| 基于ATT CK的多源数据深度安全检测技术研究 |
| |
| 引用本文: | 贵重.基于ATT CK的多源数据深度安全检测技术研究[J].电信工程技术与标准化,2020(10). |
| |
| 作者姓名: | 贵重 |
| |
| 作者单位: | 中国移动通信集团有限公司 |
| |
| 摘 要: | APT攻击检测已成为落实《网络安全法》要求的重要内容。本文基于攻击战术和攻击技术统一描述的ATT CK模型,提出一种多源数据深度安全监测模型。该模型可以在APT攻击的早期阶段,实现攻击全貌的分析和呈现。现网实践案例验证本文提出的模型能够有效提升安全防御和响应能力。
|
| 关 键 词: | APT攻击 ATT CK模型 多源数据融合 深度安全检测 |
| 收稿时间: | 2020/8/29 0:00:00 |
| 修稿时间: | 2020/8/29 0:00:00 |
Research on Deep Security Detection Technology of Multi-source Data based on ATT&CK |
| |
| GUI ZHONG.Research on Deep Security Detection Technology of Multi-source Data based on ATT&CK[J].Telecom Engineering Technics and Standardization,2020(10). |
| |
| Authors: | GUI ZHONG |
| |
| Affiliation: | China Mobile Communications Group Co.,Ltd,Beijing,100053 |
| |
| Abstract: | The detection of apt attack has become an important content of implementing the requirements of network security law. Based on the att amp; CK model, which describes attack tactics and attack techniques, this paper proposes a deep security monitoring model for multi-source data. This model can analyze and present the whole picture of apt attack in the early stage. The current network practice case verifies that the model proposed in this paper can effectively improve the ability of security defense and response. |
| |
| Keywords: | APT ATT CK multi-source data fusion deep security detection |
|
| 点击此处可从《电信工程技术与标准化》浏览原始摘要信息 |
|
点击此处可从《电信工程技术与标准化》下载全文 |
