信息安全与通信保密
信息安全與通信保密
신식안전여통신보밀
CHINA INFORMATION SECURITY
2012年
7期
24-27
,共4页
网络安全%APT攻击%安全体系%防范策略
網絡安全%APT攻擊%安全體繫%防範策略
망락안전%APT공격%안전체계%방범책략
network security%APT attack%security architecture%defense strategy
APT攻击是一类针对企业和政府重要信息资产的,对信息系统可用性、可靠性构成极大挑战的信息安全威胁。APT变化多端、效果显著且难于防范,因此,渐渐成为网络渗透和系统攻击的演进趋势,近来备受网络安全研究者关注。目前,国内外对APT攻击的研究主要由安全厂商进行,其侧重点在于通过安全事件、威胁的分析导出企业的安全理念,忽视了对APT攻击机理、产生背景等进行整体而细致的剖析。这里从APT的规范定义及特征入手,对攻击发起的背景、步骤等进行了较详尽的描述,给出了检测、响应和预防APT的可行方法。
APT攻擊是一類針對企業和政府重要信息資產的,對信息繫統可用性、可靠性構成極大挑戰的信息安全威脅。APT變化多耑、效果顯著且難于防範,因此,漸漸成為網絡滲透和繫統攻擊的縯進趨勢,近來備受網絡安全研究者關註。目前,國內外對APT攻擊的研究主要由安全廠商進行,其側重點在于通過安全事件、威脅的分析導齣企業的安全理唸,忽視瞭對APT攻擊機理、產生揹景等進行整體而細緻的剖析。這裏從APT的規範定義及特徵入手,對攻擊髮起的揹景、步驟等進行瞭較詳儘的描述,給齣瞭檢測、響應和預防APT的可行方法。
APT공격시일류침대기업화정부중요신식자산적,대신식계통가용성、가고성구성겁대도전적신식안전위협。APT변화다단、효과현저차난우방범,인차,점점성위망락삼투화계통공격적연진추세,근래비수망락안전연구자관주。목전,국내외대APT공격적연구주요유안전엄상진행,기측중점재우통과안전사건、위협적분석도출기업적안전이념,홀시료대APT공격궤리、산생배경등진행정체이세치적부석。저리종APT적규범정의급특정입수,대공격발기적배경、보취등진행료교상진적묘술,급출료검측、향응화예방APT적가행방법。
APT, as information security threat, aims at important enterprise and government assets and constitutes a serious challenge to information systems' usability and reliability. APT, being versatile, effective, and difficult to defend, gradually becomes the main evolution trend of network infiltration and system attack, thus receiving much attention from IA researchers. Current study on APT is done principally by security vendors, and these vendors focus on output of their security concept by threat assessment, while neglecting the thorough analysis on the constitution and developing background of APT. Starting from normal definition and feature of APT, the developing background and procedure of APT attack is described in detail, and some feasible measures for detecting, reacting on and preventing APT attack are also Riven.
