Browse > Article
http://dx.doi.org/10.13089/JKIISC.2015.25.4.961

Using the SIEM Software vulnerability detection model proposed  

Jeon, In-seok (Graduate School of Information Security, Korea University)
Han, Keun-hee (Graduate School of Convergence Software, Korea University)
Kim, Dong-won (Graduate School of Information Security, Korea University)
Choi, Jin-yung (Graduate School of Convergence Software, Korea University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.25, no.4, 2015 , pp. 961-974 More about this Journal
Abstract
With the advancement of SIEM from ESM, it allows deep correlated analysis using huge amount of data. By collecting software's vulnerabilities from assessment with certain classification measures (e.g., CWE), it can improve detection rate effectively, and respond to software's vulnerabilities by analyzing big data. In the phase of monitoring and vulnerability diagnosis Process, it not only detects predefined threats, but also vulnerabilities of software in each resources could promptly be applied by sharing CCE, CPE, CVE and CVSS information. This abstract proposes a model for effective detection and response of software vulnerabilities and describes effective outcomes of the model application.
Keywords
Risk Management; Software Vulnerability; Secure Coding; Managed Security Service; SIEM; ESM;
Citations & Related Records
연도 인용수 순위
  • Reference
1 HP, http://www8.hp.com/us/en/software-solutions/siem-security-information-event-management/index.html
2 Sangyong Choe, "Reconstruction of the hacking incident," Acorn
3 Myeonghun Gang, "Completion of IDS and security control seen as a big data analysis," Wowbooks
4 "Guidelines for Information Security Measures", (KoreaCommunicationsCommission 2013-3, 2013.01.17)
5 Dongjin Gim, Seongje Jo, "An Analysis of Domestic and Foreign Security Vulnerability Management Systems based on a National Vulnerability Database," 1(2), pp. 3-5, Nov 2010
6 Huijin Jang, "Comprehensive analysis system for intrusion detection and response," Agency for Defense Devlopment, pp. 16-19
7 IBM, https://exchange.xforce.ibmcloud.com/vulnerabilities/24008
8 ITU-T Q.4/17 Proposed initial draft text for Rec. ITU-T X.cybex, Cybersecurity information exchange framework (TD503)
9 "Requirements for Distribution and Sharing of Information in the Vulnerability DB", (Technical Report), TTAR-12.0016, Telecommunications Technology Association, pp 9-10, Dec 2012
10 Microsoft, https://technet.microsoft.com/ko-kr/library/security/ms15-001
11 Adobe, https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
12 Oracle, http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
13 PHP Group, http://php.net/
14 Apache Software Foundation, http://www.apache.org/dist/httpd/Announcement2.4.txt
15 Seongjin An, I Gyeongho, Bak Wonhyeong, "Security Monitoring&Control,EHANMEDIA," pp. 16-55, Apr 2014
16 Young-Jin Kim, Su-yeon Lee, Hun-Yeong Kwon, Jong-in Lim, "A Study on the Improvement of Effectiveness in National Cyber Security Monitoring and Control Services," korea institute of information security and cryptology, pp. 2-3, Feb 2009
17 Si-Jang Park, Jong-Hoon Park, "Current Status and Analysis of Domestic Security Monitoring Systems, korea institute of electronic communication science," pp. 2-3, Sep 2014
18 IBM, http://xforce.iss.net/ContentUpdates.do;jsessionid=2C5B979DC4827A7EAD8F254F587B9A44?xpu=75
19 Paloaltonetworks, https://downloads.paloaltonetworks.com/content/app-502-2736.html?__gda__=1433931570_54a6cb5825a3c7748542dcb09f1a616f
20 Wins, https://sniper2.wins21.com/pattern_update/SKRE2CWIS207528/help/h_1300_05894.html
21 HP, http://www8.hp.com/kr/ko/business-solutions/security-overview.html
22 Ji Hong Kim, Huy Kang Kim, "Automated Attack Path Enumeration Method based on System Vulnerabilities Analysis," korea institute of information security and cryptology, pp. 3-4, Oct 2012
23 "A Study on Construction of A vulnerability Management System for New Information Technologies," KISA-WP-2010-0018, pp. 36, Aug 2010
24 Gim Gyeonggi, "Research of improved CVSS for vulnerability management in financial ISAC," pp. 27, Jun2008
25 MITRE, https://cve.mitre.org/index.html
26 MITRE, https://cce.mitre.org/
27 MITRE, https://oval.mitre.org/
28 MITRE, https://cpe.mitre.org/
29 Frst, https://www.first.org/cvss
30 NIST, http://scap.nist.gov/specifications/xccdf/