APT-DFLC: A Defense System Framework against APT Attack for High Security Level Network Based on Life Cycle
APT attacks with concealment features and zero-day vulnerability utilization have become a major threat to high-security network environments such as government, finance and energy institutions. However the existing APT attack detection and defense methods based on dynamic analysis, anomaly detectio...
Saved in:
| Published in | 2024 4th Asia-Pacific Conference on Communications Technology and Computer Science (ACCTCS) pp. 730 - 736 |
|---|---|
| Main Authors | , , , |
| Format | Conference Proceeding |
| Language | English |
| Published |
IEEE
24.02.2024
|
| Subjects | |
| Online Access | Get full text |
| DOI | 10.1109/ACCTCS61748.2024.00135 |
Cover
| Abstract | APT attacks with concealment features and zero-day vulnerability utilization have become a major threat to high-security network environments such as government, finance and energy institutions. However the existing APT attack detection and defense methods based on dynamic analysis, anomaly detection and machine learning are mostly aimed at a single stage, this is obviously not enough for APT attack with multiple links and multi-stage characteristics. It is a meaningful work to study how to prevent APT attack comprehensively and deeply. This paper firstly reviews and analyzes the APT attack life cycle and APT attack defense mechanism of high security level network, then puts forward the defense system framework of APT attack for high security level network based on life cycle. This framework has the characteristics of full cycle, multi-level, and systematic defense deeply, which can prevent APT attacks from multiple dimensions. And we also analyzes the key problems of each part of defense. Our framework will provide the ability for high security level network to defense the complex multi-source APT attacks. |
|---|---|
| AbstractList | APT attacks with concealment features and zero-day vulnerability utilization have become a major threat to high-security network environments such as government, finance and energy institutions. However the existing APT attack detection and defense methods based on dynamic analysis, anomaly detection and machine learning are mostly aimed at a single stage, this is obviously not enough for APT attack with multiple links and multi-stage characteristics. It is a meaningful work to study how to prevent APT attack comprehensively and deeply. This paper firstly reviews and analyzes the APT attack life cycle and APT attack defense mechanism of high security level network, then puts forward the defense system framework of APT attack for high security level network based on life cycle. This framework has the characteristics of full cycle, multi-level, and systematic defense deeply, which can prevent APT attacks from multiple dimensions. And we also analyzes the key problems of each part of defense. Our framework will provide the ability for high security level network to defense the complex multi-source APT attacks. |
| Author | Zhu, Pengfei Yang, Chen Chen, Daowei Yan, Hongsheng |
| Author_xml | – sequence: 1 givenname: Daowei surname: Chen fullname: Chen, Daowei email: daoweics@email.cn organization: School of Information and Communication, National University of Defense Technology,Wuhan,China – sequence: 2 givenname: Pengfei surname: Zhu fullname: Zhu, Pengfei email: 18062089100@126.com organization: School of Information and Communication, National University of Defense Technology,Wuhan,China – sequence: 3 givenname: Hongsheng surname: Yan fullname: Yan, Hongsheng email: 309926076@qq.com organization: School of Information and Communication, National University of Defense Technology,Wuhan,China – sequence: 4 givenname: Chen surname: Yang fullname: Yang, Chen email: 13638696590@163.com organization: School of Information and Communication, National University of Defense Technology,Wuhan,China |
