Title Detekcija, prevencija i obrana od prijetnji i napada Title (english) Detection, prevention and defense against threats and attacks Author Matija Ivšić Mentor Darko Možnik (mentor)Mentor Vinko Zebić (komentor) Committee member Zvonko Trzun (predsjednik povjerenstva)Committee member Darko Možnik (član povjerenstva)Committee member Vinko Zebić (član povjerenstva) Granter University of Zagreb Defense date and country 2024-07-01, Croatia Scientific / art field, SOCIAL SCIENCES Scientific / art field, TECHNICAL SCIENCES Abstract Detekcija, prevencija i obrana od naprednih prijetnji (APT) potrebni su elementi u održavanju sigurnosti informacijskih sustava i podataka organizacija. APT prijetnje označavaju sofisticirane cyber napade koji su često ciljani, dugotrajni i visoko koordinirani te mogu nanijeti značajnu štetu. Detekcija APT prijetnji zahtijeva napredne tehnologije poput sustava za detekciju prijetnji (IDS) i sustava za upravljanje događajima i informacijskom sigurnošću (SIEM), koji omogućuju kontinuirano praćenje mrežnog prometa i identifikaciju sumnjivih aktivnosti. Prevencija APT napada uključuje implementaciju višeslojne sigurnosne arhitekture, upotrebu naprednih sigurnosnih alata poput firewall-ova, antivirusnih programa i enkripcije podataka te redovito ažuriranje softvera radi zatvaranja sigurnosnih rupa. Obrana od APT prijetnji zahtijeva proaktivni pristup koji obuhvaća edukaciju osoblja o sigurnosnim praksama, provođenje redovitih sigurnosnih provjera i testiranja, kao i suradnju s drugim organizacijama radi dijeljenja informacija o novim prijetnjama i taktikama napadača. Sveobuhvatan pristup kombiniranja detekcije, prevencije i obrane ključan je za uspješno suzbijanje APT prijetnji i zaštitu osjetljivih informacija i infrastrukture.
Abstract (english) Detection, prevention, and defense against Advanced Persistent Threats (APTs) are key elements in maintaining the security of organizational information systems and data. APT threats denote sophisticated cyber attacks that are often targeted, prolonged, and highly coordinated, capable of causing significant harm. Detection of APT threats requires advanced technologies such as Intrusion Detection Systems (IDS) and Security Information and Event Management (SIEM) systems, enabling continuous monitoring of network traffic and identification of suspicious activities. Prevention of APT attacks involves implementing multi-layered security architectures, utilizing advanced security tools such as firewalls, antivirus programs, and data encryption, as well as regularly updating software to patch security vulnerabilities. Defense against APT threats necessitates a proactive approach involving staff education on security practices, conducting regular security audits and testing, as well as collaboration with other organizations for sharing information on new threats and attacker tactics. A comprehensive approach that combines detection, prevention, and defense is crucial for successfully mitigating APT threats and safeguarding sensitive information and infrastructure.
Keywords
kibernetička sigurnost
malver
ciljani napadi
prikrivena infiltracija
postojani pristup
tajne operacije
akteri države-nacije
društveno inženjerstvo
izvlačenje podataka
izviđanje mreže
eksploatacije nultog dana
napredne tehnike izbjegavanja
kibernetička špijunaža
dugotrajna infiltracija
zapovijedanje i nadzor (C2)
kompromitiranje krajnjih točaka
napredne tehnike malvera
prijetnje obavještajnim podacima
reakcija na incidente
kibernetička otpornost
Keywords (english)
cybersecurity
malware
targeted attacks
covert infiltration
persistent access
covert operations
nation-state actors
social engineering
data exfiltration
network reconnaissance
zero-day exploits
advanced evasion techniques
cyber espionage
long-term infiltration
command and control (C2)
endpoint compromise
advanced malware techniques
intelligence threats
incident response
cyber resilience
Language croatian URN:NBN urn:nbn:hr:249:299691 Study programme Title: Military Engineering Type of resource Text File origin Born digital Access conditions Closed access Terms of use Created on 2024-10-22 15:03:29
