铁路APT攻击检测和溯源技术方案研究OA

Addressing the limitations of traditional defense technologies,and considering the characteristics of railway systems,this research adopts an integrated security defense strategy and achieves organic integration before,during and after an attack event.On the basis of the layered architecture of the railway network,a distributed and hierarchical defense-in-depth design is proposed,and a technical solution for railway network threat perception and traceability for APT is proposed,which achieves the integration of"distributed monitoring-intelligent identification-cross network traceability".Moreover,the laboratory environment for verification is built,which can effectively improve the prevention capabilities of railway systems against APT attacks.