Research on APT Attack Defense System Based on Threat Discovery
The unknown and uncertainty of APT attacks make it difficult for traditional defense systems to quickly detect and defend,and their continuous evolution ability also makes traditional defense methods based on feature detection technology inadequate.This paper presented an APT attack and defense model based on the concept of red-blue confrontation,and summarized the steps and techniques of common network attacks based on the classification of kill chains.It also proposed a defense concept model with the core of APT threat discovery and a comprehensive security technology framework of"cloud,management,end,and ground"collaboration based on the practical experience of APT attack and defense.
NETL
NSTL
万方数据
