Title:
DEFENSE AGAINST APT ATTACK
Document Type and Number:
WIPO Patent Application WO/2018/177210
Kind Code:
A1
Abstract:
Provided by the present application are a method and system for defending against an advanced persistent threat (APT) attack, the method comprising: acquiring communication data in a network; carrying out association analysis on the communication data, and screening threat data in the communication data according to an association analysis result; mapping each piece of screened threat data to a corresponding APT attack stage respectively according to a kill chain model; and defending a network entity related to each piece of threat data according to defense strategies corresponding to the multiple APT attack stages. By means of mapping threat data to a corresponding APT attack phase and adopting corresponding defense strategies for different APT attack phases, the present application enables APT attack processing to be more targeted and may more effectively detect and defend against an APT attack.
More Like This:
Inventors:
CHEN YOUKUN (CN)
Application Number:
PCT/CN2018/080223
Publication Date:
October 04, 2018
Filing Date:
March 23, 2018
Export Citation:
Assignee:
NEW H3C TECH CO LTD (CN)
International Classes:
H04L29/06
Domestic Patent References:
| WO2016089567A1 | 2016-06-09 |
Foreign References:
| CN106209867A | 2016-12-07 | |||
| CN105024976A | 2015-11-04 | |||
| CN104283889A | 2015-01-14 | |||
| CN103916385A | 2014-07-09 | |||
| CN103916406A | 2014-07-09 | |||
| US20170070518A1 | 2017-03-09 | |||
| US20160300227A1 | 2016-10-13 | |||
| US20150096024A1 | 2015-04-02 |
Other References:
WU, PENG ET AL.: "Research of cyber security situation awareness base on APT attack chain", TELECOM ENGINEERING TECHNICS AND STANDARDIZATION, vol. 28, no. 12, 31 December 2015 (2015-12-31), pages 43 - 47, XP009517167, ISSN: 1008-5599
See also references of EP 3588898A4
See also references of EP 3588898A4
Attorney, Agent or Firm:
BEIJING BESTIPR INTELLECTUAL PROPERTY LAW CORPORATION (CN)
Download PDF: