2020³â ÄÄÇ»ÅÍÁ¾ÇÕÇмú´ëȸ
Current Result Document :
| ÇѱÛÁ¦¸ñ(Korean Title) |
Data Preparation for detecting Advance Persistent Threat using Network IDS Data |
| ¿µ¹®Á¦¸ñ(English Title) |
Data Preparation for detecting Advance Persistent Threat using Network IDS Data |
| ÀúÀÚ(Author) |
Indra Kumari
Taeyong Kim
Gunyang Park
Yunsoo Lee
Jungsuk Song
|
| ¿ø¹®¼ö·Ïó(Citation) |
VOL 47 NO. 01 PP. 0978 ~ 0980 (2020. 07) |
Çѱ۳»¿ë
(Korean Abstract) |
|
¿µ¹®³»¿ë
(English Abstract) |
With spreading and creating lots of opportunities under the cyber space, the risk form cyber threats are emerging to our daily life. In order to prevent critical cyber-attacks, various techniques both network and host-level has been studying nowadays. However, the threats are also evolving into intelligent attacks to extort not only private information, but crucial value from companies. Advanced Persistent Threat (APT) is considered as the most threatening cyber-attack to cause huge cyber accidents. Even though Intrusion Detection System (IDS) tries to observe all suspicious activity on the network, it is difficult to detect APTs because of lack of background data; unlike traditional cyber threats, such as DDoS, Botnet or Malware. To find a chance for APT studies, we propose the process of data preparation using network log of IDS. The processes consist of two-steps including data cleaning and preprocessing. This work is carried out by utilizing IDS dataset collected from real-world cyber security center for the duration of 1 year 6 months. |
| Å°¿öµå(Keyword) |
Data preparation
Advance persistent threat
Cyber security
Intrusion detection system
|
| ÆÄÀÏ÷ºÎ |
PDF ´Ù¿î·Îµå
|
