跳转到内容

File:Intrusion Kill Chain - v2.png

页面内容不支持其他语言。
這個文件來自維基共享資源
维基百科,自由的百科全书

原始文件 (950 × 681像素,文件大小:158 KB,MIME类型:image/png


Understanding the graphic

Computer scientists at Lockheed-Martin corporation described in 2011 the usage of a new "intrusion kill chain" framework or model to defend computer networks.[1] They wrote that attacks may occur in stages and can be disrupted through controls established at each stage. The kill chain can also be used as a management tool to help continuously improve network defense. Threats must progress through seven stages in the model:

  • Reconnaissance: Intruder selects target, researches it, and attempts to identify vulnerabilities in the target network.
  • Weaponization: Intruder creates remote access malware weapon, such as a virus or worm, tailored to one or more vulnerabilities.
  • Delivery: Intruder transmits weapon to target (e.g., via e-mail attachments, websites or USB drives)
  • Exploitation: Malware weapon's program code triggers, which takes action on target network to exploit vulnerability.
  • Installation: Malware weapon installs access point (e.g., "backdoor") usable by intruder.
  • Command and Control: Malware enables intruder to have "hands on the keyboard" persistent access to target network.
  • Actions on Objective: Intruder takes action to achieve their goals, such as data exfiltration, data destruction, or encryption for ransom.

A U.S. Senate investigation of the 2013 Target Corporation data breach included analysis based on the Lockheed-Martin kill chain framework. It identified several stages where controls did not prevent or detect progression of the attack.[2]

References

摘要

描述
English: Intrusion kill chain for information security
日期
来源 http://www.public.navy.mil/spawar/Press/Documents/Publications/03.26.15_USSenate.pdf
作者 U.S. Senate Committee on Commerce, Science, and Transportation

许可协议

Public domain
本文件是由美国海军的军官或雇员,基于其个人公务目的拍摄或制作的作品。作为美国联邦政府作品,本文件在美国属于公有领域
本文件已被确认为免除已知的著作权法限制(包括所有相关权利)。

说明

添加一行文字以描述该文件所表现的内容

此文件中描述的项目

描繪內容

文件历史

点击某个日期/时间查看对应时刻的文件。

日期/时间缩⁠略⁠图大小用户备注
当前2016年6月30日 (四) 17:242016年6月30日 (四) 17:24版本的缩略图950 × 681(158 KB)FarcasterUser created page with UploadWizard

以下2个页面使用本文件:

全域文件用途

以下其他wiki使用此文件:

元数据