Analysis of APT Attack Principle and Protection Technology

doi:10.3969/j.issn.1671-1122.2016.09.024

Abstract

Abstract:

The continuous evolution of the global information technology makes the APT attacks more aggressive and purposeful. Application of advanced technology, long latency hidden and sponsored by profit party long-term funding, is significantly different APT attacks from other network attacks. This paper introduces the popular APT attacks in recent years, such as NIST attacks on the APT, so as to give the character of APT attacks, and indicate usual target of APT attack, by analysising APT attack case in recent years. After a detailed analysis of the common steps of APT attacks-South Korea SK company being APT attack, it illustrates the various steps of the offensive content. Furthermore, it puts forward comprehensive response to the APT attacks from the macroscopic continuous improvement of protection concept and micro structured best practice methods solutions.

Key words: APT, case analysis, defensive thinking

CLC Number:

TP309

Sanjun CHENG, Yu WANG. Analysis of APT Attack Principle and Protection Technology[J]. Netinfo Security, 2016, 16(9): 118-123.

Figures/Tables 4

References 11

[1]	NIST. NIST Special Publication 800-39, Managing Information Security Risk Organization Mission and Information System View [EB/OL]. ,2016-1-15.
[2]	蒲石,陈周国,祝世雄.震网病毒分析与防范[J]. 信息网络安全,2012(12):40-43.
[3]	周可政,施勇,薛质. 基于恶意PDF文档的APT检测[J].信息安全与通信保密,2016(1):131-136.
[4]	Japanese IT Promotion Agency.Vulnerabilities: Security Alert for Vulnerability in ALZip[EB/OL]. ,2016-1-15.
[5]	Hauri-Response Team.SK Communications Detailed Analysis Report of nateon.exe Malware[EB/OL]. ,2016-1-15.
[6]	于航,刘丽敏,高能,等. 基于模拟器的沙箱系统研究[J]. 信息网络安全,2015(9):139-143.
[7]	周涛. 大数据与APT攻击检测[J].信息安全与通信保密,2012(7):23.
[8]	李潇,张强,胡明,等. 针对APT攻击的防御策略研究[J].企业技术开发,2015 6(5):39-41.
[9]	胡俊鹏,谢坤武,毕晓玲. 基于RBAC的安全管理系统的设计与实现[J]. 微计算机信息,2008,24(6):88-90.
[10]	于倩,尹凯,王海峰,等. 浅析APT攻击以及防范的四大策略[J].网络安全技术与应用,2015(1):137.
[11]	谈诚,邓入弋,王丽娜,等. 针对APT攻击中恶意USB存储设备的防护方案研究[J]. 信息网络安全,2016(2):7-14.

[1]	Quanming LIU, Jie FENG, Yinnan LI, Shasha SU. A HIBE Scheme of Differentiates the Number of Identity Layers [J]. Netinfo Security, 2019, 19(11): 14-23.
[2]	Kai DENG, Zhihong TIAN, Danyang MA. Research and Implementation of a Highly Reliable Distributed Storage Scheme Based on Wirehair Code [J]. Netinfo Security, 2018, 18(2): 20-26.
[3]	Hongtao GAO, Wei LU, Yuwang YANG. An Adaptive Adjusting Kernel Function-Based Extraction Method for Image Salient Area [J]. Netinfo Security, 2018, 18(2): 54-60.
[4]	Yuhui WANG, Zehua ZENG, Jiahui SHEN, Tianshu FU. APT Logic-based Causality Analysis of Terrorist Incidents [J]. Netinfo Security, 2017, 17(9): 93-97.
[5]	Zhiyou OUYANG, Xiaokui SUN. Human-machine Behavior Recognition for CAPTCHA Based on Gradient Boosting Model [J]. Netinfo Security, 2017, 17(9): 143-146.
[6]	Xiangshen MIN, Xuefeng ZHANG. A New Algorithm of the Location of Fingerprint Core in Cloud Computing [J]. Netinfo Security, 2017, 17(7): 59-65.
[7]	ZHANG Jiawei, ZHANG Dongmei, HUANG Siqi. Design and Implementation of Anti APT Attack Trusted Software Base [J]. 信息网络安全, 2017, 17(6): 49-55.
[8]	Shunan SONG, Zhen YANG. Research on Quantization Method of Reducing Bit Disagreement Rate in Secret Key Extraction [J]. Netinfo Security, 2017, 17(4): 46-52.
[9]	LEI Qing, JING Lihua, ZHAO Deming, ZHENG Jilong. Research on the Technology of Gun Detection System for Android APP Videos Based on Deep Learning [J]. 信息网络安全, 2016, 16(9): 149-153.
[10]	CHU Weiming, HUANG Jin, LIU Zhile. Research on Collecting Data for Situation Awareness of Cyber Space [J]. 信息网络安全, 2016, 16(9): 202-207.
[11]	Xiaofeng LUO, Wenxian WANG, Wanbo LUO. The Retrospect and Prospect of Access Control Technology [J]. Netinfo Security, 2016, 16(12): 19-27.
[12]	CHEN Chen, WANG Yi-Jun, HU Guang-jun, GUO Yan-hui. Research for APT Attack Technology [J]. 信息网络安全, 2015, 15(3): 33-37.
[13]	LIU Bao-guo, XU Ling-wei, ZHANG Hao, GULLIVER T A. Study on Selection of the Antenna Array in Compass Navigation System [J]. 信息网络安全, 2015, 15(1): 12-15.
[14]	LI Feng-hai, LI Shuang, ZHANG Bai-long, SONG Yan. An Anti-APT Scheme Research for High-Security Network [J]. 信息网络安全, 2014, 14(9): 109-114.
[15]	. The Design and Implementation of An Analysis System of Network Protocol [J]. , 2014, 14(7): 48-.