Journal of the Korea Academia-Industrial cooperation Society (한국산학기술학회논문지)

The Korea Academia-Industrial cooperation Society (한국산학기술학회)
권호 표지
DOI QR코드

DOI QR Code

A Research on the Effectiveness of the Vulnerability Detection Against Leakage of Proprietary Information Using Digital Forensic Methods

디지털 포렌식 기법을 통한 기업 정보유출에 대한 취약점 탐지 효율성에 관한 연구

  • Park, Yoon-Jae (Department of Convergence Industry, Seoul Venture University) ;
  • Chae, Myung-Sin (Department of Convergence Industry, Seoul Venture University)
  • 박윤재 (서울벤처대학원대학교 융합산업학과) ;
  • 채명신 (서울벤처대학원대학교 융합산업학과)
  • Received : 2017.08.21
  • Accepted : 2017.09.15
  • Published : 2017.09.30
Download PDF
⟨ Previous Next ⟩

Abstract

In the ICT (Information and Communication Technology) convergence security environment, a lot of companies use an external public web system for the external disclosure and sharing of product information, manufacturing technology, service manualsand marketing materials. In this way, the web system disclosed on the Internet is an important aspect of cyber security management and has an always-on vulnerability requiringan information protection solution and IT vulnerability checks. However, there are limits to vulnerability detection management in anexternal environment. In this study, in order to solvethese problems, we constructed a system based on digital forensics and conducted an empirical study on the detection of important information in enterprises by using forensic techniques. It was found thatdue to the vulnerability of web systems operated in Korea and overseas, important information could be revealed,such as the companies' confidential data and security management improvements. In conclusion, if a system using digital forensic techniques is applied in response to theincreasing number of hacking incidents, the security management of vulnerable areas will be strengthened and the cyber security management system will be improved.

ICT(정보통신기술) 융합보안 환경에서 수많은 기업들이 회사 내에서 생산되는 중요 자료인 제품정보, 제조기술, 서비스 매뉴얼, 마케팅 자료, 홍보자료, 기술적 자료들을 외부공개 및 공유를 위해 웹 시스템을 운영하고 있다. 이렇게 인터넷에 공개된 웹 시스템은 사이버 보안 관리에 매우 큰 영향을 주고 있고, 상시 취약점을 가지고 있어서 정보보호 솔루션과 IT 취약점 점검을 수행하고 있지만, 외부 환경에서의 취약점 탐지 관리에는 한계가 있다. 본 연구에서는 이러한 문제점을 개선하고자, 디지털 포렌식 기반의 시스템을 자체 구축하고 포렌식 기법을 활용하여 기업의 중요정보 유출 탐지에 대한 실증 연구를 수행하였다. 그 결과, 국내와 해외에서 운영하는 웹 시스템의 취약점으로 인하여 기업의 비밀자료 등 중요 정보가 노출된 것을 확인할 수 있었고 보안관리 개선 사항도 확인할 수 있었다. 결론적으로 최근 증가하는 해킹사고 대응으로 디지털 포렌식 기법을 적용한 시스템을 구축한다면 정보보안 취약 영역의 보안관리 강화와 사이버보안 관리체계 개선을 가져올 수 있을 것이다.

