APT安全检测体系架构及关键技术研究
The Study of APT Security Detection Architecture and Key Technologies

作者: 刘怡文 * , 黄 琼 * , 余 静 * , 张子龙 :北京市7223信箱10分箱,北京;

关键词: APT攻击大数据分析数据挖掘知识发现攻击检测APT Attack Large-Data Analysis Data Mining Knowledge Discovery Attack Detection

摘要:
本文分析了现有APT攻击检测技术及存在的问题,提出了APT安全检测体系架构和APT检测的关键技术,给出了APT时域关联规则挖掘算法,采用大数据分析技术构建了安全知识库;并提出了基于分类的APT攻击检测方法。

Abstract: In this paper, by analyzing some drawbacks of the existing APT attack detection technology, APT security detection architecture and its key technologies have been proposed. Among this, a mining algorithm for APT time-domain association rule was given, and the security knowledge base was created using large-data analysis technology. Furthermore an APT attack detection method based on classification was proposed, which occupied significant roles in the APT security detection architecture.

文章引用: 刘怡文 , 黄 琼 , 余 静 , 张子龙 (2015) APT安全检测体系架构及关键技术研究。 安防技术, 3, 24-29. doi: 10.12677/JSST.2015.33005

参考文献

[1] 许佳, 周丹平, 顾海东 (2014) APT攻击及其检测技术综述. 保密科学技术, 1, 34-40.

[2] 周涛 (2012) 大数据与APT攻击检测. 信息安全与通信保密, 7, 22-23.

[3] 刘昕 (2014) 大数据背景下的APT攻击检测与防御. 电子测试, 2, 80-81.

[4] 周根贵 (2010) 数据仓库与数据挖掘(第2版). 浙江大学出版社, 杭州.

[5] Han, J.W., Kamber, M. and Pei, J., 著 (2012) 数据挖掘概念与技术(第3版). 范明, 孟小峰, 译, 机械工业出版社, 北京.

分享
Top