Analysis of APT Attack Source Tracing in Industrial Internet Environment

With the development of industrial control systems (ICS), advanced persistent threat (APT) attacks have become one of the important security threats faced by ICS. In recent years, APT attacks against industrial control systems are common. As an important means to improve active network security defense, APT attack source tracing can improve the timeliness and effectiveness of the defense. This paper introduces the current situation, characteristics and problems of APT attack source tracing in the industrial control system. Based on the introduction of the APT attack source tracing of traditional business systems, we discuss the attack methods and source tracing methods of APT attacks under industrial control system. Besides, the current APT source tracing methods also be reviewed. We clarify the current difficulties and challenges of APT attack source tracing and propose corresponding solutions, which could provide a reference for the key infrastructure industry to trace the source of industrial control APT attacks.