TIIS (Çѱ¹ÀÎÅͳÝÁ¤º¸ÇÐȸ)
Current Result Document :
| ÇѱÛÁ¦¸ñ(Korean Title) |
Cyber-attack group analysis method based on association of cyber-attack information |
| ¿µ¹®Á¦¸ñ(English Title) |
Cyber-attack group analysis method based on association of cyber-attack information |
| ÀúÀÚ(Author) |
Kyung-ho Son
Byung-ik Kim
Tae-jin Lee
|
| ¿ø¹®¼ö·Ïó(Citation) |
VOL 14 NO. 01 PP. 0260 ~ 0280 (2020. 01) |
Çѱ۳»¿ë
(Korean Abstract) |
|
¿µ¹®³»¿ë
(English Abstract) |
Cyber-attacks emerge in a more intelligent way, and various security technologies are applied to respond to such attacks. Still, more and more people agree that individual response to each intelligent infringement attack has a fundamental limit. Accordingly, the cyber threat intelligence analysis technology is drawing attention in analyzing the attacker group, interpreting the attack trend, and obtaining decision making information by collecting a large quantity of cyber-attack information and performing relation analysis. In this study, we proposed relation analysis factors and developed a system for establishing cyber threat intelligence, based on malicious code as a key means of cyber-attacks. As a result of collecting more than 36 million kinds of infringement information and conducting relation analysis, various implications that cannot be obtained by simple searches were derived. We expect actionable intelligence to be established in the true sense of the word if relation analysis logic is developed later.
|
| Å°¿öµå(Keyword) |
Cyber Threat Intelligence
Clustering
Indicator
Attack Information
Relationship
Cyber-attacker
|
| ÆÄÀÏ÷ºÎ |
PDF ´Ù¿î·Îµå
|
