Journal of Convergence for Information Technology (융합정보논문지)

Convergence Society for SMB (중소기업융합학회)
권호 표지
DOI QR코드

DOI QR Code

Integrated Monitoring System using Log Data

로그 데이터를 이용한 통합모니터링 시스템

  • 전병진 (동명대학교 정보보보학과) ;
  • 윤덕병 (동명대학교 경영학과) ;
  • 신승수 (동명대학교 정보보보학과)
  • Received : 2017.02.03
  • Accepted : 2017.02.20
  • Published : 2017.02.28
Download PDF
⟨ Previous Next ⟩

Abstract

In this paper, we propose to implement an integrated monitoring system using log data to reduce the load of analysis task of information security officer and to detect information leak in advance. To do this, we developed a transmission module between different model DBMS that transmits large amount of log data generated by the individual security system (MSSQL) to the integrated monitoring system (ORACLE), and the transmitted log data is digitized by individual and individual and researches about the continuous inspection and measures against malicious users when the information leakage symptom is detected by using the numerical data.

본 논문에서는 정보보안 담당자의 분석 업무 부하를 줄이고, 신속한 정보유출 감지를 위해 로그 데이터를 이용한 통합모니터링 관리시스템을 구현을 제안한다. 이를 위해 개별 보안시스템(MSSQL)에서 발생하는 대용량의 로그 데이터를 통합모니터링 관리시스템(ORACLE)으로 전송하는 이(異)기종 DBMS간의 전송 모듈을 개발하고, 전송된 로그 데이터를 일자별, 개인별로 수치화하는 방법에 대해 연구하고, 수치화된 데이터를 이용해 정보유출 징후감지 시 악의적인 사용자에 대한 검사와 조치 방법에 대해 연구했다.

Keywords

References

  1. G. H. Lee and C. G. Lee, "A Study on Building Leakage Prevention System using Analysis of Information Leakage Signs," Korea Institute Of Information Security And Cryptology, REVIEW OF KIISC, Vol. 19, No. 3, pp. 70-79, Jun. 2009.
  2. J. H. Kim and H. J. Kim, "Prevention of information leakage and privacy violation," Korea Institute Of Information Security And Cryptology, REVIEW OF KIISC, Vol. 21, No. 5, pp. 45-49, Aug. 2011.
  3. A. B. Garba, J. Armarego, D. Murray and W. Kenworthy, "Review of the information security and privacy challenges in BYOD environments," Journal of Information privacy and security, pp. 38-54, 2015.
  4. D. S. Choi, G. J. Mun, Y. M. Kim and B. N. Noh, "An Analysis of Large-Scale Security Log using MapReduce," Journal of KIIT, Vol. 9, No. 8, pp. 125-132, Aug. 2011.
  5. Y. H. Kim, E. N. Huh, "Personalized Analysis System for Enterprise Log Data Analysis," Korea Institute Of Information Security And Cryptology, Korea Institute Of Information Security And Cryptology, Vol. 23, No. 6, pp. 1149-1150, Jun. 2014.
  6. J. Y. Lee and S. Y. Kang, "Design and Verification of the Integrated Log Analysis System for Enterprise Information Security," Journal of Digital Contents Society, Vol. 9, No. 3, pp. 491-498, Sept. 2008.
  7. M. K. Baek and G. S. Lee, "A Study of Influence of Data Loss Prevention based on Contents", Department of Information and Communications Graduate School of Konkuk University, 2011.
  8. S. J. Park and J. I. Lim, "A study on the development of SRI(Security Risk Indicator)-based monitoring system to prevent the leakage of personally identifiable information," Journal of the Korea Institute of Information Security & Cryptology, pp. 637-644, Jun. 2012.
  9. D. S. Kim and S. R. Kim, "A Study on Monitoring Method about Information Leakage Sign using Application Log," Journal of Korean Institute of Information Technology, pp. 83-91, 2013
  10. M. B. Hyun, S. J. Lee, "The Proactive Threat Protection Method from Predicting Resignation Throughout DRM Log Analysis and Monitor," Journal of the Korea Institute of Information Security & Cryptology, Vol. 26, No. 2, pp. 369-375, Apr. 2016. https://doi.org/10.13089/JKIISC.2016.26.2.369
  11. H. S. Ahn, E. J. Yoon, K. D. Bu, I. G. Nam, "Secure and Efficient DB Security and Authentication Scheme for RFID System," Korea Institute Of Communication Sciences, The Journal of The Korean Institute of Communication Sciences, Vol. 36, No. 4, pp. 197-206, Apr. 2011. https://doi.org/10.7840/KICS.2011.36C.4.197
  12. K. S. Yu, S. H. Im and H. B. KIM, "Technology trend and development direction of integrated log management system," Journal of the Korea Institute of Information Security & Cryptology, Vol. 23, No. 6, pp. 90-99, Dec. 2013.
  13. D. H. Seo, J. M. Baek, M. K, Lee, M. Y. Yoon and D. S. Cho, "Secure Knowledge Management for Prevent illegal data leakage by Internal users," Journal of Internet Computing and Services, Vol. 11, No. 2, pp. 73-84, Apr. 2010.