APT安全检测体系架构及关键技术研究
The Study of APT Security Detection Architecture and Key Technologies
摘要:
本文分析了现有APT攻击检测技术及存在的问题,提出了APT安全检测体系架构和APT检测的关键技术,给出了APT时域关联规则挖掘算法,采用大数据分析技术构建了安全知识库;并提出了基于分类的APT攻击检测方法。
Abstract:
In this paper, by analyzing some drawbacks of the existing APT attack detection technology, APT security detection architecture and its key technologies have been proposed. Among this, a mining algorithm for APT time-domain association rule was given, and the security knowledge base was created using large-data analysis technology. Furthermore an APT attack detection method based on classification was proposed, which occupied significant roles in the APT security detection architecture.
参考文献
[1]
|
许佳, 周丹平, 顾海东 (2014) APT攻击及其检测技术综述. 保密科学技术, 1, 34-40.
|
[2]
|
周涛 (2012) 大数据与APT攻击检测. 信息安全与通信保密, 7, 22-23.
|
[3]
|
刘昕 (2014) 大数据背景下的APT攻击检测与防御. 电子测试, 2, 80-81.
|
[4]
|
周根贵 (2010) 数据仓库与数据挖掘(第2版). 浙江大学出版社, 杭州.
|
[5]
|
Han, J.W., Kamber, M. and Pei, J., 著 (2012) 数据挖掘概念与技术(第3版). 范明, 孟小峰, 译, 机械工业出版社, 北京.
|