| 2018 4th International Conference on Environmental Science and Material Application | |
| NGSIEM Based APT Attack Analysis System | |
| 生态环境科学;材料科学 | |
| Li, Yanfei^1 ; Wang, Rui^1 ; Li, Haiwei^1 | |
| Information Security Department FRI, Beijing, China^1 | |
| 关键词: Attack detection; Business systems; Complex algorithms; Intelligence agencies; Security devices; Security threats; Social engineering; Technical difficulties; | |
| Others : https://iopscience.iop.org/article/10.1088/1755-1315/252/5/052160/pdf DOI : 10.1088/1755-1315/252/5/052160 |
|
| 来源: IOP | |
 PDF
|
|
【 摘 要 】
APT attack has become the most serious security threat, attackers may use social engineering methods and a large number of 0-day vulnerability attacks to steal or tamper the core data of the target. If the target does not have the ability of real-time attack detection and defense, once the system is intruded, it will suffer serious economic and business losses. The author sums up the typical characteristics and life cycle of APT attacks, which explains the common attack channels and critical steps of APT attacks, and then describes the technical difficulties and challenges in analyzing APT attacks. To solve the problems, an APT attack analysis system based on NGSIEM is proposed, which can implement normalization and complex algorithm processing on logs and alarms collected from server devices and security devices of multiple layers of the business system, as well as threat intelligence acquired from the intelligence agency.
【 预 览 】
| Files | Size | Format | View |
|---|---|---|---|
| NGSIEM Based APT Attack Analysis System | 269KB |  download |
878987797
028-85220240
