期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

APT攻击建模与安全防护技术研究 被引量:6

Analysis on Modeling and Protection Technique of APT Attack
下载PDF
导出
摘要 高级持续性威胁(APT)是近年来一种非常严峻的攻击威胁,具有时间持续性、手段综合性、目标特定性等特征,它对传统网络安全技术提出了很大的挑战。由于APT是一种新型的组合式攻击,目前,针对APT攻击的理论建模研究较少,还没有形成一套完整的APT攻击防护体系。而传统的攻击图建模难以适应APT的零日漏洞、社会工程等特点。因此,文章研究了适应APT的攻击图建模和安全防护技术,主要包括APT攻击图构建方法以及基于攻击图的APT安全防护技术体系,涵盖APT的入侵检测、安全评估和安全加固。 Advanced Persistent Threat(APT) has been a severe attack threat in recent years, possessing the characteristics of persistent in time, advanced in attack technique, and target specificity. APT has posed a great challenge for traditional network security technology. Be- cause APT is a kind of novel combined attack, there is less study on the theoretical modeling of APT attacks, and a thorough defense system against APT hasn' t mentioned by now. Moreover, traditional attack graph modeling method has difficulty in adapting to the zero-day vulnerability and social engineering features in APT. Therefore, the adaptive attack graph modeling and se- curity defense technique of APT are discussed majorly in this paper, including: APT attack graph construction method, APT security defense and protection system based on attack graph, including the intrusion detection, security assessment and security reinforcement of APT attack.
作者 牛伟 戴卫国
机构地区 北方电子设备研究所
出处 《电子对抗》 2014年第2期34-38,47,共6页 Electronic Warfare
关键词 APT攻击 攻击图 入侵检测 安全评估 安全加固 APT attack attack graph intrusion detection security assessment security reinforcement
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献10

  • 1McAfee. Advanced Persistent Threats-Fight Large-scale Threats with Unified Solutions and Advanced Intelligence from McAfee [ DB/OL ]. http ://www. mcafee, corn, 2012-02-15.
  • 2Mandiant. The Advanced Persistent Threat[ DB/OL]. ht- tps://www, mandiant, com/resources/mandiant - reports/, 2013-10-03.
  • 3C. Tankard. Persistent threats and how to monitor anddeter them[ J]. Network security, 2011 (8) : 16-19.
  • 4George Mason University. Advanced Cyber Attack Model- ing, Analysis, and Visualization. Final Technical Report[ R/ OL]. http://www, dtic. mil/cgi- bin/GetTRDoc? doc = GetTRDoc. pdf&AD=ADA516716, 2010-03-01.
  • 5Ammann, P., D. Wijesekera, and S. Kaushik. Scala- ble, Graph-Based Network Vulner-ability Analysis [ C ]// Proceedings of the 9th ACM Conference on Computer and Communications Security 2002. New York: ACM Press, 2002:217-224.
  • 6STEVEN NOEL, SUSHIL JAJODIA. Measuring Security Risk of Networks Using Attack Graphs [ J ]. International Journal of Next-Generation Computing, 2010,1 ( 1 ).
  • 7Xinming Ou, Wayne F. Boyer, Miles A. McQueen. A Scalable Approach to Attack Graph Generation [ C ]//Pro- ceedings of the 13th ACM conference on Computer and Com- munications Security (CCS 2006). Alexandria, Virginia, USA, October 30-November 3, 2006:336-345.
  • 8J. Homer, A. Varikuti, X. Ou, and M. A. McQueen. Improving attack graph visualization through data reduction and attack grouping, inVizSEC, ser. Lecture Notes in Com- puter Science, J. R. Goodall, G. J. Conti, and K.-L. Ma, Eds. , vol. 5210. Springer, 2008:68-79.
  • 9Mandiant. APT1 :Exposing One of China' s Cyber Espio- nage Units [ DB/OL ]. http://intelreport, mandiant, corn, 2013-02-28.
  • 10国家互联网应急响应中心,2012年我国互联网网络安全态势综述[DB/OL].http://www.cert.org.cn/pub-lish/main/upload./File/201303212013CNCERTreport.pdf,2013-03-20.

同被引文献64

  • 1孙其伟,陆春.大数据在高校中的应用研究[J].中国教育网络,2014(1):63-65. 被引量:24
  • 2杨红娃.战场网络攻击综述[J].通信对抗,2005,24(4):3-7. 被引量:2
  • 3闫伯儒,方滨兴,李斌,王垚.DNS欺骗攻击的检测和防范[J].计算机工程,2006,32(21):130-132. 被引量:22
  • 4Smiraus Michal, Jasek Roman. Risks of Advanced Per- sistent Threats and Defense against them[ A]. Annals of DAAAM for 2011 & Proceedings of the 22nd International DAAAM Symposium[ C]. Vienna: DAAAM International, 2011,1589-1590.
  • 5谭丽芳.恶意代码动态分析技术的研究与实现[D].电子科技大学:2009.
  • 6YANG Guangmingzi, TIAN Zhi-hong and DUAN Wen- liang. The Prevent of Advanced Persistent Threat [ J ]. Jouma| of Chemical and Pharmaceutical Research, 2014, 6(7) :572-576.
  • 7Nikolaos Benias, Nikolaos Tsalis. Big Data Analytics as a Tool for Advanced Persistent Threat Detection [ EB/ OL]. http://www, infosec, aueb. gr/Publications/ 2014 -Poster% 20APT% 20and% 2013DA. pdf.
  • 8ASK M, BONDARENKO P, REKDAL J E, et al. Advanced persistent threat (APT) beyond the hype[R]. Norway: Gjovik University College, 2012.
  • 9LI F, LAI A, DDL D. Evidence of advanced persistent threat: a case study of malware for political espionage[C]// Proceedings of the 2011 6th International Conference on Malicious and Unwanted Software (MALWARE). Fajardo: IEEE Computer Society, 2011: 102-109.
  • 10CHEN P, DESMET L, HUYGENS C. A study on advanced persistent threats[C]//Communications and Multimedia Security. Berlin, Heidelberg: Springer, 2014: 63-72.

引证文献6

二级引证文献34

电子对抗
2014年 第2期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部