Antiy Labs Attended 2018 Civil Aviation Network Security Conference, Helping Strengthen Civil Aviation Network Security
2018 Civil Aviation Network Security Conference on the theme of “Civil Aviation Network Security in the New Age” was held in Tianjin from September 19th to 20th. This conference was guided by the Civil Aviation Administration of China, and was hosted by Civil Aviation University of China. More than 500 attendees, including leaders, experts, and network security practitioners from inside and outside the civil aviation industry gathered together, to focus on the hotspots of civil aviation network security. As the network security national team leading the development of threat detection and defense capabilities, Antiy Labs participated in the conference and exchanged network security protection concepts and technical achievements with experts inside and outside the civil aviation industry, and discussed the development strategy of civil aviation network security in the new age.
At the main forum of the conference, Pan Xuanchen, the chief technology officer of Antiy, gave a speech "Network Security Defense Thinkingwith Enemy Assumption". In the speech, he introduced the technological achievements Antiy accumulated in cyber threat confrontation, trying to integrate cyber security defense practice into civil aviation field, and made a perfect and concrete introduction to “enemy assumption”. He also shared Antiy’s ideas for promoting critical information infrastructure defense. He said that the systemic capability building of network security is an evolving process, consisting of infrastructure security, defense in depth, situational awareness, active defense and threat intelligence overlay.
In the sub-forum of “Network Security Analysis and Protection Technology”, Wang Xiaofeng, R&D Vice President of Antiy, gave a speech on “Application of Threat Situational Awareness in Monitoring, Early Warning and Emergency Response”. He pointed out that the planning and construction of situational awareness capability should be guided by "a comprehensive, dynamic, integrated and active network security defense system", which includes 5 key capabilities: "perceive threats", "understand and analyze threats", "predict on-coming attacks", and "linked response" and “cooperative intelligence and accumulated knowledge”.
At the same time, he introduced Antiy’s main R&D direction in situational awareness, including “achieve full-element data collection and threat perception capabilities by combing comprehensive monitoring and on-demand acquisition”, “achieve effective threat understanding based on knowledge and in-depth analysis”, "achieve reasonable attack prediction capabilities based on vulnerabilities, attackers and other intelligence", "achieve rapid response and linkage capabilities by linking devices, tools, personnel and environment", and "achieve intelligence cooperation capabilities by using intelligence and production intelligence”.
Antiy has long-term independent research and development in threat detection engine, host protection, traffic monitoring, dynamic and static analysis, APT in-depth analysis, and big data security analysis. In recent years, Antiy has developed and implemented a monitoring situational awareness solution for many national/local authorities and administrative departments, and was highly praised by users. These efforts also promoted Antiy’s thinking on the rules and solutions of network security construction under the scenario of “high information value, high protection level and high threat confrontation”, thus re-recognizing the situational awareness and active defense demands of important information systems and key information infrastructure. Under the accumulated experience of monitoring situational awareness, we will continue to strengthen R&D investment in actual situational awareness, and work hard to build a practical situational awareness system together with key infrastructure managers and customers. Based on comprehensive and continuous monitoring capabilities, we will gradually form analysis and prediction capabilities, establish system-personnel collaborative operation mechanism, guide various defense mechanisms, to jointly respond to threats, and promote the evolution of the security capability building for customers.
As the basic tool of national transportation, civil aviation industry bears important responsibility of people’s daily travel and logistics transportation. It is part of the key infrastructure. Its network security directly affects national security, social development and people’s daily life. In recent years, Antiy has been playing a key role in “Civil Aviation Network and Information Security Management Platform” for Civil Aviation Administration of China, “network security protection of C919 large aircraft in the first flight” for China Commercial Aircraft, “information security risk assessment service” for China International Airlines, “network security comprehensive security service” for Capital Airport, "information system product threat modeling service" for China Airways and other projects, and won the praise of customers. By participating in this conference, Antiy expects to conduct in-depth exchanges with more civil aviation customers, and contribute to the construction of the network security capability system of the civil aviation industry.