| BookMark | eNotjNFOgzAUhmuiFzr3BsacFwBbCqXHO-ycMyFqMu6XAqez2QADVcPbu6hXf_Ll-_4rdt4PPTF2K3gsBMe7wpjKbJXIUx0nPEljzoXMztgSc9Qy4zJD1NklOxRvVbRal-YeCliRo34i2M5ToA7Wo-3oexgPYPfW91OAkwxFCLY5gBtG2Pj9O2yp-Rx9mKGkLzrCC4Xf5MFO1MLQQ-kdgZmbI12zC2ePEy3_d8Gq9WNlNlH5-vRsijLyKEJEyrbOYW4VadUiYmOVsnWt21YKgVzWWFvkIlE5b_iJtgrrVJGTMpVacLlgN3-3noh2H6Pv7DjvBFci0WkufwCoR1UP |
| CODEN | IEEPAD |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IL CBEJK RIE RIL |
| DOI | 10.1109/ACCTCS61748.2024.00135 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Xplore POP ALL IEEE Xplore All Conference Proceedings IEEE Electronic Library (IEL) IEEE Proceedings Order Plans (POP All) 1998-Present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://proxy.k.utb.cz/login?url=https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Government Computer Science |
| EISBN | 9798350359985 |
| EndPage | 736 |
| ExternalDocumentID | 10612847 |
| Genre | orig-research |
| GroupedDBID | 6IE 6IL CBEJK RIE RIL |
| ID | FETCH-LOGICAL-i91t-e6adff97a6e86d999ca66abb8dd311903b9ba9012670c08ddd69b46ef33438103 |
| IEDL.DBID | RIE |
| IngestDate | Wed Aug 21 05:37:07 EDT 2024 |
| IsPeerReviewed | false |
| IsScholarly | false |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-i91t-e6adff97a6e86d999ca66abb8dd311903b9ba9012670c08ddd69b46ef33438103 |
| PageCount | 7 |
| ParticipantIDs | ieee_primary_10612847 |
| PublicationCentury | 2000 |
| PublicationDate | 2024-Feb.-24 |
| PublicationDateYYYYMMDD | 2024-02-24 |
| PublicationDate_xml | – month: 02 year: 2024 text: 2024-Feb.-24 day: 24 |
| PublicationDecade | 2020 |
| PublicationTitle | 2024 4th Asia-Pacific Conference on Communications Technology and Computer Science (ACCTCS) |
| PublicationTitleAbbrev | ACCTCS |
| PublicationYear | 2024 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| Score | 1.8635131 |
| Snippet | APT attacks with concealment features and zero-day vulnerability utilization have become a major threat to high-security network environments such as... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 730 |
| SubjectTerms | APT Communications technology Computer science defense system Finance Framework Design Government Life Cycle Machine learning network Reviews Systematics |
| Title | APT-DFLC: A Defense System Framework against APT Attack for High Security Level Network Based on Life Cycle |
| URI | https://ieeexplore.ieee.org/document/10612847 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV1Na8JAEF2qJ0-21tJv5tBr1JhkzfaWxgYpVgRT8Ca72UkRQUuJh_bXd3aT1FIo9BaWkITNZN-b7Jt5jN3pUAS08EsHjazGV77rKEIxRxKWa0IUntsmrs8zPnnxn5bBsipWt7UwiGjFZ9gzh3YvX--yvflV1jfpi1lOG6xBcVYWa1VVv-5A9KM4TuMFQbLVbA1NW2zX2Lj9sE2xqJG02ay-XykW2fT2hepln79aMf77gY5Z91CgB_Nv6DlhR7jtsHbt0ADVB9thrYOV7inbRPPUGSfT-B4iGGNOCSxC2bEcklqjBfJVrokyAp0MUVHIbAPEa8HoQWBRmd3B1EiNYFZKyOGBkFDDbgvTdY4Qf1AkdlmaPKbxxKm8Fpy1cAsHudR5LkaSY8g1kcZMci6VCrX2XOIMnhJKEnUY8tEgG9Co5kL5HHPPsz3CvDPW3O62eM7AQxWiCFBpSu0kp0vkQkg5HGk_yHLMLljXTOTqreymsarn8PKP8SvWMi_TlpH716xZvO_xhohAoW5tAHwBwp6zVg |
| linkProvider | IEEE |
| linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV3PT8IwGG0UD3pCEeNvv4PXAWNbod7mkKAOQsJMuJF2_WYICRgzDvrX-7UbYkxMvC3Nsi1d1_e6vvc9xm51VwQ08UsHjazGV77rKEIxRxKWa0IUntkirsMRH7z4T9NgWprVrRcGEa34DBvm0O7l61W6Nr_Kmmb5YqbTXbZHwO8HhV2r9P26LdEMoyiJJgTKVrXVNoWxXRPk9iM4xeJGv8pGmzsWcpFFY52rRvr5qxjjvx_pkNW3Fj0Yf4PPEdvBZY1VNxkNUH6yNXawDdM9ZotwnDi9fhzdQQg9zGgJi1DULIf-RqUF8lXOiTQCnQxhnst0AcRswShCYFLG3UFsxEYwKkTkcE9YqGG1hHieIUQfNBbrLOk_JNHAKdMWnLlwcwe51FkmOpJjl2uijankXCrV1dpziTV4SihJ5KHNO620Ra2aC-VzzDzPVgnzTlhluVriKQMPVRdFgErT4k5yukQmhJTtjvaDNMP0jNVNR87einoas00fnv_RfsP2B8kwnsWPo-cLdmBerDWV-5eskr-v8YpoQa6u7WD4AlIKtqM |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=2024+4th+Asia-Pacific+Conference+on+Communications+Technology+and+Computer+Science+%28ACCTCS%29&rft.atitle=APT-DFLC%3A+A+Defense+System+Framework+against+APT+Attack+for+High+Security+Level+Network+Based+on+Life+Cycle&rft.au=Chen%2C+Daowei&rft.au=Zhu%2C+Pengfei&rft.au=Yan%2C+Hongsheng&rft.au=Yang%2C+Chen&rft.date=2024-02-24&rft.pub=IEEE&rft.spage=730&rft.epage=736&rft_id=info:doi/10.1109%2FACCTCS61748.2024.00135&rft.externalDocID=10612847 |