Á¤º¸°úÇÐȸ³í¹®Áö (Journal of KIISE)
Current Result Document :
| ÇѱÛÁ¦¸ñ(Korean Title) |
»ç·Ê ºÐ¼®À» ÅëÇÑ Áö´ÉÇü Áö¼Ó À§ÇùÀÇ ¿ä¼Ò ºÐ¼® ¹× ¸ðµ¨ ¼³°è |
| ¿µ¹®Á¦¸ñ(English Title) |
Analysis and Modeling of Advanced Persistent Threat through Case Study |
| ÀúÀÚ(Author) |
±è¹ÎÁÖ
À̼®¿ø
MinJu Kim
Seok-Won Lee
|
| ¿ø¹®¼ö·Ïó(Citation) |
VOL 46 NO. 12 PP. 1328 ~ 1338 (2019. 12) |
Çѱ۳»¿ë
(Korean Abstract) |
Áö´ÉÇü Áö¼Ó À§Çù(Advanced Persistent Threat; APT)°ø°ÝÀº »çÀ̹ö°ø°Ý ¼ö¹ý Áß Çϳª·Î ±¸Ã¼ÀûÀÎ °ø°Ý ¸ñÇ¥¿¡ ´ëÇØ Æ¯ÈµÈ ¼ö´ÜÀ» »ç¿ëÇØ °ø°ÝÇϱ⠶§¹®¿¡ ÀϹÝÀûÀÎ º¸¾È´ëÃ¥À¸·Î ¹æ¾îÇϱ⠾î·Æ´Ù. APT°ø°ÝÀ» ºÐ¼®Çϱâ À§ÇÑ ¹æ¹ýÀ¸·Î Á¦¾ÈµÈ APT ´Ü°è¸ðµ¨Àº ´Ü¼øÈ÷ °ø°ÝÀ» Ç¥ÇöÇÏ´Â ¸ðµ¨·Î »ç¿ëÇÒ ¼ö´Â ÀÖÀ¸³ª ƯÁ¤ ½Ã½ºÅÛ¿¡ ´ëÇÑ À§Çè Æò°¡¸¦ ½Ç½ÃÇϰųª º¸¾È ¿ä±¸»çÇ×À» µµÃâÇϱâ´Â ¾î·Æ´Ù. º» ³í¹®¿¡¼ ´Â ÀÌ·¯ÇÑ ±âÁ¸ ¸ðµ¨ÀÇ ÇѰ踦 ±Øº¹ÇÏ°í APT °ø°ÝÀÇ Æ¯¼ºÀ» Á¤ÀÇÇϱâ À§ÇØ ½ÇÁ¦ APT°ø°Ý »ç·Ê¸¦ ÅëÇØ APT°ø°ÝÀÇ ¿ä¼Ò¸¦ µµÃâÇÏ°í ¿ä¼Ò °£ °ü°è¸¦ Á¤ÀÇÇÏ¿© APT°ø°Ý ¿ä¼Ò ¸ðµ¨À» ¿Ï¼ºÇÏ¿´´Ù. ¶ÇÇÑ ¸ðµ¨À» ¡®APT 1¡¯À̶ó´Â ½ÇÁ¦ APT°ø°Ý »ç·Ê¿¡ Àû¿ëÇÏ¿© °ËÁõÇÑ´Ù. Á¦¾ÈÇÑ APT°ø°Ý ¿ä¼Ò ¸ðµ¨À» ÅëÇØ APT°ø°Ý¿¡ ´ëÇÑ ÀüüÀûÀÎ È帧À» ÆľÇÇÒ ¼ö ÀÖ°í »çȸ°øÇÐÀû Ãø¸é¿¡¼ÀÇ °ø°Ý ¿ä¼Ò¸¦ ºÐ·ùÇÏ¿© APT°ø°Ý »ç·Ê¸¦ ÅëÇÑ À§Çè Æò°¡ ¹× º¸¾È ¿ä±¸»çÇ× Ãßõ¿¡ ´ëÇÑ ±â¹ÝÀ» ¸¶·ÃÇÑ´Ù.
|
¿µ¹®³»¿ë
(English Abstract) |
Advanced Persistent Threat(APT) attack is one of the cyber-attack methods that continuously attacks the specific target with advanced tools. Since attackers use various methods that are specialized to targets, it is difficult to prevent the attacks with common security countermeasures. Currently, there exist various the APT attack stage models. However, the models only express APT attacks simply. Consequently, it is difficult to use them for risk assessment or as a recommendation for security requirements for a specific system. In order to overcome the limitations of such models, we derived factors of APT attack through a case study for defining the features of APT attack. We have also analyzed and defined the factors and their relationships to construct the APT attack factor model. For validation purpose, the model applied to the actual attack case has been referred to as ¡®APT 1¡¯. Through the proposed model, it would be possible to gain understanding about the overall flow of APT attacks and classify attack factors not only in terms of technical aspects but also with respect to social engineering facets.
|
| Å°¿öµå(Keyword) |
º¸¾È ¿ä±¸»çÇ×
APT °ø°Ý
»çÀ̹ö °ø°Ý ¸ðµ¨¸µ
»ç·Ê ºÐ¼®
security requirements
Advanced Persistent Threat(
cyber-attack modeling
case study
|
| ÆÄÀÏ÷ºÎ |
PDF ´Ù¿î·Îµå
|
