APT-DFLC: A Defense System Framework against APT Attack for High Security Level Network Based on Life Cycle
APT attacks with concealment features and zero-day vulnerability utilization have become a major threat to high-security network environments such as government, finance and energy institutions. However the existing APT attack detection and defense methods based on dynamic analysis, anomaly detectio...
Saved in:
Published in | 2024 4th Asia-Pacific Conference on Communications Technology and Computer Science (ACCTCS) pp. 730 - 736 |
---|---|
Main Authors | , , , |
Format | Conference Proceeding |
Language | English |
Published |
IEEE
24.02.2024
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | APT attacks with concealment features and zero-day vulnerability utilization have become a major threat to high-security network environments such as government, finance and energy institutions. However the existing APT attack detection and defense methods based on dynamic analysis, anomaly detection and machine learning are mostly aimed at a single stage, this is obviously not enough for APT attack with multiple links and multi-stage characteristics. It is a meaningful work to study how to prevent APT attack comprehensively and deeply. This paper firstly reviews and analyzes the APT attack life cycle and APT attack defense mechanism of high security level network, then puts forward the defense system framework of APT attack for high security level network based on life cycle. This framework has the characteristics of full cycle, multi-level, and systematic defense deeply, which can prevent APT attacks from multiple dimensions. And we also analyzes the key problems of each part of defense. Our framework will provide the ability for high security level network to defense the complex multi-source APT attacks. |
---|---|
DOI: | 10.1109/ACCTCS61748.2024.00135 |