Browse > Article
http://dx.doi.org/10.6109/jkiice.2016.20.11.2067

The IOA-Based Intelligent Information Protection System for Response of Advanced Persistent Threats  

Ryu, Chang-su (Department of Cartoon & Game Animation, Yewon Arts University)
Publication Information
Journal of the Korea Institute of Information and Communication Engineering / v.20, no.11, 2016 , pp. 2067-2072 More about this Journal
Abstract
Recently, due to the development of attack techniques that can circumvent existing information protection systems, continuous threats in a form unrecognized by the user have threatened information assets. Therefore, it is necessary to support the prompt responses to anticipated attempts of APT attacks, bypass access attacks, and encryption packet attacks, which the existing systems have difficulty defending against through a single response, and to continuously monitor information protection systems with a defense strategy based on Indicators of Attack (IOA). In this paper, I suggest a centralized intelligent information protection system to support the intelligent response to a violation by discerning important assets through prevention control in a performance impact assessment about information properties in order to block the attack routes of APT; establishing information control policies through weakness/risk analyses in order to remove the risks in advance; establishing detection control by restricting interior/exterior bypass networks to server access and monitoring encrypted communications; and lastly, performing related corrective control through backup/restoration.
Keywords
Indicator Of Attack; Advanced Persistent Threat; Information Security System; Attack Routes Block;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 C. S. Ryu, "Operation Plan for the Management of an Information Security System to Block the Attack Routes of Advanced Persistent Threats," in Proceeding of the 39th Conference of the Korea Institute of Information and Communication Engineering, Catholic University of Pusan, pp. 759-761, 2016.
2 M. G. Lee, and C. S. Bae, "Next Generation Convergence Security Framework for Advanced Persistent Threat," Journal of The Institute of Electronics Engineering of Korea, vol. 50, no. 9, pp. 92-99, Sep. 2013.
3 Y. S. Lim, "Review on the Cyber Attack by Advanced Persistent Threat," Journal of The Korean Association for Terrorism Studies, vol. 6, no. 2, pp. 158-178, Jun. 2013.
4 S. H. Lee, and M. S. Han, "A Study of Defense Method through APT(Advanced Persistent Threat) Penetration Path Analysis in Industrial Network," The Journal of Korean Association for Industry Security, vol. 5, no. 1, pp. 223-253, Jun. 2015.
5 M. S. Gu, and Y. Z. Li, "A Study of Countermeasures for Advanced Persistent Threats attacks by malicious code," Journal of IT Convergence Society for SMB, vol. 5, no. 4, pp. 37-42, Aug. 2015.
6 H. W. Kim, J. S. Ryu, and D. S. Kim, "Personal Information Protection by Privacy Impact Assessment in Information System Audit," The Journal of the Korea Contents Association, vol. 11, no. 3, pp. 84-99, Mar. 2011.   DOI
7 NIA, 2015 National Informatization White Paper, National Information Society Agency, 2015.
8 KISA, 2016 the first quarter Cyber Threat Trend Report, Korea Internet & Security Agency, 2016.
9 CA Technologies. Target Attack 2012 [Internet]. Available: http://www.ca.com/.
10 Publication 800-30 Revision 1. Guide for Conducting Risk Assessments [Internet]. Available: http://csrc.nist.gov/publications/drafts/800-30-rev1/SP800-30-Rev1-ipd.pdf.