Yuxiang Zhang, Jiujiang Han, Ming Xian, Huimei Wang
{"title":"Research on system-level origin graph design for APT attack detection","authors":"Yuxiang Zhang, Jiujiang Han, Ming Xian, Huimei Wang","doi":"10.1117/12.2674706","DOIUrl":null,"url":null,"abstract":"With the rapid development of science and technology, the world has accelerated into the network information era, and the high sustained and high intensity attack and defense confrontation in cyberspace has become the new normal of the game between countries, the organization of attackers, the standardization of attack equipment, and the automation of attack methods have evolved. The research on APT attack detection has become a hot and difficult issue for academia and industry. To address these challenges, this paper proposes a system-level origin graph model for APT attack detection, analyzes and discusses the advantages and disadvantages of different granularity of origin graphs, selects a reasonable granularity of origin graph models, and focuses on multi-operating system origin graph models to determine different origin graph models for the respective characteristics of different operating system platforms, specifically, to build different entity objects, and elaborates on the technical details. The technical details are elaborated. Finally, the validity and feasibility of the system-level origin graph model are clarified to provide model support for the subsequent research on effective APT attack detection.","PeriodicalId":286364,"journal":{"name":"Conference on Computer Graphics, Artificial Intelligence, and Data Processing","volume":"39 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-05-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Conference on Computer Graphics, Artificial Intelligence, and Data Processing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1117/12.2674706","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
With the rapid development of science and technology, the world has accelerated into the network information era, and the high sustained and high intensity attack and defense confrontation in cyberspace has become the new normal of the game between countries, the organization of attackers, the standardization of attack equipment, and the automation of attack methods have evolved. The research on APT attack detection has become a hot and difficult issue for academia and industry. To address these challenges, this paper proposes a system-level origin graph model for APT attack detection, analyzes and discusses the advantages and disadvantages of different granularity of origin graphs, selects a reasonable granularity of origin graph models, and focuses on multi-operating system origin graph models to determine different origin graph models for the respective characteristics of different operating system platforms, specifically, to build different entity objects, and elaborates on the technical details. The technical details are elaborated. Finally, the validity and feasibility of the system-level origin graph model are clarified to provide model support for the subsequent research on effective APT attack detection.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
