DOI QR코드

DOI QR Code

The Integrated Cyber SRM(Security Risk Monitoring) System Based on the Patterns of Cyber Security Charts

  • Lee, Gang-Soo (Dept. of Computer Engineering, Hannam University) ;
  • Jung, Hyun Mi (Center for Development of Supercomputing System, KISTI)
  • Received : 2019.09.23
  • Accepted : 2019.10.29
  • Published : 2019.11.29

Abstract

The "Risk management" and "Security monitoring" activities for cyber security are deeply correlated in that they prepare for future security threats and minimize security incidents. In addition, it is effective to apply a pattern model that visually demonstrates to an administrator the threat to that information asset in both the risk management and the security system areas. Validated pattern models have long-standing "control chart" models in the traditional quality control sector, but lack the use of information systems in cyber risk management and security systems. In this paper, a cyber Security Risk Monitoring (SRM) system that integrates risk management and a security system was designed. The SRM presents a strategy for applying 'security control' using the pattern of 'control charts'. The security measures were integrated with the existing set of standardized security measures, ISMS, NIST SP 800-53 and CC. Using this information, we analyzed the warning trends of the cyber crisis in Korea for four years from 2014 to 2018 and this enables us to establish more flexible security measures in the future.

사이버 보안을 위한 활동인 '위험관리(Risk management)'와 '보안관제(security monitoring)' 업무는 미래에 발생할 보안 위협에 대비하고 보안 사고를 최소화 하는 활동이라는 점에서 깊은 상관관계를 가지고 있다. 또한 위험관리와 보안관제 분야 모두 관리자에게 시각적으로 그 정보자산에 대한 위협을 보여주는 패턴 모델을 적용하는 것이 효과적이다. 검증받은 패턴모델로는 전통적인 품질관리 분야에서 오랫동안 사용되어온 '관리도'(control chart)모델이 존재하지만 정보시스템의 사이버 위험관리와 보안관제에서의 활용은 부족하다. 이에 본 논문에서는 위험관리와 보안관제 시스템을 통합한 사이버 SRM(Security Risk Monitoring)시스템을 설계하였다. SRM은 '관리도'의 패턴을 이용한 '보안대책' (security control)의 적용 전략을 제시한다. 보안대책은 기존의 표준화된 보안대책 집합인 ISMS, NIST SP 800-53, CC를 통합적으로 적용하였다. 이를 활용하여 2014~2018년 까지 4년간 우리나라사이버위기 경보동향을 분석하였고 이는 향후 보다 유연한 보안대책 수립을 가능하게 한다.

Keywords

References

  1. Hyuck Moo Kwon, Sung Hoon Hong, Min Koo Lee, Sung Uk Lim, "Literature Review on the Statistical Quality Control," J. Korean Soc. Qual. Manag., Vol. 44, No. 1, March 2016. pp.1-16. https://doi.org/10.7469/JKSQM.2016.44.1.001
  2. Basic Tools for Process Improvement, Module 10 CONTROL CHART. https://support.minitab.com/ko-kr/minitab/18/.
  3. Process for statistical quality control, http://ebook.pldworld.com/_ebook/품질관리/hwcg.co.kr/.../통계적품질관리_교재.ppt.
  4. Taewoong Kim, "Quality Management," Sin-yeong sa, July 2017.
  5. Time series Forecasting in Machine Learning, https://medium.com/99xtechnology/time-series-forecasting-in-machine-learning-3972f7a7a467
  6. Jin-woo Park, Seok-hoon Yun, Jin-heum Kim, Hyeong-chul Jeong, "Developing the information security risk index using network gathering data," Korean Journal of Applied Statistics, vol7 no29, pp.1173-1183, 2016.
  7. Method for anomaly detection using statistical process control, https://patentimages.storage.googleapis.com/fe/4c/4e/f46728e1a00 7ef/KR101281460B1.pdf, 2013.
  8. KISA Report, "A study on a Scheme of Detecting Abnormal Traffic in Internet-based Architecture," 2004.
  9. NIST SP 800-30, Rev. 1, "Guide for Conducting Risk Assessments," Sep. 2012.
  10. NIST SP 800-37, Rev. 1, "Guide for Applying the Risk Management Framework to Federal Information Systems-A Security Life Cycle Approach," Feb. 2010.
  11. NIST SP 800-37, Rev. 2, "Risk Management Framework for Information Systems and Organizations-A System Life Cycle Approach for Security and Privacy," May 2018.
  12. NIST SP 800-39, "Managing Information Security Risk," March 2011.
  13. NIST SP 800-53, Rev. 5, "Security and Privacy Controls for Information Systems and Organizations, NIST," Aug. 2017.
  14. NIST SP 800-137, "Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations," Sept. 2011.
  15. Common Criteria ver 5.1, http://www.itscc.kr, 2017.
  16. Notice regarding information protection and personal information protection management system certific-ation, https://isms.kisa.or.kr/main/ispims, 2018.
  17. SMS-P_Certification Standards_Detail Check Items, https://isms.kisa.or.kr/main/ispims. 2018
  18. Governmental Technology Reference Model (TRM) https://www.geap.go.kr/real/, 2014.
  19. Stock Technical Analysis, file:///C:/Users/310/AppData/Local/Microsoft/Windows/INetCache/IE/42LWML2Z/techanalysis.pdf.
  20. NIS Cyber Crisis Alert Trends: 2014-2018, https://www.nis.go.kr:4016/AF/1_7_1_1/list.do