摘要
数字化转型和云形态日新月异的变化,给网络安全领域带来了各种各样的新式挑战,有效的保证网络空间安全,开展攻击溯源及反制,已经成为新形势下网络安全行业所面临的新任务。网络安全防护人员如何在当今攻守不对称的情况下做好入侵检测与防御,已经成为每个组织需要重点解决的问题。分析了当前入侵检测与防御体系存在的问题,结合ATT&CK框架,讨论了如何构建入侵检测与防御体系,才能更好地应对攻击行为。
Digital transformation and rapid changes in cloud morphology have brought a variety of new challenges to the network security.Effectively ensuring the security of cyberspace and carrying out attack source tracing and countermeasures have become the new tasks faced by the network security industry under the new situation.How the network security protection personnel do well in intrusion detection and prevention under the situation of asymmetric attack and defense has become a key problem to be solved by each organization.It analyzes the existing problems of current intrusion detection and prevention system,combined with ATT&CK framework,it discusses how to construct intrusion detection and prevention system,in order to better deal with the attack behavior.
作者
郭新海
徐雷
张曼君
刘安
蓝鑫冲
丁攀
Guo Xinhai;Xu Lei;Zhang Manjun;Liu An;Lan Xinchong;Ding Pan(China Unicom Research Institute,Beijing 100048,China)
出处
《邮电设计技术》
2022年第9期77-81,共5页
Designing Techniques of Posts and Telecommunications
