A Research on Architecture of APT Attack Detection and Countering Technology

被引：0

作者：

Chen, Rui-Dong ^{[1
]}

Zhang, Xiao-Song ^{[1
]}

Niu, Wei-Na ^{[2
]}

Lan, Hao-Yue ^{[1
]}

机构：

[1] Center for Cyber Security, University of Electronic Science and Technology of China, Chengdu,611731, China

[2] College of Cyber Security, Sichuan University, Chengdu,610044, China

来源：

Dianzi Keji Daxue Xuebao/Journal of the University of Electronic Science and Technology of China | 2019年 / 48卷 / 06期

关键词：

Network security;

D O I：

10.3969/j.issn.1001-0548.2019.06.011

中图分类号：

学科分类号：

摘要：

Advanced persistent threat (APT) is a new kind of cyber-attack as a growth security events. This paper analysis more than 150 typical APT cases happened during last decade, and constructs the analytical model of APT attack, indicates 4 major problems of APT attack detection and countering: the fragile penetration protection problem, the low detection accuracy, the difficulty of determining the attack forensic, and the slow response to the unknown attack problem. In the meanwhile, this paper analyzes typical APT attacks in recent years, mines the association based on attacking tools. According to the experiments, there are similarity patterns between the tools used by the same organization. In summary, the integral APT defense scheme in this paper includes the latest achievements of four types of defense schemes, plays an academic supporting role in building a unified attack detection and traceability countermeasure platform. © 2019, Editorial Board of Journal of the University of Electronic Science and Technology of China. All right reserved.

引用

页码：870 / 879

共 50 条

[1] Research and Application of APT Attack Defense and Detection Technology Based on Big Data Technology
Liu, Donglan
Zhang, Hao
Yu, Hao
Liu, Xin
Zhao, Yong
Lv, Guodong
[J]. PROCEEDINGS OF 2019 IEEE 9TH INTERNATIONAL CONFERENCE ON ELECTRONICS INFORMATION AND EMERGENCY COMMUNICATION (ICEIEC 2019), 2019, : 701 - 704
[2] Study And Research of APT Detection Technology Based on Big Data Processing Architecture
Lin Shenwen
Li Yingbo
Du Xiongjie
[J]. PROCEEDINGS OF 2015 IEEE 5TH INTERNATIONAL CONFERENCE ON ELECTRONICS INFORMATION AND EMERGENCY COMMUNICATION, 2015, : 313 - 316
[3] Research on APT attack based on game model
Su Yang
[J]. PROCEEDINGS OF 2020 IEEE 4TH INFORMATION TECHNOLOGY, NETWORKING, ELECTRONIC AND AUTOMATION CONTROL CONFERENCE (ITNEC 2020), 2020, : 295 - 299
[4] Research on USB HID Attack Detection Technology
Jiang, Jian-Guo
Chang, Zi-Jing
Lv, Zhi-Qiang
Zhang, Ning
[J]. Jisuanji Xuebao/Chinese Journal of Computers, 2019, 42 (05): : 1018 - 1030
[5] Research of ROP attack and defense technology based on ARM architecture
Cai, Qi
Guo, Jingbo
[J]. PROCEEDINGS OF THE 2016 4TH INTERNATIONAL CONFERENCE ON ELECTRICAL & ELECTRONICS ENGINEERING AND COMPUTER SCIENCE (ICEEECS 2016), 2016, 50 : 1041 - 1046
[6] The APT Detection Method based on Attack Tree for SDN
Jia Shan-Shan
Xu Ya-Bin
[J]. ICCSP 2018: PROCEEDINGS OF THE 2ND INTERNATIONAL CONFERENCE ON CRYPTOGRAPHY, SECURITY AND PRIVACY, 2018, : 116 - 121
[7] An APT Event Extraction Method Based on BERT-BiGRU-CRF for APT Attack Detection
Xiang, Ga
Shi, Chen
Zhang, Yangsen
[J]. ELECTRONICS, 2023, 12 (15)
[8] Cause-effectgraph enhanced APT attack detection algorithm
Guangming, Zhu
Zijie, Lu
Jiawei, Feng
Xiangdong, Zhang
Fengjun, Zhang
Zuoyuan, Nlu
Liang, Zhang
[J]. Xi'an Dianzi Keji Daxue Xuebao/Journal of Xidian University, 2023, 50 (05): : 107 - 117
[9] APT Attack Detection Based on Graph Convolutional Neural Networks
Ren, Weiwu
Song, Xintong
Hong, Yu
Lei, Ying
Yao, Jinyu
Du, Yazhou
Li, Wenjuan
[J]. INTERNATIONAL JOURNAL OF COMPUTATIONAL INTELLIGENCE SYSTEMS, 2023, 16 (01)
[10] A new framework for APT attack detection based on network traffic
Hoa Cuong Nguyen
Cho Do Xuan
Long Thanh Nguyen
Hoa Dinh Nguyen
[J]. JOURNAL OF INTELLIGENT & FUZZY SYSTEMS, 2023, 44 (03) : 3459 - 3474

← 1 2 3 4 5 →