Journal of the Institute of Electronics and Information Engineers (전자공학회논문지)

The Institute of Electronics and Information Engineers (대한전자공학회)
권호 표지
DOI QR코드

DOI QR Code

Forecast System for Security Incidents

보안사고 예보시스템

  • Received : 2016.03.30
  • Accepted : 2016.05.02
  • Published : 2016.06.25
Download PDF
⟨ Previous Next ⟩

Abstract

If the security incidents are occurred then, the company concentrates on the quick reaction to security incidents, reports the reason of incidents, it's problem, the result of measure to the top management team. There will be the case that actively finding problems and taking it's actions with linking the internal problems whenever external security incidents are occurred or that having only interest of problems at the moment. It is important that lasting the preventing action to prevent security incidents than not concentrating on only the security incidents are occurred. To do this, the systematical and consistent method for this should be provided. In this paper, we will provide a security incident forecast system. The security incident forecast system updates the incident induction factor which helping to forecast the potential security incidents on the database inferred from the direct security incidents which are occurred inside the company as well as the indirect security incidents which are occurred outside the company and makes interact with the incident experience and the measure process systematically. The security incident forecast system is the efficient measure about the potential security incidents in taking precaution.

기업은 대부분의 경우 보안사고가 발생하면 내부 대응절차에 따라 신속한 사고처리에 집중하고 사고원인, 문제점 및 조치결과를 최고 경영진에게 보고하면서 사고를 마무리한다. 또한 외부에서 발생한 보안사고는 그때마다 관심을 가지고 적극적으로 내부와 연결하여 문제점을 발굴하고 조치를 하는 경우와 외부의 문제로 치부하며 잠시 관심정도만 가지고 넘기는 경우도 있을 것이다. 기업은 보안사고 발생 시점에 관심과 역량을 집중하여 대응하는 것 뿐만 아니라 보안사고가 발생하지 않도록 지속적인 사고예방 활동을 하는 것이 중요하며 이를 위해 체계적이며 일관성 있고 시스템적인 방법이 제공되어야 한다. 이와 같은 목적에서 본 논문에서는 보안사고 예보시스템을 제안한다. 보안사고 예보시스템은 기업의 내부에서 일어난 직접 보안사고 뿐만 아니라, 외부에서 발생한 간접 보안사고로부터 향후 보안사고 예측에 도움이 되는 사고발생 유발인자들을 모아서 데이터베이스화하고 기업에서 가지고 있는 축적된 사고 경험과 대응 프로세스들을 시스템화하여 상호작용을 하도록 만드는 것이다. 보안사고 예보시스템은 잠재적으로 발생할 수 있는 사고의 예방조치활동에 효과적인 대안이 될 수 있을 것이다.

Keywords

References

  1. Anonymous attack http://www.datanews.co.kr/news/article.html?no=90099
  2. Dae-Young Lee, "A Study on Personal Data Hacking Case to build Corporate Security and Counter Strategy: Focused on HYUNDAI CAPITAL hacking case(2011)", Journal of Security Engineering, v.10, n.4, 2013. 08.
  3. Dae-Young Lee, Jin-Hong Jeong, "A Case Study of Employee Privacy leaks and Fraud during B2B transaction -Focused on Man in the Middle attack case-", Journal of Security Engineering, V.12, N.5, pp.501-514, 2015. https://doi.org/10.14257/jse.2015.10.02
  4. The industrial espionage technology leakage situation of the domestic industry: http://m.blog.daum.net/torabora/13653348
  5. Shipbuilding technology leaks: http://www.boannews.com/media/view.asp?idx=8511
  6. March 1st Cyber attacks http://www.dt.co.kr/contents.html?article_no=2010030202010251739002
  7. NIST, Computer Security Incident Handling Guide.
  8. NIST, Cyber Security Framework, Cyber Security Issue, 2013.10.
  9. Jungduk Kim, "The Management System and Governance for Personal Information", Journal of the Korean Institute of Information Security and Cryptology, v.18, n.6, pp 1-5, 2008.12.
  10. Yoo, Jin-Ho ; Jie, Sang-Ho ; Lim, Jong-In, "Estimating Direct Costs of Enterprises by Personal Information Security Breaches", Journal of the Korean Institute of Information Security and Cryptology, v.19 no.4, pp.63-75, 2009.
  11. You, Seung Dong ; Yoo, Jinho, "Determinants of Willingness To Pay for Personal Information Protection." Journal of the Korean Institute of Information Security and Cryptology, v.24 no.4, pp 695-703, 2014. https://doi.org/10.13089/JKIISC.2014.24.4.695
  12. ISO, "ISO/IEC 27001-information security management", 2013: The ISO 27000 family of standards helps organizations keep information assets secure.
  13. KISA, "Personal Information Protection and Management System (PIMS) certification by bulletin (Broadcasting Communications Commission Notice No. 2013-17), http://isms.kisa.or.kr/kor/notice/dataView.jsp ?p_No=132&b_No=132&d_No=12, Mar.12. 2014"