摘要
网络攻击者常借助横向移动攻击在网络中进行系统性地运动和渗透,以期寻找到有价值的数据或资产,由于此类攻击往往无文件存储痕迹,给入侵检测和取证分析带来了很大的挑战。在对横向移动攻击的概念和涉及的技术进行介绍的基础上,围绕对其攻击行为的检测研究,基于CimCmdlets确定总体的技术路线和检测方法,并给出了真实系统中的测试和评估结果。
Network attackers often make Lateral movement and penetration in the network with the help of lateral movement attacks in order to find valuable data or assets. Because such attacks often have no traces of file storage, intrusion detection and forensic analysis have brought great challenges. In this paper, the concept and related technologies of Lateral movement attack are introduced. Based on the detection research of its attack behavior, the overall technical route and detection method are determined based on CimCmdlets, and the test and evaluation results in the real system are given.
作者
李杰
滕斌
曹国江
LI jie;TENG bin;CAO Guo-jiang(China Electronics Technology Cyber Security Co.,Ltd.,Chengdu Sichuan 610041,China)
出处
《通信技术》
2019年第12期3005-3009,共5页
Communications Technology
基金
国家重点研发计划网络空间安全专项经费资助(No.2018YFB0803502)~~
