期刊文献+

基于ATT&CK的入侵检测与防御体系建设实践 被引量:1

Practice of Intrusion Detection and Prevention System Construction Based on ATT&CK
下载PDF
导出
摘要 数字化转型和云形态日新月异的变化,给网络安全领域带来了各种各样的新式挑战,有效的保证网络空间安全,开展攻击溯源及反制,已经成为新形势下网络安全行业所面临的新任务。网络安全防护人员如何在当今攻守不对称的情况下做好入侵检测与防御,已经成为每个组织需要重点解决的问题。分析了当前入侵检测与防御体系存在的问题,结合ATT&CK框架,讨论了如何构建入侵检测与防御体系,才能更好地应对攻击行为。 Digital transformation and rapid changes in cloud morphology have brought a variety of new challenges to the network security.Effectively ensuring the security of cyberspace and carrying out attack source tracing and countermeasures have become the new tasks faced by the network security industry under the new situation.How the network security protection personnel do well in intrusion detection and prevention under the situation of asymmetric attack and defense has become a key problem to be solved by each organization.It analyzes the existing problems of current intrusion detection and prevention system,combined with ATT&CK framework,it discusses how to construct intrusion detection and prevention system,in order to better deal with the attack behavior.
作者 郭新海 徐雷 张曼君 刘安 蓝鑫冲 丁攀 Guo Xinhai;Xu Lei;Zhang Manjun;Liu An;Lan Xinchong;Ding Pan(China Unicom Research Institute,Beijing 100048,China)
机构地区 中国联通研究院
出处 《邮电设计技术》 2022年第9期77-81,共5页 Designing Techniques of Posts and Telecommunications
关键词 ATT&CK 网络空间安全 入侵检测 入侵防御 ATT&CK Cyberspace security Intrusion detection Intrusion prevention
  • 相关文献

参考文献9

二级参考文献20

共引文献39

同被引文献3

引证文献1

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部