Hi Alsa

You will have a bit of a struggle getting real companies to release real data on APT attacks. Indeed, you will struggle to get access to any real data from companies. Generally, they are paranoid about anyone finding out they have been attacked, particularly by APTs less the market finds out, assumes they have been compromised, and as a result their share price goes down. This will becomae especially difficult after the new EU General Data Protection Regulation (GDPR) kicks in next May.

However, there is a simple answer to your problem. Simply create your own data. You can do this by installing a honeypot server, and you can set it up to target specific attack types, or to take all comers. You can make the honeypot appear to be a vulnerable server of whatever flavour you prefer, such as Linux or Windows. Most honeypot servers use open source software, so there need be minimal cost. However, you will likely need permission to use university facilities unless you have a home router you can use on your own personal internet connection.

You will be shocked at how quickly you will attract attacks once the honeypot goes live. And you will be collecting real live attacks, which will give you an incredible amount of real attack data to work from. I hope that helps.

Regards

Bob

Hi Alsa I do not like term APT - for malware - you have malware that is used by Pesistant Adversary to attack companies or states and it is not always advanced. To get such malware you need to look at Malware company raports (for example https://www.f-secure.com/weblog/archives/00002688.html ) and then search for example in services like Virustotal or comodemia.comodo.com .. some examples can be found

https://github.com/ytisf/theZoo

If you want to get something newer you need to start to work , freelance for or grate company that would be interesting for APA (Advanced Present Adversary).

Second options work for some antivirus , cyber deception company , some CERT , shadowserver.

Options llike running your own honeypot or sandbox give you just ordinary malware.

Hi Alsa,

Have a look at this twitter!

https://twitter.com/0xffff0800