The Study of APT Security Detection Architecture and Key Technologies
DOI: 10.12677/JSST.2015.33005, PDF, HTML, XML,  被引量 下载: 3,067  浏览: 7,752  科研立项经费支持
作者: 刘怡文*, 黄 琼*, 余 静*, 张子龙*:北京市7223信箱10分箱,北京
关键词: APT攻击大数据分析数据挖掘知识发现攻击检测APT Attack Large-Data Analysis Data Mining Knowledge Discovery Attack Detection
摘要: 本文分析了现有APT攻击检测技术及存在的问题,提出了APT安全检测体系架构和APT检测的关键技术,给出了APT时域关联规则挖掘算法,采用大数据分析技术构建了安全知识库;并提出了基于分类的APT攻击检测方法。
Abstract: In this paper, by analyzing some drawbacks of the existing APT attack detection technology, APT security detection architecture and its key technologies have been proposed. Among this, a mining algorithm for APT time-domain association rule was given, and the security knowledge base was created using large-data analysis technology. Furthermore an APT attack detection method based on classification was proposed, which occupied significant roles in the APT security detection architecture.
文章引用:刘怡文, 黄琼, 余静, 张子龙. APT安全检测体系架构及关键技术研究[J]. 安防技术, 2015, 3(3): 24-29. http://dx.doi.org/10.12677/JSST.2015.33005