Asset Details
Do you wish to reserve the book?
Proactive identification of cybersecurity compromises via the PROID compromise assessment framework
Hey, we have placed the reservation for you!
By the way, why not check out events that you can attend while you pick your title.
Oops! Something went wrong.
Looks like we were not able to place the reservation. Kindly try again later.
Are you sure you want to remove the book from the shelf?
Proactive identification of cybersecurity compromises via the PROID compromise assessment framework
Do you wish to request the book?
Proactive identification of cybersecurity compromises via the PROID compromise assessment framework
Please be aware that the book you have requested cannot be checked out. If you would like to checkout this book, you can reserve another copy
We have requested the book for you!
Your request is successful and it will be processed during the Library working hours. Please check the status of your request in My Requests.
Oops! Something went wrong.
Looks like we were not able to place your request. Kindly try again later.
Journal Article
Proactive identification of cybersecurity compromises via the PROID compromise assessment framework
2025
Overview
As organizations confront a continuously evolving threat landscape, advanced adversarial techniques are increasingly capable of evading traditional continuous monitoring, allowing attackers to remain concealed within environments for extended periods. Industry studies report an average detection time exceeding six months, with many compromises first discovered by third parties rather than internally. Compromise Assessment, a proactive approach to determine if an environment is or has been compromised, has emerged as a way to uncover these threats. However, existing practices remain fragmented, are often conflated with threat hunting, and continue to lack a standardized methodological foundation. Together, these issues, combined with the absence of clear CA frameworks, undermine practitioners’ ability to provide consistent and reliable assurance in answering the central question of whether an environment is or has been compromised. To address these challenges, this research introduces PROID, a novel, comprehensive, and data-driven Compromise Assessment framework. PROID integrates Threat Intelligence and Threat Hunting through a multi-layered analytical approach, combining signature-based and signature-less hunting, automated pattern recognition, and human-led analysis. In a simulated enterprise environment, PROID was tested against thirty-one MITRE ATT&CK techniques spanning ten tactics across host, network, and application layers. The framework successfully detected all thirty-one techniques, including persistence, defense evasion, and anti-forensics behaviors that other methodologies did not consistently identify. These results demonstrate PROID’s breadth of detection and its effectiveness in unifying diverse analysis methods within the framework to reach the desired goal. Beyond technical performance, PROID establishes a standardized and reproducible basis for Compromise Assessment, addressing ambiguity with threat hunting and offering organizations a practical means of conducting periodic assurance of compromise status. Its integration with incident response processes and its emphasis on scope definition and telemetry baselining make it a valuable reference model to complement real-time monitoring and strengthen organizational resilience against advanced threats.
Publisher
Nature Publishing Group UK,Nature Publishing Group,Nature Portfolio
Subject
