Conference ProceedingsOPEN ACCESS

NGSIEM Based APT Attack Analysis System

IOP Conference Series: Earth and Environmental Science (2019) 252(5)
DOI: 10.1088/1755-1315/252/5/052160
0Citations
Citations of this article
7Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

APT attack has become the most serious security threat, attackers may use social engineering methods and a large number of 0-day vulnerability attacks to steal or tamper the core data of the target. If the target does not have the ability of real-time attack detection and defense, once the system is intruded, it will suffer serious economic and business losses. The author sums up the typical characteristics and life cycle of APT attacks, which explains the common attack channels and critical steps of APT attacks, and then describes the technical difficulties and challenges in analyzing APT attacks. To solve the problems, an APT attack analysis system based on NGSIEM is proposed, which can implement normalization and complex algorithm processing on logs and alarms collected from server devices and security devices of multiple layers of the business system, as well as threat intelligence acquired from the intelligence agency.

Cite

CITATION STYLE

APA

Li, Y., Wang, R., & Li, H. (2019). NGSIEM Based APT Attack Analysis System. In IOP Conference Series: Earth and Environmental Science (Vol. 252). Institute of Physics Publishing. https://doi.org/10.1088/1755-1315/252/5/052160

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free