已收录 268920 条政策
 政策提纲
  • 暂无提纲
NGSIEM Based APT Attack Analysis System
[摘要] APT attack has become the most serious security threat, attackers may use social engineering methods and a large number of 0-day vulnerability attacks to steal or tamper the core data of the target. If the target does not have the ability of real-time attack detection and defense, once the system is intruded, it will suffer serious economic and business losses. The author sums up the typical characteristics and life cycle of APT attacks, which explains the common attack channels and critical steps of APT attacks, and then describes the technical difficulties and challenges in analyzing APT attacks. To solve the problems, an APT attack analysis system based on NGSIEM is proposed, which can implement normalization and complex algorithm processing on logs and alarms collected from server devices and security devices of multiple layers of the business system, as well as threat intelligence acquired from the intelligence agency.
[发布日期]  [发布机构] Information Security Department FRI, Beijing, China^1
[效力级别] 材料科学 [学科分类] 
[关键词] Attack detection;Business systems;Complex algorithms;Intelligence agencies;Security devices;Security threats;Social engineering;Technical difficulties [时效性] 
   浏览次数:28      统一登录查看全文      激活码登录查看全文