Towards Mitigating APT Attacks with Zero-Trust Networks Access Control Model

With the deepening militarization of global cyberspace, cyber threats have evolved into Advanced Persistent Threats (APTs), characterized by high targeting, persistence, and destructiveness, rendering traditional perimeter based defenses ineffective. In response, researchers have proposed the zero-trust architecture, which enforces strict identity verification for all access requests, whether external or internal, to reduce the attack surface and mitigate APTs lateral movement. However, zero-trust remains largely a conceptual framework rather than a standardized technical solution, with existing approaches primarily integrating conventional security mechanisms under zero-trust principles without systematically deconstructing threats from an APT countermeasure perspective. Consequently, these methods struggle to identify APTs at the tactical and technical level or accurately assess and mitigate APT risks. To address the above problems, this paper proposes a access control method within zero-trust network for APT mitigation. Firstly, this paper identifies APT tactics, techniques, and procedures that threaten zero-trust by leveraging MITRE ATT&CK mitigations and zero-trust maturity models. Next, this paper designs an attack detection algorithm using Sigma rules, correlating historical entity behavior with security alerts to uncover APT indicators. Finally, this paper establishes a risk assessment framework for network entities based on APT behavioral patterns, devises a trust computation model tailored to APTs, and implements dynamic access control policies weighted by entity trust levels. The experimental results demonstrate the method’s feasibility and effectiveness, achieving 93.1% APT attack detection rate, offering a new approach for mitigating APT attacks.