Convergence Security Journal (융합보안논문지)

Korea convergence Security Association (한국융합보안학회)
권호 표지
DOI QR코드

DOI QR Code

Security Operation Dashboard Design by Blockade-Detection-Response

봉쇄-탐지-대응 기반 보안관제 대시보드 설계

  • 한충희 (전력거래소 안전관리실/정보보안팀)
  • Received : 2021.08.31
  • Accepted : 2021.09.27
  • Published : 2021.09.30
Download PDF
⟨ Previous Next ⟩

Abstract

Standardization of the security operation dashboard is essential for efficient operation of security operation center. The security operation dashboard should be configured so that it is widely used by security operation workers who have to live together 24 hours a day, 365 days a year. In addition, it must be able to comprehensively express the business activities of the security operation center. In addition, it should be possible to easily explain the business activities of the security operation center. Therefore, in this paper, we would like to explain the design of a security control dashboard based on blockade, detection, and response that is actually applied to case organizations in the power sector. Through this, it is intended to reduce the effort and time required for configuring a custom dashboard for VIPs, and contribute to the efficient operation of the security operation center.

효율적인 보안관제센터 운영을 위해서는 보안관제 대시보드의 표준화가 반드시 필요하다. 보안관제 대시보드는 24시간 365일 내내 함께 생활해야 하는 보안관제근무자들에게 많이 활용되도록 구성해야 한다. 또한 보안관제센터의 업무활동을 종합적으로 표출할 수 있어야 한다. 추가적으로 보안관제센터의 업무활동들을 쉽게 설명할 수 있어야 할 것이다. 이에 본 논문에서 사례기관에 실제 적용한 봉쇄·탐지·대응 기반의 보안관제 대시보드 디자인을 설명하고자 한다. 이를 통해 불필요한 귀빈 맞춤형 대시보드 구성작업에 대한 노력과 시간을 줄이고 보안관제센터의 효율적인 운영에 이바지하고자 한다.

Keywords

References

  1. Sitaram Kowtha, Laura A. Nolan, Rosemary A. Daley, 'Cyber Security Operation Center Characterization Model and Analysis', Johns Hopkins University, Applied Physics Laboratory, 978-1-4673-2709-1/12, IEEE, 2012.
  2. Eui-yeon Jung , 'A Study on the Integrated Security Monitoring &Control in Financial Investment Industry Computer Networks', Korea Information Processing Society, 19-2, Feb, 2012.
  3. Gil Sun, Yu, 'A Study on the Cyber Security monitoring Detection and Response', Department of Digital Forensics, The Graduate School of Hanseo University, August, 2018.
  4. Cyril Onwobiko, 'CoCoa: An Ontology for Cybersecurity Operations Centre Analysis Process', Intelligence & Security Assurance, E-Security Group, London, UK. 2018.
  5. Natalia Miloslavskaya, 'Network Security Intelligence Center as a combination of SIC and NOC', National Research Nuclear University MEPhI, 1877-0509/2018 Elsevier.
  6. Rasim Alguliyev, Yadigar Imamverdiyev, Lyudmila sukhostat, 'Cyber-physical systems and their security issues', Institute of Information Technology, Azerbaijan National Academy of Sciences, 0166-3615/2018 Elsevier.
  7. Tae-Woong Seo, 'An Analysis of Vulnerabilities and Performance on the CCTV Security Monitoring and Control', Journal of Multimedia, 15(1), Jan, 2012.
  8. Kim, MinJun, 'A study on the implementation of white-list intrusion detection system on control networks', Department of Industry Security, Graduate School, Kyonggi Univ, Jun, 2011.
  9. Jin_Young Jung, 'Security Management Automation Method Using Artificial Intelligence in Financial Sector', KonKuk Univ, Master's Thesis, Feb, 2018.
  10. Charles Feng, Shuning Wu, Ningwei Liw, 'A User- Centric Machine Learning Framework for Cyber Security Operation Center', ZhonDu Tecnologies, Symantec Corporation, 978-1-5090-6727/17, IEEE, 2017.
  11. Hanbitmedia, "Network security system construction and security control",2016, pp. 38-42
  12. Infothebooks, "Security Control Practice Guide for Nurturing Next-Generation Information Security Talents", 2017, pp. 45-48.
  13. Jeon Sang June, "Design and Evaluation Security Control Iconology for Big Data Processing", JOURNAL OF PLATFORM TECHNOLOGY, 2020.12, pp. 38-46. https://doi.org/10.23023/JPT.2020.8.4.038
  14. Suk-woo Hyun, "A Study of Effectiveness of the Improved Security Operation Model Based on Vulnerability Database", Korea Institute Of Information Security And Cryptology, 2019.10, 1167-1177(11 pages)
  15. Woo-Jin Jo, "A log visualization method for network security monitoring", Korean Institute Of Smart Media, 2018, 70 - 78 (9 pages)
  16. Han ChoongHee, 'A study for Information Security Risk Assessment Methodology Improvement by blockade and security system level assessment ', Korea Information Assurance Society, vol 20-4, pp.187-196, Oct, 2020.