Detection and Defense Methods of Cyber Attacks

Cyberspace has been threatened by attacks ever since its birth. With the development of the information technologies, especially big data and artificial intelligence, many kinds of cyber attacks are emerging every day, causing severe consequences to society. Meanwhile, intelligent defense methods are proposed to detect these attacks. Such attack and defense methods are constantly being renovated. In particular, advanced persistent threats are intensifying. How to effectively prevent this type of attack has become the a vital problem in recent years. The detection and defense technologies have made great progress. This chapter mainly discusses the research progress of APT attack detection and defense strategies at home and abroad, and focuses on the practice of using machine learning methods to perform attack detection while elaborating on traditional attack detection methods. We also introduce game theory based defense strategy to find the best defense strategy in limited resources, dynamic information flow tracking and cloud platform. With the development of knowledge representation, how to use the MDATA model to characterize the APT attacks is also be discussed in this chapter.