Abstract: High security level protection objects are generally threelevel or above protection systems, which are extremely important protection objects. However, at present, the evaluation of high security level protection objects focuses on compliance security evaluation, and the evaluation work is limited to static security configuration inspection. It is difficult to confirm the actual utility of security mechanisms and security products, and there is a lack of antiattack ability evaluation of such protection objects. Therefore, this paper analyzes the antiattack capability evaluation requirements of the high security level system, and puts forward the antiattack capability evaluation model based on the APT threat path. By constructing APT threat capability library in the high security level system, different types of APT organizations are simulated to analyze the protection capability of the level protection object. In this paper, the construction method and key technologies of threat capability model are presented, and the model is implemented. Finally, this paper constructs 520 threat path test cases to test and evaluate the antiattack ability of the evaluation object.Key words advanced persistent threat; evaluation model; threat capability model; APT; classified security protection

Key words: advanced persistent threat, evaluation model, threat capability model, APT, classified security protection

摘要： 高安全等级保护对象一般是三级以上的保护系统，是极其重要的保护对象，但是，当前高安全等级保护对象测评偏重于合规性安全评估，测评工作限于静态性安全配置检查，安全机制及安全产品的实际效用难以确认，缺乏等保对象的抗攻击能力评估.因此，分析了高安全等级系统的抗攻击能力测评需求，提出了基于APT威胁路径的抗攻击能力测评模型，通过构建高安全等级系统APT威胁能力库，模拟实现不同类型的APT组织来分析等级保护对象的保护能力.给出了威胁能力模型的构建方法以及关键技术的阐述，并对模型进行了实现.最后，通过构建520个威胁路径测试用例，以测试和评估测评对象的抗攻击能力.关键词高级持续威胁；测评模型；威胁能力模型；APT；等级保护

关键词: 高级持续威胁, 测评模型, 威胁能力模型, APT, 等级保护