, Issue 2 (2020)

This paper presents a three-pillared strategy for the prevention of phishing attacks. Phishing is a deceptive method of creating and distributing emails and/or websites that attempt to fool users into sharing sensitive financial or identification information. Current literature agrees that these scams can be highly damaging to companies, their employees, and their stakeholders. Unlike traditional scams, though, the Internet adds a layer of anonymity and even invisibility, making it far more difficult to identify the source of the scam, or, in some cases, masking the fact that a scam has been perpetrated. In this paper, we first review information about tactics that can effectively reduce the success rate of phishing attempts. We then formulate a three-pillared prevention strategy based on: (1) one-time passwords, (2) multi-level desktop barrier applications, and (3) behavior modification. By utilizing this approach, individuals and organizations should be better able to protect their information and decrease the damage caused by phishing attacks.

Contact

Contact me via email at: bryonmiller@ duck[.]com
OR
Connect with me on LinkedIn here