Yuxiang Zhang, Jiujiang Han, Ming Xian, Huimei Wang
{"title":"面向APT攻击检测的系统级原点图设计研究","authors":"Yuxiang Zhang, Jiujiang Han, Ming Xian, Huimei Wang","doi":"10.1117/12.2674706","DOIUrl":null,"url":null,"abstract":"With the rapid development of science and technology, the world has accelerated into the network information era, and the high sustained and high intensity attack and defense confrontation in cyberspace has become the new normal of the game between countries, the organization of attackers, the standardization of attack equipment, and the automation of attack methods have evolved. The research on APT attack detection has become a hot and difficult issue for academia and industry. To address these challenges, this paper proposes a system-level origin graph model for APT attack detection, analyzes and discusses the advantages and disadvantages of different granularity of origin graphs, selects a reasonable granularity of origin graph models, and focuses on multi-operating system origin graph models to determine different origin graph models for the respective characteristics of different operating system platforms, specifically, to build different entity objects, and elaborates on the technical details. The technical details are elaborated. Finally, the validity and feasibility of the system-level origin graph model are clarified to provide model support for the subsequent research on effective APT attack detection.","PeriodicalId":286364,"journal":{"name":"Conference on Computer Graphics, Artificial Intelligence, and Data Processing","volume":"39 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-05-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Research on system-level origin graph design for APT attack detection\",\"authors\":\"Yuxiang Zhang, Jiujiang Han, Ming Xian, Huimei Wang\",\"doi\":\"10.1117/12.2674706\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"With the rapid development of science and technology, the world has accelerated into the network information era, and the high sustained and high intensity attack and defense confrontation in cyberspace has become the new normal of the game between countries, the organization of attackers, the standardization of attack equipment, and the automation of attack methods have evolved. The research on APT attack detection has become a hot and difficult issue for academia and industry. To address these challenges, this paper proposes a system-level origin graph model for APT attack detection, analyzes and discusses the advantages and disadvantages of different granularity of origin graphs, selects a reasonable granularity of origin graph models, and focuses on multi-operating system origin graph models to determine different origin graph models for the respective characteristics of different operating system platforms, specifically, to build different entity objects, and elaborates on the technical details. The technical details are elaborated. Finally, the validity and feasibility of the system-level origin graph model are clarified to provide model support for the subsequent research on effective APT attack detection.\",\"PeriodicalId\":286364,\"journal\":{\"name\":\"Conference on Computer Graphics, Artificial Intelligence, and Data Processing\",\"volume\":\"39 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-05-23\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Conference on Computer Graphics, Artificial Intelligence, and Data Processing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1117/12.2674706\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Conference on Computer Graphics, Artificial Intelligence, and Data Processing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1117/12.2674706","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Research on system-level origin graph design for APT attack detection
With the rapid development of science and technology, the world has accelerated into the network information era, and the high sustained and high intensity attack and defense confrontation in cyberspace has become the new normal of the game between countries, the organization of attackers, the standardization of attack equipment, and the automation of attack methods have evolved. The research on APT attack detection has become a hot and difficult issue for academia and industry. To address these challenges, this paper proposes a system-level origin graph model for APT attack detection, analyzes and discusses the advantages and disadvantages of different granularity of origin graphs, selects a reasonable granularity of origin graph models, and focuses on multi-operating system origin graph models to determine different origin graph models for the respective characteristics of different operating system platforms, specifically, to build different entity objects, and elaborates on the technical details. The technical details are elaborated. Finally, the validity and feasibility of the system-level origin graph model are clarified to provide model support for the subsequent research on effective APT attack detection.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
