This project, led by Prof. Zhang Fan from CCST, was supported by the Key R&D program in 2023. The project focuses two scientific problems, i.e., the stealth mechanism of cyber threats on end host, as well as their out-of-band characteristics and how to perform deception-based active defense. It will propose a theoretical framework for identification, forensics and attribution of highly concealed cyber threats. In addition, the researchers propose out-of-band analysis-based cyber threat detection and forensics methods, and design ultimate emulation-based micro-honeypots for active entrapment. Finally, they will develop an end host-based highly-concealed cyber threat detection prototype system, and conduct evaluation for national and industry-level cyber threat mitigation. The output of the project is expected to provide strong support for promoting national cybersecurity and high-quality development of the digital economy.
