Advanced persistent threat detection method, system, computer and storage medium

Advanced persistent threat detection method, system, computer and storage medium

The invention discloses an advanced persistent threat detection method, a system, a computer and a storage medium. The advanced persistent threat detection method comprises the steps of: analyzing traffic of a backbone network of an operator, and restoring files transmitted in the backbone network;...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: HU SHENGQIU, LIU LE, ZHI XULONG, LU YINBING, XIE FENGLIN, WANG YUE, LI WEI, TIAN YI, JIANG YI, ZHAO XUEKUN
Format: Patent
Sprache:chi ; eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The invention discloses an advanced persistent threat detection method, a system, a computer and a storage medium. The advanced persistent threat detection method comprises the steps of: analyzing traffic of a backbone network of an operator, and restoring files transmitted in the backbone network; filtering the traffic in the backbone network so as to filter normal traffic and files; detecting the filtered files; detecting intrusion attack traffic in the backbone network; processing the detection result, and intercepting and blocking the corresponding intrusion attack traffic; performing logrecording on the detected attack; and displaying the recorded logs for evidence acquisition and tracing of subsequent advanced persistent threat attacks. According to the advanced persistent threat detection method provided by the invention, the advanced persistent threat (APT) attack can be detected in a multi-directional manner; and powerful data support and detailed traceability information areprovided for the operator