Journal of KIISE:Computing Practices and Letters (한국정보과학회논문지:컴퓨팅의 실제 및 레터)

Korean Institute of Information Scientists and Engineers (한국정보과학회)
권호 표지

Markov Chain Model-Based Trainee Behavior Pattern Analysis for Assessment of Information Security Exercise Courses

정보보안 훈련 시스템의 성취도 평가를 위한 마코브 체인 모델 기반의 학습자 행위 패턴 분석

  • 이택 (고려대학교 컴퓨터전파통신공학과) ;
  • 김도훈 (고려대학교 컴퓨터전파통신공학과) ;
  • 이명락 (고려대학교 컴퓨터전파통신공학과) ;
  • 인호 (고려대학교 컴퓨터전파통신공학과)
  • Received : 2010.08.10
  • Accepted : 2010.10.15
  • Published : 2010.12.15
Download PDF
⟨ Previous Next ⟩

Abstract

In this paper, we propose a behavior pattern analysis method for users tasking on hands-on security exercise missions. By analysing and evaluating the observed user behavior data, the proposed method discovers some significant patterns able to contribute mission successes or fails. A Markov chain modeling approach and algorithm is used to automate the whole analysis process. How to apply and understand our proposed method is briefly shown through a case study, "network service configurations for secure web service operation".

본 논문에서는 정보보안 실습 훈련 과정 동안에 참여자들이 보이는 행동 패턴들을 관찰 분석하고 주어진 실습 미션의 성패를 결정짓는 행위 패턴을 추정하는 마코브체인 행위 모델링 기법과 알고리즘을 제안한다. 제안 알고리즘은 미션의 성공에 가장 큰 공헌을 하는 행위 패턴은 어떤 것이고 반대로 실패를 유도하는 행위 패턴용 어떤 것인가를 분석 평가하는데 활용된다. 제안 방법의 적용 및 실효성 검증을 위해 사례연구로서 "불필요한 네트워크 서비스 차단"에 관한 미션 수행 데이터를 분석하였다.

Keywords

References

  1. Lance J. Hoffman, Tim Rosenberg, Ronald Dodge, and Daniel Ragsdale, "Exploring a National Cybersecurity Exercise for Universities," IEEE SECURITY & PRIVACY, Sep./Oct. 2005.
  2. Taek Lee, Dohoon Kim, Yeonkyun Shin, Seungyong Shin, and Hoh Peter In, "An Architecture of Virtual Security Training Laboratory for Cybersecurity Exercise," Proceedings of The 30th Korea Information Processing Society Fall Conference, vol.15, no.2, pp.1462-1464, Nov. 2008.
  3. Ji Hu, Christoph Meinel, and Michael Schmitt, "Tele-lab IT security: an architecture for interactive lessons for security education," Proceedings of the 35th SIGCSE technical symposium on Computer science education, 2004.
  4. Jeremiah K. Jones and Gordon W. Romney, "Honeynets: an educational resource for IT security, Proceedings of the 5th conference on Information technology education, 2004.
  5. Online information security e-learning center (http:// www.sis.or.kr)
  6. Alfredo Milani, Judit Jasso, and Silvia Suriani, "Modeling Online User Behavior," IEEE International Conference on e-Business Engineering, pp.22-24, Oct. 2008.
  7. Jose A. Iglesias, Plamen Angelov, Agapito Ledezma, and Araceli Sanchis, "Modeling Evolving User Behaviours," Evolving and Self-Developing Intelligent Systems, 2009.
  8. Ashish Garg, Ragini Rahalkar, Shambhu Upadhyaya, and Kevin Kwiat, "Profiling Users in GUI based Systems for Masquerade Detection," IEEE Information Assurance Workshop, pp.48-54, 2006.
  9. Debin Gao, Michael K. Reiter, and Dawn Song, "Behavioral Distance for Intrusion Detection," RAID 2005, LNCS 3858.