An APT attack source tracing method based on network traffic risk data clustering - Code World

An APT attack source tracing method based on network traffic risk data clustering

Enterprise 2023-09-30 07:51:35 views: null

Abstract: The world today is undergoing major changes unseen in a century. Cyberspace has become the fifth largest territory after land, sea, air and space. Security threats have also extended to cyberspace. There is no national security without network security. In the new era, cyberspace security has risen to the level of national security. Advanced Persistent Threat (APT) attacks are the most threatening attacks in cyberspace. They are highly harmful, highly concealed, and last long. Considering that the traceability of APT attacks has always been an extremely important part of cyberspace attack and defense, an APT attack source traceability method based on network traffic risk data clustering is proposed. First, the workflow of the proposed method is introduced. Secondly, the risk data clustering algorithm in the process is introduced in detail. Finally, the effectiveness of the proposed method is verified through experiments.

Content directory:

1 Traditional APT attack source tracing method

1.1 Traceability based on log records

1.2 Traceability based on packet marking technology

1.3 Traceability method based on active sensing data

2 Traceability method based on network traffic risk data

2.1 Traceability framework

2.2 Clustering algorithm model

2.3 Experiment

3 Conclusion

Advanced Persistent Threat (APT) attacks refer to attackers using a variety of advanced means to launch persistent, highly threatening network attacks against specific targets. It has three important characteristics: (1) Attack capabilities Strong, which reflects the A (advanced nature) aspect of APT; (2) long duration, which reflects the P (persistence) aspect of APT; (3) specific target, high degree of harm , which reflects the T (threat) aspect of APT. The initiators of such attacks often have strong political backgrounds, the attacks are highly concealed and targeted, and the victims of the attacks often suffer huge losses.

According to data disclosed in the "Global Advanced Persistent Threat (APT) 2021 Annual Report" released by Qi'anxin, the main targets of global APT attacks in 2021 include governments

Guess you like

Origin blog.csdn.net/weixin_70923796/article/details/132438575

An APT attack source tracing method based on network traffic risk data clustering

Discussion on data security risk assessment based on traffic detection

[Data clustering] Matlab source code based on ant colony algorithm clustering

[Data clustering] matlab source code based on genetic algorithm clustering design

[Data clustering] matlab source code for clustering design based on particle swarm algorithm

[Data clustering] based on simulated annealing algorithm clustering design matlab source code

Talking about the attack source tracing some common ideas

Tracing the principle of generating topology data based

Research on Network Traffic Classification Method

Multi-feature data clustering analysis based on self-organizing map neural network (SOM) - with code

Tracing the source

Risk assessment based on data security (3): risk analysis and assessment

Spatial feature-based generative adversarial network data generation method

Server was hacked? Backhand tracing the source of the intruder portrait [Network Security]

Fuzzy clustering | MATLAB realizes data analysis based on FC fuzzy clustering

[Posts] Ubuntu apt source modification method

The method of adding apt source system deepin

Front Immunol recurrence | 2. A data dimensionality reduction clustering grouping method based on hypoxia gene set (umap, MSigDB)

Method for obtaining traffic-related data in Android

[Vehicle Flow Spatio-temporal Data Mining] A mixed traffic flow prediction method based on multi-modal deep learning

Python traffic sign recognition system based on YOLOv5 [source code & technical documentation & deployment video & data set]

Image segmentation method based on the K-Means Clustering

20160115 Depth coverage assessment tool based on grid clustering method

Provides a text clustering method based on probability model and vMF distribution

Classification of electrical loads based on fuzzy clustering with transitive closure method

APT attack and cryptography explanation

Tracing the source of ransomware events

Spectral clustering algorithm (graph-based clustering method) python solves examples

SDN-based DDoS attack detection and defense method

centos8 iftop based platform to monitor network traffic

Recommended

NetBSD bans submission of code generated by AI

Ranking

Talk dubbo of LRUCache

Chapter 1 Learning Summary

Introduction to Virtualization

pytorch 调用lstm

Six modules

[8086] The natural number of 1 to 36 into a 6x6 two-dimensional array of line-sequentially, and then print out the lower left half of the triangular array

mybatis mapper mapping file $ # {} {} understanding and

C language input and output buffer

c language floating-point input and output

andorid P version compatible, refer to Huawei

Daily

More

2024-05-18(31)

2024-05-17(6)

2024-05-16(23)

2024-05-15(5)

2024-05-14(9)

2024-05-13(8)

2024-05-12(28)

2024-05-11(32)

2024-05-10(34)

2024-05-09(32)