bilityi
steadofa
alyzi
gthebackgrou
dofAPTattackmecha
ismoveralla
ddetailedI
ordertoeffectivelyrespo
dtothegrowi
gAPTattackbyreadi
galotofliteraturea
ddrawi
glesso
sfromdomestica
di
ter
atio
alexperie
cefromtheAPTsta
darddefi
itio
a
dcharacteristicco
ductedamoredetailedsummaryo
APTattacksge
eratedbackgrou
dpri
ciplesa
dproceduresofattacks。O
thebasisofu
dersta
di
gusi
gtwoQuidwayS2008typesofswitchesa
droutersQuidway2600routermodelsa
dsomecomputertosimulatei
ter
al
etworka
dexter
al
etworka
dusi
gbuildi
ge
viro
me
ttosimulateseveraltypicalAPTattackproposespecificprogramsi
cludi
gtheschemesa
dboxdetectio
a
omalydetectio
threatdetectio
memoryteststodetectAPTattacksTheseprogramsmoreeffectivelydetectAPTattackscomparedwithtraditio
alprotectio
schemesBydetecti
gwhetherthedataa
di
formatio
co
tai
sAPTfeaturesqueryi
gflowa
alysi
glogtofi
dtheAPTattackbeforetheAPTattacksa
dproposedthespecificpreve
tio
programforAPTattackKey：APTattackdetectio
schemepreve
tio
strategies
III
f贵州大学毕业论文（设计）
目录
摘要IIAbstractIII第一章概述111目的与意义113现状及发展趋势113主要设计内容3第二章相关的基础知识421ATP的概念422APT攻击的原理423APT的危害5第三章APT攻击的发现631ATP攻击的途径632ATP攻击的过程剖析633ATP的检测8331沙箱方案9332异常检测模式10333威胁检测技术11334基于记忆的检测13第四章APT防护方案设计1541网络拓扑图1542存在的威胁1543内网的安全的防护1644应用程序的安全的防护r