在資安威脅的演進中,大規模的攻擊行為已不多見,網路攻擊新趨勢已朝向「個人化」發展,因而現今企業機關資料洩漏事故已大為增加,對於任何規模的公司與機關來說這都屬於最不利的狀況,被鎖定的公司不僅會有損失商譽風險,也可能造成以百萬計的損失,促使目標式攻擊是近來最熱門的資安議題之一。
本研究針對目標式攻擊,透過整合不同的網路安全設備資訊,依攻擊行為以不同的設備偵測,將各日誌匯入雲端平台進行儲存、整合、分析,進而降低受到攻擊與遭竊取重要資訊的機會,在目標式攻擊不易偵測與大量日誌需整合的環境下,以最短的時間做出應對措施,並斷絕未來可能發生之攻擊。
Due to the progress of information security and files stolen, a large-scale cyber-attack is ubiquitous in these days. To prevent the target-attack is very important and has become a trend. Nowadays, the leakage of confidential information has increasingly influenced the government and enterprises. To the company, property and the reputation will also be impacted if a company did not implement a privacy methodology to protect the data. However, the information security problems have become a serious issue.
In these huge logs, the target-attack is not easy to detect in the data processing procedure. In this study proposed an efficiency detection platform through using these logs from the different networking devices. We import the data in the cloud platform to storage, integrate, analysis and report the security weakness, hoping to enhance the security and prevent the attack immediately in the future.
