APT

20167

ZTE Corporation. All rights reserved

2

APT

2009-2010

2007-2011

(2009)

2006-2010

Duqu(2007-2012)

2010-2012

2010-2011

2003-2013

TAO1998-2013

RSA2011

APT12009

2011-2012

2007-2013

Heartbeat2009-2012

2014-11

KBS2003-2013

2015.12

2004-2013

Winnti(2009-2013)

Safe2012-2013

Hangover2010-2013

Darkhotel APT2008

APT

\

ZTE Corporation. All rights reserved

3

\APT

APT

\

APT

ZTE Corporation. All rights reserved

4

ZTEAPTAPT

Internet

0%

10%

20%

30%

40%

50%

60%

0%

20%

40%

60%

80%

100%

+ + +

92%

ZTE Corporation. All rights reserved

5

APTAPT

IDC

IDCProvider

APT

ZTE Corporation. All rights reserved

6

AIDCProvider

Internet

2\3

2\3

Internet/

ZTE Corporation. All rights reserved

7

BIDCProvider

A

IDC/

ZTE Corporation. All rights reserved

8

C\

Internet

LOG

ZTE Corporation. All rights reserved

9

\

\

ZTE Corporation. All rights reserved

10

TCP

UDP

DNS

HTTP

DHCP

FTP

.

TTL .

.

ZTE Corporation. All rights reserved

11

APT

AA

ABC

A

B C

Internet

ZTE Corporation. All rights reserved

12

A

Internet

HTTP HTTP

B

TCP TCP

D1/D2/D3

DHCP Server

IP

E

IP

F

ABAWEB

A

IPD1\D2\D3EF

G,DHCP

D1\D2\D3

IPMAC

ZTE Corporation. All rights reserved

13

A->-

>3%

A

Login?ID=XXX

0.03

xxx.yyy.com

0.8 0.6 0.9 0.70.9

0.1 0.05 0.2 0.030.02

ZTE Corporation. All rights reserved

14

ZTEAPT

5000+PC20+4Gbps

30+

ZTE Corporation. All rights reserved

15

ZTEAPT

8+

>10

(Mcafee)

Virustotal(50