Aiming at the problem that the attack chain model for the attack phase is too small to indicate the means of attack, an Advanced Persistent Threat (APT) Hierarchical Attack Representation Model (APT-HARM) was proposed. By summarizing the analysis of a large number of published APT event reports and reference APT attack chain model and HARM, the APT attack was divided into into two layers, the upper layer attack chain and the lower layer attack tree, which were formally defined. Firstly, the APT attack was divided into four stages:reconnaissance, infiltration, operation and exfiltration and the characteristics of each stage were studied. Then, the attack methods in each stage were studied, and the attack tree was composed according to its logical relationship. APT attacks were carried out in stages according to the attack chain, and the attack of each stage was performed in accordance with the attack tree. The case study shows that the model has the advantages of reasonable granularity classification and better attack description compared to the attack chain model. APT-HARM formally defines the APT attack, which provides an idea for the prediction and prevention of APT attacks.

Problem of intranet security is almost birth with network interconnection, especially when the demand for network interconnection is booming throughout the world. The traditional technology can not achieve both security and connectivity well. In view of this,a method was put forward based on trusted computing technology. Basic idea is to build a trusted model about the network interconnection system,and the core part of this model is credible on access to the person's identity and conduct verification:first, the IBA algorithm is reformed to design an cryptographic protocol between authentication system and accessors,and the effectiveness is analyzed in two aspects of function and accuracy; second,an evaluation tree model is established through the analysis of the entity sustainable behavior, so the security situation of access terminals can be evaluated.At last,the evaluation method is verified through an experiment.