APT攻击与检测研究OA
随着网络在社会的应用越来越广泛和深入,信息安全的重要性也得到越来越多的关注,高级持续性威胁(Advanced Persistent Threat,APT)已成为高等级网络安全威胁的主要组成部分,其相对传统安全威胁具有隐蔽性强、时间跨度久、针对性强等特点,对传统安全防御体系造成严重威胁.该文介绍历史上一些典型的APT攻击案例,梳理APT的攻击特点和典型流程,最后探讨现有的对抗APT比较有效的检测方法.
As the application of the Internet in society becomes more extensive and profound,the importance of information security has also received increasing attention.Advanced Persistent Threat(APT)has become a major component of high-level cybersecurity threats,which is characterized by strong concealment,long time span,and strong pertinence compared to traditional security threats,thus posing a serious threat to traditional security defense systems.This paper introduces some typical APT attack cases in history,summarizes the attack characteristics and typical processes,and finally reviews the existing effective detection methods against APT.
刘畅
中国人民解放军31152部队,南京 210000
计算机与自动化
高级持续性威胁社会工程学恶意邮件零日漏洞攻击检测
Advanced Persistent Threatsocial engineeringmalicious emailzero-day vulnerabilityattack detection
《科技创新与应用》 2024 (021)
8-11 / 4
评论