Keywords

References

  1. J, H, Lee, S. J. Lee, "A Study on Detection of Unknown Malicious Code Using Digital Forensic Technique", The Journal of the Institute of Information Security, vol. 24, no. 1, pp. 109-112, 2014. DOI: http://dx.doi.org/10.13089/JKIISC.2014.24.1.107
  2. Y. Y. CHO, M. J. Kim, G. H. Park, M. P. Hong, J. Kwak, T. S. Sohn, "A Study on Network Forensics based on Visualization for Detection of Abnormality Behavior", The Journal of the Institute of Information Security, vol. 27, no. 1, pp. 25-37, 2017. DOI: https://doi.org/10.13089/JKIISC.2017.27.1.25
  3. Y. H. Kim, "Implementation of Audit System Applying Forensic Analysis Technique to Network Node", The Journal of Korea Society of Electronic Commerce, vol. 14, no. 3, pp. 170-180, 2017.
  4. J. S. Hong, Nio Park, W. H. Park, "Zombie PC Detection System Model Using Active Forensic Technology", Journal of Korea Society of Electronic Commerce, vol. 17, no. 3, pp. 117-128, 2012. DOI: http://dx.doi.org/10.7838/jsebs.2012.17.3.117
  5. Y. Y. Shin, S. M. Shin, "An Empirical Study on Large-scale Digital Forensic Service", Korea Information Security Society, vol. 1, no. 2, pp. 83-100, 2010.
  6. M Rafique, MNA .Khan, "Exploring Static and Live Digital Forensics", IJSER, vol. 4, no. 10, pp. 1048-1051, 2013.
  7. A Akbal, and E Akbal, "Digital forensic analysis through Firewall for detection of information crimes in hospital networks", MIPRO, vol. 40, pp. 506-509, 2017. DOI: https://doi.org/10.23919/MIPRO.2017.7973478
  8. J. J. Jung, C. M. Lee, "Trend Analysis of Korean Fingerprint Recognition Research Using Network Analysis", Fusion Security Journal, vol. 17, no. 1, pp. 15-30, 2017.
  9. N Jain, N Bhanushali, S Gawade, and G Jawale, "Physical and Cyber Crime Detection using Digital Forensic Approach", IJAIIT, vol. 3, no. 1, pp. 834-841, 2017.
  10. Deoyani Shirkhedkar, Sulabha Patil, "Analysis of Various Digital Forensic Techniques for Cloud Computing", IJARCS, vol. 5, no. 4, pp. 104-107, 2014.
  11. H. G. Moon, S. C. Park, "Establishment of Integrated Management System for Vulnerability Diagnosis for Enhancing Corporate Security", Korean Communications, vol. 31, no. 5, pp. 39-40, 2014.
  12. J. K. Kim, "Types and Cases of Windows Infiltration". pp. 6-8, KISA, 2016.
  13. P Sundresan, N Sujata, V Cindy De, S Sitifazilah, B Samy, and G Narayana, "Comparative Studies on Mobile Forensic Evidence Extraction Open Source Software for Android Phone", Advanced Science Letters, vol. 23, no. 5, pp. 4483-4486, 2017. DOI: https://doi.org/10.1166/asl.2017.8922
  14. Michael Cohen, Darren Bilby, Germano Caronni, "Distributed forensics and incident response in the enterprise", Digital Investigation vol. 8, no. 0, pp. S101-S102, 2011. DOI: https://doi.org/10.1016/j.diin.2011.05.012
  15. Kyung Hee University, "Correlation Analysis", [Internet]. 2016, Available From: https://klas.khu.ac.kr/common/downloadFile.do?fileId=FIL_16051115271311714bb4. (accessed Aug, 18, 2017)
  16. K. A. Lee, J. W. Park, "Casinos Embezzlement Case Analysis and Prediction Research", Journal of the Institute of Electronics and Communication Engineers vol. 6, no. 1, pp. 2-3, 2011.
  17. HTTrack, "Website copier", [Internet]. 2017, Available From: https://www.httrack.com/(accessed July 30, 2017)
  18. S. J. Oh, K. H. Kim, "A Study on Security Flaw Analysis Vulnerability Using Registry Parsing", The Institute of Electronics Engineers of Korea, Conference Proceedings, pp. 287-290, 2016.
  19. D. H. Lee, J. W. Lee, J. G. Kim, "OWASP TOP 10 Security vulnerability verification method for multitenancy - based web sites", Fusion Security Journal, vol. 16, no. 4, pp. 43-51, 2016.
  20. LGE, "Firmware Update Confidential document", [Internet]. Available From : http://partner.lge.com/fr/portal/download/download/mobileExternalFileDownload.lge?fileId=GwxUQbA9lqELW8sD9jz3A&content=manual. (accessed July 30, 2017).
  21. kbobath, "Cross-site scripting threats", [Internet]. 2017, Available From: http://www.kbobath.com/upload/. (accessed July 30, 2017).
  22. ManualsLib, "External site exposure of the manual", [Internet]. 2017, Available From: https://www.manualslib.com/l/lg+sevice+manuals.html. (accessed July 30, 2017).
  23. Haibin Hu, "Research on the technology of detecting the SQL injection attack and non-intrusive prevention in WEB system", AIP Conf Proc vol. 1839, no. 1, pp. 1-8, 2017. DOI: http://dx.doi.org/10.1063/1.4982570
  24. LGE, "European R&D Testbed access site", [Internet]. Available From: http://eurd-test.lge.com/index.php?send_ok=1. (accessed July 30, 2017).
  25. SolarWinds Worldwide, "Access control settings for vulnerable FTP server", [Ienternet]. Available From: http://wellserver.well.hu. (accessed July 30, 2017).
  26. Y. J. Park, J. H. Jung, "A Study on Security Threats and Countermeasures in SNS Environment", Korea Science and Research Society, vol. 6, no. 3, pp. 204-221, 2012.
  27. Businessinsider, "LG inadvertently leaked its next flagship smartphone" Available From: http://uk.businessinsider.com/lg-v30-accidental-leak-2017-8. (accessed August 19, 2017).
  28. J Bhattacharjee, A Sengupta, MS Barik, C Mazumdar, "An analytical study of methodologies and tools for enterprise information security risk management", IGI Global, pp. 1-20, 2017. DOI: http://dx.doi.org/10.4018/978-1-5225-2604-9
  29. Y Pan, J White, DC Schmidt, A Elhabashy, L Sturm, J Camelio, and C Williams, "Taxonomies for Reasoning About Cyber-physical Attacks in IoT-based Manufacturing Systems", IJIMAI, vol. 4, no. 3, pp. 1-11, 2017. DOI: https://doi.org/10.9781/ijimai.2017.437
  30. KISA, "S/W New Vulnerability Notification Award Management Guide", Available From: https://www.krcert.or.kr/download.do?path=consult&name=160617_Guide.pdf&orgName=. (accessed August 18, 2017)
  31. G. H. Han, TK Nguyen, H. CHO, S. H. Hwang, C. H. Im, "Cost effective active security inspection framework for web application vulnerability analysis", Information Processing Society, vol. 5, no. 8, pp. 189-196, 2016.
  32. Umesh Kumar Singh, and Chanchala Joshi, "Quantitative security risk evaluation using cvss metrics by estimation of frequency and maturity of exploit", WCECS, vol. 1, pp. 19-21, 2016.
  33. Losonczi, Peter, Pavel Necas, Norbert Nad, "Risk management in information security", J management ,vol. 1, pp. 77-80, 2016.
  34. Amazon, "Investigate vulnerabilities in Amazon Web Services", Available From: https://aws.amazon.com/ko/security/vulnerability-reporting/. (accessed July 30, 2017).
  35. J. S. Ahn, B. M. Chang, E. Y. Lee, "A Study on the Critical Evaluation System of Security Vulnerability", Journal of the Institute of Information Security, vol. 25, no. 4, pp. 3-10, 2015. DOI: http://dx.doi.org/10.13089/JKIISC.2015.25.4.921.