• Àüü
  • ÀüÀÚ/Àü±â
  • Åë½Å
  • ÄÄÇ»ÅÍ
·Î±×ÀΠȸ¿ø°¡ÀÔ About Us ÀÌ¿ë¾È³»
»çÀÌÆ®¸Ê
´Ý±â

»çÀÌÆ®¸Ê

Loading..

Please wait....

±¹³» ³í¹®Áö

Ȩ Ȩ > ¿¬±¸¹®Çå > ±¹³» ³í¹®Áö > Çѱ¹Á¤º¸Åë½ÅÇÐȸ ³í¹®Áö (Journal of the Korea Institute of Information and Communication Engineering)

Çѱ¹Á¤º¸Åë½ÅÇÐȸ ³í¹®Áö (Journal of the Korea Institute of Information and Communication Engineering)

Current Result Document :

ÇѱÛÁ¦¸ñ(Korean Title) ºòµ¥ÀÌÅÍ ºÐ¼®À» ÅëÇÑ APT°ø°Ý ÀüÁ¶ Çö»ó ºÐ¼®
¿µ¹®Á¦¸ñ(English Title) The Analysis of the APT Prelude by Big Data Analytics
ÀúÀÚ(Author) ÃÖÂù¿µ   ¹Ú´ë¿ì   Chan-young Choi   Dea-woo Park  
¿ø¹®¼ö·Ïó(Citation) VOL 20 NO. 06 PP. 1129 ~ 1135 (2016. 06)
Çѱ۳»¿ë
(Korean Abstract)		 2011³â NH³óÇù Àü»ê¸Á¸¶ºñ »ç°Ç, 2013³â 3.20 »çÀ̹öÅ×·¯ ¹× 2015³â 12¿ùÀÇ Çѱ¹¼ö·Â¿øÀÚ·Â ¿øÀü Áß¿äÀÚ·á À¯Ãâ»ç°ÇÀÌ ÀÖ¾ú´Ù. ÀÌ·¯ÇÑ »çÀ̹öÅ×·¯´Â ÇØ¿Ü(ºÏÇÑ)¿¡¼­ Á¶Á÷ÀûÀÌ°í Àå±â°£ÀÇ °ÉÄ£ °íµµÈ­µÈ APT°ø°Ý(Advanced Persistent Threat Attack)À» °¨ÇàÇÏ¿© ¹ß»ýÇÑ »çÀ̹öÅ×·¯ »ç°ÇÀÌ´Ù. ÇÏÁö¸¸, ÀÌ·¯ÇÑ APT°ø°ÝÀ» ¹æ¾îÇϱâ À§ÇÑ Å¹¿ùÇÑ ¹æ¾ÈÀº ¾ÆÁ÷ ¸¶·ÃµÇÁö ¸øÇß´Ù. APT°ø°ÝÀº ÇöÀçÀÇ °üÁ¦ ¹æ½ÄÀ¸·Î´Â ¹æ¾îÇϱⰡ Èûµé´Ù. º» ³í¹®¿¡¼­´Â ºòµ¥ÀÌÅÍ ºÐ¼®À» ÅëÇØ APT°ø°ÝÀ» ¿¹ÃøÇÒ ¼ö ÀÖ´Â ¹æ¾ÈÀ» ¿¬±¸ÇÑ´Ù. º» ¿¬±¸´Â ´ëÇѹα¹ 3°èÃþ º¸¾È°üÁ¦ ü°è Áß, Á¤º¸°øÀ¯ºÐ¼®¼¾ÅÍ(ISAC)¸¦ ±âÁØÀ¸·Î ÇÏ¿© ºòµ¥ÀÌÅÍ ºÐ¼®, APT°ø°Ý ¹× Ãë¾àÁ¡ ºÐ¼®¿¡ ´ëÇؼ­ ¿¬±¸¿Í Á¶»ç¸¦ ÇÑ´Ù. ±×¸®°í ¿ÜºÎÀÇ ºí·¢¸®½ºÆ® IP ¹× DNS Log¸¦ ÀÌ¿ëÇÑ APT°ø°Ý ¿¹Ãø ¹æ¾ÈÀÇ ¼³°è ¹æ¹ý, ±×¸®°í ÀüÁ¶Çö»ó ºÐ¼® ¹æ¹ý ¹× APT°ø°Ý¿¡ ´ëÇÑ ´ëÀÀ¹æ¾È¿¡ ´ëÇØ ¿¬±¸ÇÑ´Ù.
¿µ¹®³»¿ë
(English Abstract)		 The NH-NongHyup network and servers were paralyzed in 2011, in the 2013 3.20 cyber attack happened and classified documents of Korea Hydro & Nuclear Power Co. Ltd were leaked on december in 2015. All of them were conducted by a foreign country. These attacks were planned for a long time compared to the script kids attacks and the techniques used were very complex and sophisticated. However, no successful solution has been implemented to defend an APT attacks(Advanced Persistent Threat Attacks) thus far. We will use big data analytics to analyze whether or not APT attacks has occurred. This research is based on the data collected through ISAC monitoring among 3 hierarchical Korean Defense System. First, we will introduce related research about big data analytics and machine learning. Then, we design two big data analytics models to detect an APT attacks. Lastly, we will present an effective response method to address a detected APT attacks.
Å°¿öµå(Keyword) ºòµ¥ÀÌÅÍ ºÐ¼®   APT°ø°Ý   ÀüÁ¶ Çö»ó   »çÀ̹öÅ×·¯   Big Data Analysis   APT attack   Prelude   Cyber terror  
ÆÄÀÏ÷ºÎ PDF ´Ù¿î·Îµå

¸ñ·Ï