A Study for Cyber Situation Awareness System Development with Threat Hunting |
Lee, Jaeyeon
(C2.Comm. R&D Center C4I.Cyber Team, Hanwha Systems Co. Ltd.)
Choi, Jeongin (C2.Comm. R&D Center C4I.Cyber Team, Hanwha Systems Co. Ltd.) Park, Sanghyun (C2.Comm. R&D Center C4I.Cyber Team, Hanwha Systems Co. Ltd.) Kim, Byeongjin (C2.Comm. R&D Center C4I.Cyber Team, Hanwha Systems Co. Ltd.) Hyun, Dae-Won (C2.Comm. R&D Center C4I.Cyber Team, Hanwha Systems Co. Ltd.) Kim, Gwanyoung (C2.Comm. R&D Center C4I.Cyber Team, Hanwha Systems Co. Ltd.) |
1 | Sqrrl Inc., "A Framework for Cyber Threat Hunting," https://sqrrl.com/media/Framework-for-Threat-Hunting-Whitepaper-web.pdf, 2016. |
2 | Carson Zimmerman, "Ten Strategies of a World-Class Cybersecurity Operations Center," The MITRE Cooperation, pp. 8-9, p. 33, p. 45, 2014. |
3 | KISA, "A Manual for CERT Management," https:// www.kisa.or.kr/public/laws/laws3.jsp, p. 3, p. 72, 2010. |
4 | George P. Tadda and John S. Salerno, "Overview of Cyber Situation Awareness," in Cyber Situation Awareness, Springer, pp. 15-35, 2010. |
5 | David J. Bianco, "The Pyramid of Pain," http://detect-respond.blogspot.com/2013/03/the-pyramid-of-pain.html, 2014. |
6 | The MITRE Corporation, Systems Engineering Guide, pp. 175-183, https://www.mitre.org/publications/all/systems-engineering-guide, 2013. |
7 | The MITRE Corporation, Crown Jewels Analysis, http://www.mitre.org/publications/systems-engineeringguide/enterprise-engineering/systems-engineering-formission-assurance/crown-jewels-analysis, 2013. |
8 | Carbon Black Inc., "Eradicate Concealed Threats: Advanced Threat Hunting with Carbon Black," https://www.carbonblack.com/wp-content/uploads.2017/05/Cb_Threat_Hunting_Whitepaper_fin-1.pdf, 2017. |
9 | Cybereason Inc., "Threat Hunting: Answering Am I Under Attack?," https://hi.cybereason.om/threat-hunting-answering-am-i-under-attack, 2017. |
10 | Cybereason Inc., "Threat Hunting 2017 Survey Findings Report," https://hi.cybereason.com/2017-threat-hunting-report, 2017. |
11 | Jaeyeon Lee, "A SW Framework Design for Defense Cyber Situation Awareness System," KIMST Autumn Conference Proceedings, pp. 567-568, 2017. |
12 | Byeongjin Kim, "Opensource based Security Equipment and Asset Monitoring System," KIMST Annual Conference Proceedings, pp. 1367-1368, 2018. |
13 | Richard A. Kemmerer, "Cybaware: A Cyber Awareness Framework for Attack Analysis, Prediction, and Visualization," In ARO/MURI Annual Review, 2014. |
14 | Dae-Won Hyun, "A Study on Intelligent Cyber Situation Awareness System for Cyber Attacks," KIMST Annual Conference Proceedings, pp. 1478-1479, 2018. |
15 | Chris Fry and Martin Nystrom, "Security Monitoring," O'reilly, pp. 12-13, 2009. |
16 | Bro Framework, https://www.bro.org/sphinx/intro/index.html. |