中圖分類號： TP393
文獻標識碼： A
DOI： 10.19358/j.issn.2096-5133.2022.05.004
引用格式： 姚卓. 基于實戰化的集團企業網絡安全主動防御技術研究與實踐[J].信息技術與網絡安全，2022，41(5)：25-31.

Research and practice of active defense technology based on actual combat for cyberspace of group companies

Abstract： In the face of the complex and changeable international cyberspace security situation and the increasingly severe threat of cybersecurity attacks, aiming at security threat of collectivized industry intelligent manufacturing enterprises, such as host security, device security, network security, data security, business security and other security threats, this paper discusses the key technologies and strategies for preventing network confrontation based on actual combat, including threats active trapping system design based on network confrontation, security automatic orchestration technology based on hierarchical classification, equipment monitoring technology based on lightweight zero-trust strategy, data security protection technology for full life cycle control and network supplies chain，etc. It also discusses in detail the practical cybersecurity operation practices and measures, covering adversarial network emergency training based on the combination of the comprehensive convergence of the exposed surface of interconnected attacks and peacetime and wartime combining, the network emergency measures in different security periods, and the platform linkage and security operation responding to malicious attacks.

Key words : active defense；trap technology；classification and grading；situational awareness；security operation