Survey of attack and detection based on the full life cycle of APT
The advanced persistent threat (APT) attack was explored from two perspectives: attack methods and detection methods. First, the definitions and characteristics of APT attacks were reviewed and the development of related attack models was summarized. Based on this, a more general APT full lifecycle...
Saved in:
| Main Authors: | , , , , , , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2024-09-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2024128/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841539217803444224 |
|---|---|
| author | WANG Zhiwei HE Xijie YI Xin LI Ziyang CAO Xudong YIN Tao LI Shuhao FU Anmin ZHANG Yuqing |
| author_facet | WANG Zhiwei HE Xijie YI Xin LI Ziyang CAO Xudong YIN Tao LI Shuhao FU Anmin ZHANG Yuqing |
| author_sort | WANG Zhiwei |
| collection | DOAJ |
| description | The advanced persistent threat (APT) attack was explored from two perspectives: attack methods and detection methods. First, the definitions and characteristics of APT attacks were reviewed and the development of related attack models was summarized. Based on this, a more general APT full lifecycle model was proposed, which was divided into four stages: information gathering, intrusion execution, internal network penetration, and data exfiltration. For each stage, recent research papers from the past five years were thoroughly reviewed, and the attack and detection techniques for each stage were analyzed. Finally, in light of the dynamic landscape of APT attack and defense technologies, the paper underscores the formidable challenges confronting both offense and defense and offers guidance for future research in this domain. |
| format | Article |
| id | doaj-art-9ab262d6ed904db69af444cb0c3f5f6b |
| institution | Kabale University |
| issn | 1000-436X |
| language | zho |
| publishDate | 2024-09-01 |
| publisher | Editorial Department of Journal on Communications |
| record_format | Article |
| series | Tongxin xuebao |
| spelling | doaj-art-9ab262d6ed904db69af444cb0c3f5f6b2025-01-14T07:24:59ZzhoEditorial Department of Journal on CommunicationsTongxin xuebao1000-436X2024-09-014520622873358961Survey of attack and detection based on the full life cycle of APTWANG ZhiweiHE XijieYI XinLI ZiyangCAO XudongYIN TaoLI ShuhaoFU AnminZHANG YuqingThe advanced persistent threat (APT) attack was explored from two perspectives: attack methods and detection methods. First, the definitions and characteristics of APT attacks were reviewed and the development of related attack models was summarized. Based on this, a more general APT full lifecycle model was proposed, which was divided into four stages: information gathering, intrusion execution, internal network penetration, and data exfiltration. For each stage, recent research papers from the past five years were thoroughly reviewed, and the attack and detection techniques for each stage were analyzed. Finally, in light of the dynamic landscape of APT attack and defense technologies, the paper underscores the formidable challenges confronting both offense and defense and offers guidance for future research in this domain.http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2024128/APTnetwork kill chain modelfull life cycle0day attackdetect |
| spellingShingle | WANG Zhiwei HE Xijie YI Xin LI Ziyang CAO Xudong YIN Tao LI Shuhao FU Anmin ZHANG Yuqing Survey of attack and detection based on the full life cycle of APT Tongxin xuebao APT network kill chain model full life cycle 0day attack detect |
| title | Survey of attack and detection based on the full life cycle of APT |
| title_full | Survey of attack and detection based on the full life cycle of APT |
| title_fullStr | Survey of attack and detection based on the full life cycle of APT |
| title_full_unstemmed | Survey of attack and detection based on the full life cycle of APT |
| title_short | Survey of attack and detection based on the full life cycle of APT |
| title_sort | survey of attack and detection based on the full life cycle of apt |
| topic | APT network kill chain model full life cycle 0day attack detect |
| url | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2024128/ |
| work_keys_str_mv | AT wangzhiwei surveyofattackanddetectionbasedonthefulllifecycleofapt AT hexijie surveyofattackanddetectionbasedonthefulllifecycleofapt AT yixin surveyofattackanddetectionbasedonthefulllifecycleofapt AT liziyang surveyofattackanddetectionbasedonthefulllifecycleofapt AT caoxudong surveyofattackanddetectionbasedonthefulllifecycleofapt AT yintao surveyofattackanddetectionbasedonthefulllifecycleofapt AT lishuhao surveyofattackanddetectionbasedonthefulllifecycleofapt AT fuanmin surveyofattackanddetectionbasedonthefulllifecycleofapt AT zhangyuqing surveyofattackanddetectionbasedonthefulllifecycleofapt |