摘要
高级持续性攻击(APT)是一种新型的攻击方法,其过程充分利用了社会工程学、0Day等多种技术手段,从而演变为新一代面向应用和内容的深度、复杂、高级可持续性攻击。传统入侵检测和防护措施基于协议异常和系统漏洞分析发现入侵行为,并进行阻断的工作方式效能不高,急需研究行之有效的新型防御模型和防御措施。文中在对APT攻击进行充分分析的基础上,重点研究其为传统的军事信息安全措施带来的一系列问题,并提出具有针对性的举措,强化军事信息网络的安全防御。
Advanced Persistent Threat( APT),as a new type of attack,integrates various methods such as social engineering,0-Day,etc.,thus evolves into a new generation of application and content- oriented,deep,complex,advanced and persistent attack.Based on protocol anomaly and system vulnerability analysis,traditional intrusion detection and defense measure is of low efficiency in detecting and blocking intrusion behavior,therefore,a new effective defense model and measure are in urgent need. Based on the detailed analyses of APT,this paper focuses on a series of problems of traditional infosec precautions brought by APT. Meanwhile,it proposes several related measures to enhance security defense of military network.
出处
《信息安全与通信保密》
2014年第8期130-132,共3页
Information Security and Communications Privacy