1 |
Act on the promotion of information and communications network utilization and protection of information, http://www.law.go.kr/LSW/LsInfoP.do?lsiSeq=87471#0000
|
2 |
Karen Scarfone, Tim Grance, and Kelly Masone, "Computer security incident handling guide," NIST Special Publication, Mar. 2008.
|
3 |
Patrick Kral, "The incident handlers handbook," Dec. 2011.
|
4 |
Incident analysing process of KISA, https://www.kisa.or.kr/jsp/common/down.jsp?folder=uploadfile&filename=%EC%A0%9C2010-8%ED%98%B8 -%EC%B9%A8%ED%95%B4%EC%82%AC%EA%B3%A0_%EB%B6%84%EC%84%9D_%EC%A0%88%EC%B0%A8(%EB%82%B4%EC%A7%80)%EC%B5%9C%EC%A2%85(fin).pdf
|
5 |
Incident handling process, https://isc.sans.edu/forums/diary/Cyber+Security+Awareness+Month+-+Day+18+-+What+you+should+tell+your +boss+when+there+s+a+crisis+/9760
|
6 |
TaeGuen Kim, In-Kyoung Kim, and Eul Gyu Im, "Malware detection method via major block comparison," Journal of Security Engineering, 9(5), Oct. 2012.
|
7 |
Steven Alexander, "Finding malware on compromised windows machines," Usenix, Apr. 2005.
|
8 |
Richard Nolan, Colin O'Sullivan, Jake Branson, and Cal Waits, "First responders guide to computer forensics," dtic.mil, Mar. 2005.
|
9 |
Martin Overton, "Malware forensics: detecting the unknown," 2008 Virus Bulletin conference, Oct. 2008.
|
10 |
Kyoung-Soo Han, In-Kyoung Kim, and Eul-Gyu Im, "Malware family classification method using API sequential characteristic," Journal of Security Engineering, 8(2), pp. 319-335, Apr. 2011.
|
11 |
Igor Santos, Yoseba K. Penya, Jaime Devesa, and Pablo G. Bringas, "N-grams-based file signatures for malware detection," ICEIS (2), 2009.
|
12 |
ClemensKolbitsch, PaoloMilaniCompare tti, ChristopherKruegel, EnginKirda, Xi aoyongZhou, and XiaoFengWang, "Effect ive and efficient malware detection at the end host," The 18th USENIX Security Symposium, 2009.
|
13 |
Min-ho Kim, Minsoo Kim, and Bong-nam Noh, "The framework for malware analysis using statistical information of registry," journal of korean institute of information technology, 10(9), pp. 97-104, Sept. 2012.
|
14 |
Harlan Carvey, Windows registry forensics: advanced digital forensic analysis of the windows registry, 2011.
|
15 |
Seong-Bin Park, Min-Soo Kim, and Bong-Nam Noh, "Detection method using common features of malware variants generated by automated tools," journal of korean institute of information technology, 10(9), pp. 67-75, Sept. 2012.
|
16 |
Yong-Wook Chung and Bong-Nam Noh, "Selecting features for measuring similarity between attack toolkits and polymorphic codes," Journal of Security Engineering, 9(1), Feb. 2012.
|
17 |
Harlan Carvey, Windows forensic analysis DVD toolkit, Second Edition, 2009.
|
18 |
Joachim Metz, "MSIE Cache File (index.dat) format specification: analysis of the index.dat file format," 2009.
|
19 |
Seungwon Han and Sangjin Lee, "Packed PE file detection for malware forensics," The KIPS Transactions : Part C, 16(5) pp. 555-562, Oct. 2009.
과학기술학회마을
DOI
|
20 |
Levenshtein Distance, http://en.wikipedia.org/wiki/Levenshtein_distance
|
21 |
AhnLab's ASEC Report. vol42, http://download.ahnlab.com/asecReport/ASEC_Report_Vol.42_Kor.pdf
|
22 |
Precision and recall, http://en.wikipedia.org/wiki/Precision_and_recall
|