""""
""""
......
NIPRNET JWICS
· ()
1.""
"(Stuxnet)""(Duqu)"" (Flame)"
-
""
IT
""""
?
?
?
?
01
02
03
I
II
III
I
II
I
10kV
II
DMZ
III
III
1
2
3
3
3
/
2
1
Conf VM Log
Conf VM Log
Conf VM Log
cmd VM Data
cmd VM Data
Network Activity Analysis 01
Security Analysis 02
Analysis Module 03
cmd VM Data
Zotob Stuxnet Flame Duqu Havex
Source
Process
Output
......
· 30
· 2017 3 702020 140
""
CTF
/
""
......
/
·
·
·
·
(
""
)
......
KLEE
Angr AFL
Exploit Shellcod e
""
"" ""
ODIDA WinDbg gdb
OOP
PE
Bin
ELF
Windows
Windows Windows
Windows Windows
Windows
Windows Windows
Windows Windows
UID
Linux Linux
Linux
· ·
""
375214020016
· · 1. pragyon CTF 20182018-3-4, Online Jeopardy92606 · 2. XCTF N1CTF 20182018-3-10, Online Jeopardy 85517 · 3. b00t2root CTF 2018, 2018-3-17, Online Jeopardy 9134 · 4. 20182018-3-24, Online Jeopardy 1602140 · 5. TCTF20182018-3-31, Online Jeopardy 28/115106/699 · 6. DDCTF20182018-4-13, Online Jeopardy 291601 · 7. · 8.11+ · 9."" · 10.""19 · 11. 12 · 12. "+" · 13. DataCon · 14. IJCAI-19 · 15. TCTF12
THANKS