【 摘 要 】

Here we report on the issue of Advanced Persistent Threats (APT), which use malware for the purpose of leaking the data of large corporations and government agencies. APT attacks target systems continuously by utilizing intelligent and complex technologies. To overthrow the elaborate security network of target systems, it conducts an attack after undergoing a pre-reconnaissance phase. An APT attack causes financial loss, information leakage, etc. They can easily bypass the antivirus system of a target system. In this paper, we propose a Multi-Layer Defense System (MLDS) that can defend against APT. This system applies a reinforced defense system by collecting and analyzing log information and various information from devices, by installing the agent on the network appliance, server and end-user. It also discusses how to detect an APT attack when one cannot block the initial intrusion while continuing to conduct other activities. Thus, this system is able to minimize the possibility of initial intrusion and damages of the system by promptly responding through rapid detection of an attack when the target system is attacked.

【 授权许可】

CC BY   
© 2014 by the authors; licensee MDPI, Basel, Switzerland

【 预 览 】

附件列表

Files	Size	Format	View
RO202003190019308ZK.pdf	736KB	PDF	download