Browse > Article
http://dx.doi.org/10.7472/jksii.2015.16.5.01

Adaptive Multi-Layer Security Approach for Cyber Defense  

Lee, Seong-kee (The 2nd R&D Institute-3, Agency for Defense Development)
Kang, Tae-in (The 2nd R&D Institute-3, Agency for Defense Development)
Publication Information
Journal of Internet Computing and Services / v.16, no.5, 2015 , pp. 1-9 More about this Journal
Abstract
As attacks in cyber space become advanced and complex, monotonous defense approach of one-one matching manner between attack and defense may be limited to defend them. More efficient defense method is required. This paper proposes multi layers security scheme that can support to defend assets against diverse cyber attacks in systematical and adaptive. We model multi layers security scheme based on Defense Zone including several defense layers and also discuss essential technical elements necessary to realize multi layers security scheme such as cyber threats analysis and automated assignment of defense techniques. Also effects of multi layers security scheme and its applicability are explained. In future, for embodiment of multi layers security scheme, researches about detailed architecture design for Defense Zone, automated method to select the best defense technique against attack and modeling normal state of asset for attack detection are needed.
Keywords
Cyber Defense; Multi-Layer Security Model; Adaptive Security System;
Citations & Related Records
Times Cited By KSCI : 3  (Citation Analysis)
연도 인용수 순위
1 F. Yaqin, Z. Ge, L. Miao and Z. Xin, "The study found that the intelligent mobile phone technology of malicious code," ICSEM-13, 2013, pp.1130-1133.
2 US-CERT Technical Information Paper TIP-10-105-01 Cyber Threats to Mobile Devices, US Dept. of Homeland Security, Apr. 15, 2010.
3 P. Faruki, A. Bharmal, V. Laxmi, V. Ganmoor, M. S. Gaur, M. Conti and M. Rajarajan, "Android Security: A Survey of Issues, Malware Penetration and Defenses," IEEE Communication Surveys and Tutorial, Jan. 2015.
4 K. Kim, Development Prospects of Future Internet Security Technology, ppt material, Sep. 2010.
5 National Science and Technology Council, Federal Plan for Cyber Security and Information Assurance Research and Development, Apr. 2006.
6 R. Armstrong, J. Mayo and F. Siebenlist, Complexity Science Challenges in Cyber security, Sandia National Lab., Mar. 2009.
7 P. Phister, "Cyberspace: The Ultimate Complex Adaptive System," The International C2 Journal, vol.4, no.2, 2010-2011.
8 C. Park, S. Lee, "A Study of the User Privacy Protection Behavior in Online Environment: Based on Protection Motivation Theory," Journal of Internet Computing and Service(JICS), vol.15, no.2, Apr. 2014, pp.59-71. http://dx.doi.org/10.7472/jksii.2014.15.2.59   DOI
9 Y. Ham, H. Lee, "Malicious Trojan Horse Application Discrimination Mechanism using Realtime Event Similarity on Android Mobile Devices," Journal of Internet Computing and Service(JICS), vol.15, no.3, Jun. 2014, pp.31-43. http://dx.doi.org/10.7472/jksii.2014.15.3.31   DOI
10 R. Lamb, R. Hayes and C. Ling, Dynamic Defense: Building Enterprise-wide Cybersecurity that Learns, Adapts, and Proactively Combats Rapidly Changing Cyber Threats, Booz Allen Hamilton Inc., 2012.
11 K. Wilson and M. Kiy, "Some Fundamental Cybersecurity Concepts," IEEE Access, vol.2 2014, pp.116-124.   DOI
12 R. Goudar and P. More, "Multilayer Security Mechanism in Computer Networks," Int. Jou. of Scientific and Research Pub., vol.2, Issue 1, Jan. 2012.
13 J. Eom, "Cyber Defense Strategy for Information Superiority in Cyberspace," Journal of Security Engineering, vol.9, no.5, Oct. 2012, pp.377-386.
14 B. Benyo, P. Pal, R. Schantz, A. Paulos and D. Musliner, "Automated Self-Adaptation for Cyber Defense-Pushing Adaptive Perimeter Protection Inward".
15 D. Dasgupta. "Immuno-Inspired Autonomic System for Cyber Defense".
16 A. Shabtal, Y. Fledel, U. Kanonov, Y. Elovici, S. Dolev and C. Glezer, "Google Android:A Comprehensive Security Assessment," IEEE Security & Privacy, Mar./Apr. 2010, pp.35-44.
17 D. Wagner and D. Dean, "Intrusion Detection via Static Analysis," IEEE, 2001.
18 A. Shabtal, Y. Fledel and Y. Elovici, "Securing Android-Powered Mobile Devices Using SELinux," IEEE Security & Privacy, May/Jun 2010, pp.36-44.
19 A. Yuksel, A. Zaim and M. Aydin, "A Comprehensive Analysis of Android Security and Proposed Solutions," I.J. Computer Network and Information Security, 2014, pp.9-20. http://www.mecs-press.org/10.5815/ijcnis.2014.12.02
20 S. Smalley and R. Craig, "Security Enhanced(SE) Android: Bringing Flexible MAC to Android".
21 O. Hofmann, A. Dunn, S. Kim, I. Roy and E. Witchel, "Ensuring Operating System Kernel Integrity with OSck," ACM 2011.
22 N. Petroni and M. Hicks, "Automated Detection of Persistent Kernel Control-Flow Attacks," ACM 2007.
23 B. Kang, S. Yang and J. Lee, "A Software Development Process for Mobile Applications," Journal of Internet Computing and Service(JICS), vol.15, no.4, Aug. 2014, pp.135-140. http://dx.doi.org/10.7472/jksii.2014.15.4.135   DOI