Browse > Article
http://dx.doi.org/10.13067/JKIECS.2013.8.11.1841

A Study on Constructing of Security Monitoring Schema based on Darknet Traffic  

Park, Si-Jang (호남대학교 컴퓨터공학과)
Kim, Chul-Won (호남대학교 컴퓨터공학과)
Publication Information
The Journal of the Korea institute of electronic communication sciences / v.8, no.12, 2013 , pp. 1841-1848 More about this Journal
Abstract
In this paper, the plans for improvement of real-time security monitoring accuracy and expansion of control region were investigated through comprehensive and systematic collection and analysis of the anomalous activities that inflow and outflow in the network on a large scale in order to overcome the existing security monitoring system based on stylized detection patterns which could correspond to only very limited cyber attacks. This study established an anomaly observation system to collect, store and analyze a diverse infringement threat information flowing into the darknet network, and presented the information classification system of cyber threats, unknown anomalies and high-risk anomalous activities through the statistics based trend analysis of hacking. If this security monitoring system utilizing darknet traffic as presented in the study is applied, it was indicated that detection of all infringement threats was increased by 12.6 percent compared with conventional case and 120 kinds of new type and varietal attacks that could not be detected in the past were detected.
Keywords
Darknet; Honeynet; Honeypot; IDS; Anomaly Detection; Behavior Detection;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 Jung-Suk Jang, Yong-Hee Jeon, Jong-soo Jang, Sung-Won Son, "A Distributed Communication Model and Performance Evaluation for Information Transfer in a Security Policy-based Intrusion Detection System", Korea Communication Academic Association Journal, Vol 29, No. 12, pp. 1707-1712, 2004.   과학기술학회마을
2 Tao Ban, Lei Zhu, Jumpei Shimamura, Shaoning Pang, Daisuke Inoue, Koji Nakao, "Behavior Analysis of Long-term Cyber Attacks in the Darknet", ICONIP (5) pp. 620-628, 2012.
3 Cjha-in Hwan, "A study on the Development of Personal Security Management for Protection against Insider threat", The Journal of the Korea Institute of Electronic Communication Sciences, Vol 3, No. 4, pp. 210-211, 2008.
4 Taek-Yong Nam, Suk-Yeon Kim, Sung-Min Lee, Jeong-Hun Ji, Sung-Won Son, "Reliable Next Generation Network Security System", Korea Information Protection Academic Association Journal, Vol 6, No. 5, pp. 1-12, 2003.
5 Woo-Seok Seo, Moon-Seog Jun, "A Study on the Realization of Diskless and Stateless Security Policy Based High-speed Synchronous Network Infrastructure", The Journal of the Korea Institute of Electronic Communication Sciences, Vol 6, No. 5, pp. 676-679, 2011.   과학기술학회마을
6 Soo-Hyeong Jo, Jeong-Nyo Kim, "Policy-based Security Management for Intrusion Detection", Korea Information Science Academic Association Journal, Vol 29, No. 2, pp. 574-576, 2002.
7 J. Song, H. Takakura, and Y. Kwon, "A Generalized Feature Extraction Scheme to Detect 0-Day Attacks via IDS Alerts", The 2008 International Symposium on Applications and the Internet(SAINT2008)", The IEEE CS Press, pp. 51-56, 28 July-1 Aug. 2008.
8 Seok-Soo Kim, "A Research on Intrusion Prevention System and Security Monitoring System", Security Engineering Research Paper Journal, Vol 1, No. 1, pp. 2-5, 2005.
9 Jeong-Nyo Kim, Jong-soo Jang, Sung-Won Son, "Integrated Security Technology for Intrusion Prevention for I&C System Infrastructure", Information and Communications Magazine in Korea, Vol 21, No. 9, pp. 75-90, 2004.
10 Woo-Seok Seo, Jae-Pyo Seo, Mun-Seok Jeon, "A Research on Platform Design Methodology Standardized for Network Security Infrastructure Constitution", The Journal of the Korea Institute of Electronic Communication Sciences, Vol 7, No. 1, pp. 204-206, 2012.