摘要
通过对高级持续威胁检测系统关键技术的深入学习,结合现有的攻击检测方法,提出了一种基于路径关联的APT检测方法,并与APT攻击检测模型进行路径匹配,通过对IP路径的匹配和应用系统的连接数来发现潜在的安全攻击行为,最大限度提高核心数据资产的安全性,并利用校园网络环境对该技术进行了实验与分析。
Through deep studies of key technologies of advanced technology for threat detection system and the existing attack detection method,the authors proposed detection attack event correlation analysis and path matching and APT attack detection model. Through the connection number application system, potential and future security attacks can be detected. The technology,tested by campus network,improves the safety of core data assets. and the technology of experiment and analysis of the use of campus network.
作者
余建
肖香梅
余琼
YU Jian;XIAO Xiangmei;YU Qiong(l.Sanming University, Sanming, Fujian 365004,Chin;Sanming No.l Middle School, Sanming, Fujian 365004,China)
出处
《龙岩学院学报》
2018年第2期53-60,共8页
Journal of Longyan University
基金
2017年福建省中青年教师教育科研项目(JAT170552)
关键词
APT
路径关联
检测系统
校园网
网络安全
APT
path association
detection system
campus network
security of network
