DOI QR코드

DOI QR Code

Convergence Performance Evaluation Model for Intrusion Protection System based on CC and ISO Standard

CC와 ISO 표준에 따른 침입방지시스템의 융합 성능평가 모델

  • 이하용 (서울벤처대학원대학교 융합산업학과) ;
  • 양효식 (이글루시큐리티(주))
  • Received : 2015.03.14
  • Accepted : 2015.05.20
  • Published : 2015.05.28

Abstract

Intrusion protection system is a security system that stop abnormal traffics through automatic activity by finding out attack signatures in network. Unlike firewall or intrusion detection system that defends passively, it is a solution that stop the intrusion before intrusion warning. The security performance of intrusion protection system is influenced by security auditability, user data protection, security athentication, etc., and performance is influenced by detection time, throughput, attack prevention performance, etc. In this paper, we constructed a convergence performance evaluation model about software product evaluation to construct the model for security performance evaluation of intrusion protection system based on CC(Common Criteria : ISO/IEC 15408) and ISO international standard about software product evaluation.

침입방지시스템은 네트워크에서 공격 서명을 찾아내어 자동으로 조치를 취하여 비정상적인 트래픽을 중단시키는 보안시스템이다. 수동적인 방어를 하는 침입차단시스템이나 침입탐지시스템과 달리 침입경고 이전에 침입을 중단시키는 개념의 솔루션이다. 침입방지시스템의 보안성 성능은 보안감사, 사용자 데이터 보호, 보안 인증 등에 좌우되며 성능은 탐지시간, 처리량, 공격차단 성능 등에 좌우된다. 본 연구에서는 이러한 침입방지시스템의 보안성 성능평가를 위한 모델을 구축하기 위해 CC(Common Criteria : ISO/IEC 15408)와 소프트웨어 제품평가에 관한 ISO 국제표준을 근간으로 하여 융합 성능평가 모델을 구성하였다.

Keywords

References

  1. Moon-Goo Lee, Secured Verification of Intrusion Prevension System Security Model Based on CPNs, Journal of the Institute of Electronics Engineers of Korea, Vol 48, No. 3, p. 76, 2011. 5.
  2. Carl Endorf, Jim Mellander and Eugene Schultz, Intrusion Detection and Prevention, Osborne Computer Book, 2004. 1.
  3. Joshua Heling, Balancing Detection and Prevention in the Deployment of network Intrusion Technology, SecurePipe white paper, 2005.
  4. ISO/IEC 15408-1:2009, Information technology -- Security techniques -- Evaluation criteria for IT security -- Part 1: Introduction and general model.
  5. ISO/IEC 15408-2:2008, Information technology -- Security techniques -- Evaluation criteria for IT security -- Part 2: Security functional components.
  6. ISO/IEC 15408-3:2008, Information technology -- Security techniques -- Evaluation criteria for IT security -- Part 3: Security assurance components.
  7. Hang-Soo Lee, Young-Soo Kim et al., Network Intrusion Prevention System Protection Profile V2.0, Korea Information Security Agency & Hannam University, 2008. 4.
  8. ISO/IEC 9126, Information Technology - Software Quality Characteristics and metrics
  9. ISO/IEC 12119, Information Technology - Software Package -- Quality requirement and testing".
  10. ISO/IEC 14598, Information Technology -- Software product evaluation -- Part 1-6.
  11. ISI/IEC 14598-6, Software engineering -- Product evaluation -- Part 6: documentation of evaluation modules, 2001.
  12. ISO/IEC 25000, Systems and software engineering -- systems and software Quality Requirements and Evaluation(SQuaRE) -- Guide to SQuaRE, 2014.
  13. ISO/IEC 25010, Systems and software engineering - Systems and software Quality Requirements and Evaluation(SQuaRE) - System and Software quality models, 2011.
  14. ISO/IEC 25020, Software engineering - Softawre product Quality Requirements and Evaluation(SQuaRE) - Measurement reference model and guide, 2007.
  15. ISO/IEC 25051, Software engineering - Systems and software Quality Requirements and Evaluation(SQuaRE) - Requirements for quality of Ready to Use Software Product(RUSP) and instructions for testing, 2014.