• Asian Pacific Journal of Cancer Prevention
• /
• v.13 no.9
• /
• pp.4481-4485
• /
• 2012

Background: Chemotherapy induced leutropenia has been shown to be associated with improved treatment outcomes in selected solid tumors. We studied the association of chemotherapy induced leutropenia with treatment related outcomes in advanced non-small-cell lung cancer. Methods: This is a prospective analysis of patients receiving chemotherapy for advanced NSCLC at the Shandong Cancer Hospital from 2005-07.The chemotherapy included cisplatin $35mg/m^2$, IV on $d_{1,2}$ and vinorelbine $25mg/m^2$ IV on $d_{1,8}$ every 21 days. Patients were stratified into three groups (A) those experiencing grades 0 leucopenia, group (B) grades 1-2 and group (C) grades 3-4. The outcomes studied were response rate (RR), disease control rate (DCR), and time to progression (TTP). Results: 128 patients were studied. The RRs in groups A, B and C were 30.8%, 56.8% and 71.4%, respectively, p=0.010. The DCRs were 61.5%, 83.8% and 92.9%, respectively, p=0.009 and the median TTPs were 150 days (95%CI: 91-209), 189 days (95%CI: 181-197) and 207 days (95%CI: 172-242), p=0.009. The differences in RR and TTP were significant. In patients whose CIL kept on 10 days at least, the TTP was significantly prolonged, p=0.0213, and the same was the case for those experiencing grades 1-2 leucopenia and ECOG 0, p=0.0412. Conclusions: Occurrence of CIL correlated with RR and TTP in patients with advanced NSCLC receiving cisplatin and vinorelbine chemotherapy, especially in patients experiencing grades 1-2 leucopenia and ECOG 0, and the same for those with CIL persisting for 10 days at least. CIL could be a biological measure of drug activity and a marker of efficacy.

• Journal of Information Processing Systems
• /
• v.15 no.4
• /
• pp.865-889
• /
• 2019

The need for cyber resilience is increasingly important in our technology-dependent society where computing devices and data have been, and will continue to be, the target of cyber-attackers, particularly advanced persistent threat (APT) and nation-state/sponsored actors. APT and nation-state/sponsored actors tend to be more sophisticated, having access to significantly more resources and time to facilitate their attacks, which in most cases are not financially driven (unlike typical cyber-criminals). For example, such threat actors often utilize a broad range of attack vectors, cyber and/or physical, and constantly evolve their attack tactics. Thus, having up-to-date and detailed information of APT's tactics, techniques, and procedures (TTPs) facilitates the design of effective defense strategies as the focus of this paper. Specifically, we posit the importance of taxonomies in categorizing cyber-attacks. Note, however, that existing information about APT attack campaigns is fragmented across practitioner, government (including intelligence/classified), and academic publications, and existing taxonomies generally have a narrow scope (e.g., to a limited number of APT campaigns). Therefore, in this paper, we leverage the Cyber Kill Chain (CKC) model to "decompose" any complex attack and identify the relevant characteristics of such attacks. We then comprehensively analyze more than 40 APT campaigns disclosed before 2018 to build our taxonomy. Such taxonomy can facilitate incident response and cyber threat hunting by aiding in understanding of the potential attacks to organizations as well as which attacks may surface. In addition, the taxonomy can allow national security and intelligence agencies and businesses to share their analysis of ongoing, sensitive APT campaigns without the need to disclose detailed information about the campaigns. It can also notify future security policies and mitigation strategy formulation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.3
• /
• pp.527-545
• /
• 2022

In order to effectively detect APT attacks performed by well-organized adversaries, we implemented a system to detect attacks by reconstructing attack chains of APT attacks. Our attack chain-based APT attack detection system consists of 'events collection and indexing' part which collects various events generated from hosts and network monitoring tools, 'unit attack detection' part which detects unit-level attacks defined in MITRE ATT&CK^® techniques, and 'attack chain reconstruction' part which reconstructs attack chains by performing causality analysis based on provenance graphs. To evaluate our system, we implemented a test-bed and conducted several simulated attack scenarios provided by MITRE ATT&CK Evaluation program. As a result of the experiment, we were able to confirm that our system effectively reconstructed the attack chains for the simulated attack scenarios. Using the system implemented in this study, rather than to understand attacks as fragmentary parts, it will be possible to understand and respond to attacks from the perspective of progress of attacks.