<noframes id="vfxvr">

    <track id="vfxvr"></track>

      <span id="vfxvr"></span>

          ATT&CK-CN V1.01 Last Update: 2019-11 [返回索引頁]

          譯者: 林妙倩(清華大學網絡研究院網絡空間安全實習生)、戴亦侖(賽寧網安) 原創翻譯作品,如果需要轉載請取得翻譯作者同意。

          數據來源:ATT&CK Matrices

          原文: https://attack.mitre.org/techniques/T1493

          術語表: /attack/glossary

          傳輸數據操作

          攻擊者可以更改數據到存儲或其他系統的路徑,以操縱外部結果或隱藏活動。通過操縱傳輸的數據,對手可能會嘗試影響業務流程,組織理解和決策。

          可以通過網絡連接或在系統進程之間進行操縱,其中有機會部署將攔截和更改信息的工具。修改的類型及其影響取決于目標傳播機制以及對手的目的和目標。對于復雜的系統,對手可能需要特殊的專業知識,并且可能需要訪問與該系統相關的專用軟件,這通常是通過長時間的信息收集活動來獲得的,以產生所需的影響。

          Adversaries may alter data en route to storage or other systems in order to manipulate external outcomes or hide activity. By manipulating transmitted data, adversaries may attempt to affect a business process, organizational understanding, and decision making.

          Manipulation may be possible over a network connection or between system processes where there is an opportunity deploy a tool that will intercept and change information. The type of modification and the impact it will have depends on the target transmission mechanism as well as the goals and objectives of the adversary. For complex systems, an adversary would likely need special expertise and possibly access to specialized software related to the system that would typically be gained through a prolonged information gathering campaign in order to have the desired impact.

          標簽

          ID編號: T1493

          策略: 影響

          平臺: Linux,macOS,Windows

          所需權限:user,administrator,root,SYSTEM

          數據源: 數據包捕獲,網絡協議分析

          影響類型: 完整性

          程序示例

          名稱 描述
          APT38 (G0082) APT38 已使用DYEPACK來處理到打印機的SWIFT消息。
          LightNeuron (S0395) LightNeuron能夠在傳輸過程中修改電子郵件內容,標頭和附件。
          Name Description
          APT38 (G0082) APT38 has used DYEPACK to manipulate SWIFT messages en route to a printer.
          LightNeuron (S0395) LightNeuron is capable of modifying email content, headers, and attachments during transit.

          緩解措施

          緩解 描述
          加密敏感信息 (M1041) 對所有重要數據流進行加密,以減少量身定制的修改對傳輸中的數據的影響。
          Mitigation Description
          Encrypt Sensitive Information (M1041) Encrypt all important data flows to reduce the impact of tailored modifications on data in transit.

          檢測

          如果沒有適當的工具,則很難通過網絡檢測數據的操作。在某些情況下,關鍵文件在通過網絡時可能會使用完整性驗證檢查(例如文件哈希)。對于一些涉及數據傳輸的關鍵過程,手動或帶外完整性檢查對于識別操縱數據可能很有用。

          Detecting the manipulation of data as at passes over a network can be difficult without the appropriate tools. In some cases integrity verification checks, such as file hashing, may be used on critical files as they transit a network. With some critical processes involving transmission of data, manual or out-of-band integrity checking may be useful for identifying manipulated data.

          欧美日韩国产亚洲,天天射影院,大芭蕉天天视频在线观看,欧美肥老太牲交大片,奇米色888,黄三级高清在线播放,国产卡一卡二卡三卡四,亚洲第一黄色视频 日韩中文字幕中文有码,日本A级作爱片一,奇米第四,三级片短片视频免费在线观看,奇米网狠狠网,影音先锋色AV男人资源网,日本丰满熟妇hd 日本日韩中文字幕无区码,涩 色 爱 性,天天射影视,中文字幕制服丝袜第57页,777米奇影院奇米网狠狠,尤物TV国产精品看片在线,欧洲女同牲恋牲交视频 久久AV天堂日日综合,亚洲性爱影院色yeye,日韩亚洲欧美Av精品,十八禁全身裸露全彩漫画,奇米网影视,人人爽人人澡人人人妻,动漫AV专区,天天色综合影院 日韩精品中文字幕,特级无码毛片免费视频,人妻少妇不卡无码视频,制服丝袜有码中文字幕在线,深爱激动情网婷婷,影音先锋全部色先锋,香港三级日本三级韩级人妇 日韩欧美亚洲综合久久在线视频,2021XX性影院,玖玖资源站最稳定网址,日韩亚洲制服丝袜中文字幕,国产超碰人人模人人爽人人喊,先锋色熟女丝袜资源 很黄特别刺激又免费的视频,2021一本久道在线线观看,色中娱乐黄色大片,日本高清不卡在线观看播放,97国产自在现线免费视频,国产在线精品亚洲第一区 免费中文字幕精品一区二区 视频,狠狠爱俺也色,天天好逼网,日韩制服丝袜,国产女人大象蕉视频在线观看,国产 精品 自在 线免费,午夜时刻在线观看