한국전자거래학회지 (The Journal of Society for e-Business Studies)

  • 제23권4호
  • /
  • Pages.137-152
  • /
  • 2018
  • /
  • 2288-3908(pISSN)
  • /
  • 2765-3846(eISSN)
한국전자거래학회 (Society for e-Business Studies)
권호 표지
DOI QR코드

DOI QR Code

PC 이벤트 탐지 기능과 보안 통제 절차를 연계시킨 시나리오 기반 금융정보유출 위험 대응 모델에 관한 연구

A Study on a Scenario-based Information Leakage Risk Response Model Associated with the PC Event Detection Function and Security Control Procedures

  • Lee, Ig Jun (Department of Information Security, Graduate School, Soonchunhyang University) ;
  • Youm, Heung Youl (Department of Information Security, Graduate School, Soonchunhyang University)
  • 투고 : 2018.10.16
  • 심사 : 2018.11.27
  • 발행 : 2018.11.30
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

기존 금융정보유출 행위를 탐지하기 위해 보안솔루션에서 생성한 행위 로그를 수집하여 패턴분석으로 정보유출 이상행위를 탐지하고 차단하는 활동에서 발생되는 한계점을 극복하고, 효과적으로 대응하기 위한 방안으로 첫 번째, PC에서 정보유출 경로(외부에서 읽기, 외부로 저장하기, 외부로 전송하기 등)로 이용되는 PC내 실행 프로그램들을 실시간으로 모니터링하고 두 번째, 해당 프로그램이 실행하는 시점에 연관된 보안 통제 프로세스와 상호 연동하여 정상 통제예외 통제우회 행위인지를 파악한 다음 마지막 단계인 시나리오 기반으로 생성한 처리 절차를 통해 금융정보유출 위험을 통제할 수 있는 위험 관리 모델을 제안함으로서 정보 보호 측면의 보안성 강화 및 업무 효율성 향상의 기대효과를 창출하고자 한다.

It is a measure to overcome limitations that occur in the activity of detecting and blocking abnormal information leakage activity by collecting the activity log generated by the security solution to detect the leakage of existing financial information and analyzing it by pattern analysis. First, it monitors real-time execution programs in PC that are used as information leakage path (read from the outside, save to the outside, transfer to the outside, etc.) in the PC. Second, it determines whether it is a normal controlled exception control circumvention by interacting with the related security control process at the time the program is executed. Finally, we propose a risk management model that can control the risk of financial information leakage through the process procedure created on the basis of scenario.

키워드

KJGRBH_2018_v23n4_137_f0001.png 이미지

Comparison of Key Features of EDR Solution

KJGRBH_2018_v23n4_137_f0002.png 이미지

Scenario-based Information Leakage Threat Detection and Response Model

KJGRBH_2018_v23n4_137_f0003.png 이미지

Financial Information Leakage Threat Route (Example)

KJGRBH_2018_v23n4_137_f0004.png 이미지

Application Phase for Document Decryption

KJGRBH_2018_v23n4_137_f0005.png 이미지

Authorization Steps for Decrypting Documents

Status of Security Activities and Security Solutions

KJGRBH_2018_v23n4_137_t0001.png 이미지

Detecting Events Related to PC Financial Information Leakage Risk[12]

KJGRBH_2018_v23n4_137_t0002.png 이미지

Risk Scenario

KJGRBH_2018_v23n4_137_t0003.png 이미지

Risk Estimation and Measures for Each Type of Risk

KJGRBH_2018_v23n4_137_t0004.png 이미지

Major Action-Related Events on PC

KJGRBH_2018_v23n4_137_t0005.png 이미지

Compared with Risk Modeling

KJGRBH_2018_v23n4_137_t0006.png 이미지

참고문헌

  1. Chae, E. J., "A study on the PIMS based methodology for monitoring to prevent leakage of personal information in the banking industry," Master Thesis, The Graduate School Dongguk University, 2014. 2.
  2. Choi, J. W., "Detection of personal information leakage using database access control system," 2015. 2.
  3. http://www.gartner.com/newsroom/id/3143521, gartner, 2016.
  4. Kim, J. H. and Lim, J. I., “Composition and Policy Direction of Compensation Insurance Against Customer Information Infringements in Financial Transactions,” The Journal of Society for e-Business Studies, Vol. 19, No. 3, pp. 1-21, 2014. https://doi.org/10.7838/jsebs.2014.19.3.001
  5. Kisa, "guideline for risk management," 2004. 12. 14.
  6. Lee, S. J., "Real time predictive analytic system design and implementation using Bigdata-log," Master Thesis, He Gradu ate School Korea University, 2016. 2.
  7. Newgen CNI, "Introduction of export approval system," 2017. 9.
  8. Oh, Y. S., "A Study on the utilization of digital forensic evidence using the DLP (DataLoss Prevention)system," Master Thesis, The Gra duate School Dongguk University, 2013.
  9. Redston, "guideline for edr solution iron," 2018.
  10. Ryu, S. T., "A study of detection measures about the personal information leakage through scenario-bas ed integrated security log analysis," Master Thesis, The Graduate School Korea University, 2016. 2.
  11. Song, J. H., "Evaluation Security of Inside Information Leakage Prevention Solution," Master Thesis, The Graduate School Daejin University, 2009.
  12. Tocsg, "guideline for Digital Guardi an Platform," 2018.