USING BEHAVIOR-BASED ANALYSIS TECHNIQUES FOR ADVANCED PERSISTENT THREAT ATTACK DETECTION AND RESPONSE SYSTEM AND METHOD FOR THEREOF

摘要

The intelligent continuous attack detection and response system using the behavior-based analysis technique according to the embodiment of the present invention includes a function audit module that supports operation management and audit of the entire module, and a target scope of the system state audit, The audit policy module that manages the policy, and the scope of the audit target defined by the audit policy module, performs the audit of the status of the audit object, determines the validity of the attack when the audit event is detected, And an audit violation response module for receiving the attack analysis result from the system state audit module to derive a countermeasure for matching the attack, and implementing the countermeasure.