Á¤º¸°úÇÐȸ³í¹®Áö (Journal of KIISE)
| ÇѱÛÁ¦¸ñ(Korean Title) |
º¸¾ÈÀ» À§ÇÑ °ø°Ý ÇàÀ§ °¨Áö ¸ÞŸ-¸ðµ¨¸µ |
| ¿µ¹®Á¦¸ñ(English Title) |
Meta-Modeling to Detect Attack Behavior for Security |
| ÀúÀÚ(Author) |
¿ÂÁøÈ£
ÃÖ¿µº¹
À̹®±Ù
Jinho On
Yeongbok Choe
Moonkun Lee
|
| ¿ø¹®¼ö·Ïó(Citation) |
VOL 41 NO. 12 PP. 1035 ~ 1049 (2014. 12) |
Çѱ۳»¿ë
(Korean Abstract) |
º» ³í¹®Àº ÇàÀ§ ¿ÂÅç·ÎÁö(Behavior Ontology)ÀÇ °³³äÀ» ±â¹ÝÀ¸·Î ÇÑ º¸¾È-Á᫐ ½Ã½ºÅÛ ¾ÈÀÇ °ø°Ý ÆÐÅÏÀ» °¨ÁöÇϱâ À§ÇÑ ¹æ¹ýÀ» Á¦¾ÈÇÑ´Ù. ÀϹÝÀûÀ¸·Î º¸¾È-Á᫐ ½Ã½ºÅÛµéÀº ¸Å¿ì ±Ô¸ð°¡ Å©°í º¹ÀâÇϸç, °¡´ÉÇÑ ¸ðµç ¹æ¹ýÀ¸·Î °ø°ÝÀÚ¿¡ ÀÇÇØ °ø°ÝµÈ´Ù. ±×·¯¹Ç·Î, °ø°Ý °¨Áö¸¦ À§ÇÑ ¸î °¡ÁöÀÇ ±¸Á¶Àû ¹æ¹ýÀ» ÅëÇØ ´Ù¾çÇÑ °ø°ÝµéÀ» °¨ÁöÇÏ´Â °ÍÀº ¸Å¿ì º¹ÀâÇÏ´Ù. º» ³í¹®Àº ÇàÀ§ ¿ÂÅç·ÎÁö¸¦ ÅëÇÏ¿© ÀÌ·¯ÇÑ ¹®Á¦¸¦ ±Øº¹ÇÑ´Ù. ½Ã½ºÅÛ ¾ÈÀÇ °ø°ÝÀÇ ÆÐÅϵéÀº ½Ã½ºÅÛÀÇ Å¬·¡½º ¿ÂÅç·ÎÁö¿¡¼ Á¤ÀÇµÈ Çൿ(Action)µéÀ» ¼ø¼¿¡ µû¶ó ³ª¿ÇÔÀ¸·Î½á Á¤ÀǵȴÙ. °ø°Ý ÆÐÅÏÀÌ ÇൿµéÀÇ ¼ø¼·Î Á¤ÀǵÊÀ¸·Î½á °ÝÀÚ¿Í °°ÀÌ Æ÷ÇÔ°ü°è¸¦ ±â¹ÝÀ¸·Î ÇÑ °èÃþÀûÀÎ ¼ø¼·Î Ãß»ó鵃 ¼ö ÀÖ´Ù. °ø°Ý ÆÐÅÏÀ» À§ÇÑ ÇàÀ§ ¿ÂÅç·ÎÁö°¡ Á¤ÀǵǸé, ´ë»ó ½Ã½ºÅÛ ¾ÈÀÇ °ø°ÝµéÀº ¿ÂÅç·ÎÁöÀÇ ±¸Á¶ ¾È¿¡¼ ÀǹÌÀûÀÌ°í °èÃþÀûÀ¸·Î °¨ÁöµÉ ¼ö ÀÖ´Ù. ´Ù¸¥ °ø°Ý ºÐ¼® ¸ðµ¨µé°ú ºñ±³Çغ¸¸é, º» ³í¹®¿¡¼ÀÇ ÇàÀ§ ¿ÂÅç·ÎÁö¸¦ ÅëÇÑ ºÐ¼®Àº ½Ã°£°ú °ø°£ÀûÀ¸·Î ¸Å¿ì È¿À²ÀûÀÌ°í È¿°úÀûÀÎ ¹æ¹ýÀÌ´Ù.
|
¿µ¹®³»¿ë
(English Abstract) |
This paper presents a new method to detect attack patterns in security-critical systems, based on a new notion of Behavior Ontology. Generally security-critical systems are large and complex, and they are subject to be attacked in every possible way. Therefore it is very complicated to detect various attacks through a semantic structure designed to detect such attacks. This paper handles the complication with Behavior Ontology, where patterns of attacks in the systems are defined as a sequences of actions on the class ontology of the systems. We define the patterns of attacks as sequences of actions, and the attack patterns can then be abstracted in a hierarchical order, forming a lattice, based on the inclusion relations. Once the behavior ontology for the attack patterns is defined, the attacks in the target systems can be detected both semantically and hierarchically in the ontology structure. When compared to other attack models, the behavior ontology analysis proposed in this paper is found to be very effective and efficient in terms of time and space
|
| Å°¿öµå(Keyword) |
ÇàÀ§ ¿ÂÅç·ÎÁö
ÆÐÅÏ
Ãß»óÈ
º¸¾ÈÁ߽ɽýºÅÛ
¸ÞŸ¸ðµ¨
|
| ÆÄÀÏ÷ºÎ |
PDF ´Ù¿î·Îµå
|
