[1] BREWER R. Advanced persistent threats:minimising the damage[J]. Network Security, 2014, 2014(4):5-9. [2] BENCSÁTH B, PÉK G, BUTTYÁN L, et al. The cousins of Stuxnet:Duqu, Flame, and Gauss[J]. Future Internet, 2012, 4(4):971-1003. [3] LANGNER R. Stuxnet:dissecting a cyberwarfare weapon[J]. IEEE Security & Privacy, 2011, 9(3):49-51. [4] Symantec. Advanced persistent threats:a Symantec perspective[EB/OL].[2016-11-17]. http://www.symantec.com/content/en/us/enterprise/white_papers/b-advanced_persistent_threats_WP_21215957.en-us.pdf. [5] ALBULIWI R. ANRC Advanced Persistent Threat (APT) whitepaper[R]. San Antonio, Texas:ANRC, LLC, 2012. [6] LAST D. Forecasting zero-day vulnerabilities[C]//Proceedings of the 11th Annual Cyber and Information Security Research Conference. New York:ACM, 2016:Article No. 13. [7] HUTCHINS E M, CLOPPERT M J, AMIN R M. Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains[EB/OL].[2017-01-24]. http://www.lockheedmartin.com/content/dam/lockheed/data/corporate/documents/LM-White-Paper-Intel-Driven-Defense.pdf?__hstc=24651237.ec7d57cd5d75bb934ed81dd4f337ee29.1415232000057.1415232000058.1415232000059.1&__hssc=24651237.1.1415232000060&__hsfp=3972014050. [8] DOHERTY S, BANERJEE D. Orchestrating Software Defined Networks (SDN) to disrupt the APT kill chain[EB/OL].[2016-12-07]. https://wenku.baidu.com/view/9c8b8d460c22590103029d15.html. [9] LI M, HUANG W, WANG Y, et al. The study of APT attack stage model[C]//Proceedings of the 2016 IEEE/ACIS 15th International Conference on Computer and Information Science. Washington, DC:IEEE Computer Society, 2016:1-5. [10] FAWAZ A, BOHARA A, CHEH C, et al. Lateral movement detection using distributed data fusion[C]//Proceedings of the 2016 IEEE 35th Symposium on Reliable Distributed Systems. Washington, DC:IEEE Computer Society, 2016:21-30. [11] HONG J. The state of phishing attacks[J]. Communications of the ACM, 2012, 55(1):74-81. [12] O'GORMAN G, MCDONALD G. The elderwood project[R]. Mountain View, CA:Symantec Corporation, 2012. [13] Penetration Testing Execution Standard. PTES technical guidelines[EB/OL].[2017-03-09]. http://www.pentest-standard.org/index.php/Main_Page. [14] 廉哲,殷肖川,谭韧,等.面向网络攻击态势的SDN虚拟蜜网研究[J].空军工程大学学报(自然科学版),2017,18(3):82-88.(LIAN Z, YIN X C, TAN R, et al. Research on SDN virtual honeynet for network attack situation[J]. Journal of Air Force Engineering University (Natural Science Edition), 2017, 18(3):82-88.) [15] HONG J B, KIM D S. Assessing the effectiveness of moving target defenses using security models[J]. IEEE Transactions on Dependable and Secure Computing, 2016, 13(2):163-177. [16] NELSON J, LIN X, CHEN C, et al. Social engineering for security attacks[C]//Proceedings of the 20163rd Multidisciplinary International Social Networks Conference on Social Informatics. New York:ACM, 2016:Article No. 6. [17] WANG L, JAJODIA S, SINGHAL A, et al. k-zero day safety:a network security metric for measuring the risk of unknown vulnerabilities[J]. IEEE Transactions on Dependable and Secure Computing, 2014, 11(1):30-44. [18] JUNGER M, MONTOYA L, OVERINK F J. Priming and warnings are not effective to prevent social engineering attacks[J]. Computers in Human Behavior, 2017, 66:75-87. [19] Global Research and Analysis Team. The Duqu 2.0 technical details[R]. Moscow:Kaspersky Lab, 2015. [20] McAfee Foundstone Professional Services and McAfee Labs. Global energy cyberattacks:"Night Dragon"[R]. Santa Clara, CA:McAfee Inc, 2011. |