• Title/Summary/Keyword: 보안관제서비스

Search Result 69, Processing Time 0.039 seconds

Development of Integrated Security Control Service Model based on Artificial Intelligence Technology (인공지능 기술기반의 통합보안관제 서비스모델 개발방안)

  • Oh, Young-Tack;Jo, In-June
    • The Journal of the Korea Contents Association
    • /
    • v.19 no.1
    • /
    • pp.108-116
    • /
    • 2019
  • In this paper, we propose a method to apply artificial intelligence technology efficiently to integrated security control technology. In other words, by applying machine learning learning to artificial intelligence based on big data collected in integrated security control system, cyber attacks are detected and appropriately responded. As technology develops, many large capacity Is limited to analyzing individual logs. The analysis method should also be applied to the integrated security control more quickly because it needs to correlate the logs of various heterogeneous security devices rather than one log. We have newly proposed an integrated security service model based on artificial intelligence, which analyzes and responds to these behaviors gradually evolves and matures through effective learning methods. We sought a solution to the key problems expected in the proposed model. And we developed a learning method based on normal behavior based learning model to strengthen the response ability against unidentified abnormal behavior threat. In addition, future research directions for security management that can efficiently support analysis and correspondence of security personnel through proposed security service model are suggested.

A Study on Development of Evaluation Indicators for the Human Competency and Management In Managed Security Service (MSS) (보안관제 업무의 인적 역량 및 관리에 대한 평가지표 개발 연구)

  • Yang, Sung Ho;Lee, Sang Jin
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.5 no.6
    • /
    • pp.143-152
    • /
    • 2016
  • Currently many central administrative agencies, municipalities and public and private institutions operate Managed security services to cope with cyber security incidents. These entities exert efforts in operating efficiencies rather than introduction of services as they used to. Accordingly, quite a few policies, directions and guidelines have been established for stable operation of Managed security services. Still, Managed security is operated by individuals, whose competencies influence the quality of Managed security services to a great extent. In this respect, the present article examines Managed security technology and methods and describes evaluation methods and examples relevant to human competencies, so as to seek for some potential courses for further development as well as more efficient approaches to human resource management in terms of institutional Managed security services.

Improved Security Monitoring and Control Using Analysis of Cyber Attack in Small Businesses (중소기업 유해트래픽 분석을 통한 보안관제 개선 방안)

  • Hong, Jun Suk;Lim, Young Hwan;Park, Won Hyung;Kook, Kwang Ho
    • The Journal of Society for e-Business Studies
    • /
    • v.19 no.4
    • /
    • pp.195-204
    • /
    • 2014
  • Recent, Secure the small and medium-sized enterprises from advanced and intelligence cyber threat, 24 hours of prevention, detection and analysis is essential. Small and Medium Business monitoring center is operated by government financial support to protect and prevent these threats. Currently it provides security to about 900 small and medium-sized enterprises. This paper studies abnormal and attack packets from small and medium-sized businesses[enterprises] which is monitored by Small and Medium Business monitoring center and provides improvement of security control for small and medium-sized enterprises.

In order to prevent malicious attacks, physical security control to the virtual security control to link integrated control system design (악의적인 공격을 차단하기 위하여 가상보안관제와 물리보안관제를 연동한 통합관제시스템 설계)

  • Song, Jun-Ho;You, Jae-Hwe;Park, Tae-Sung;Jun, Moon-Seog
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2012.04a
    • /
    • pp.756-758
    • /
    • 2012
  • 클라우드 서비스가 발전됨에 따라 자원공유를 위한 가상머신의 활용도 점차 증진되고 있다. 그러나 이러한 가상머신의 활용으로 인하여 가상 영역에 따른 보안위협이 이슈가 되고 있다. 따라서 본 논문은 가상 영역에 따른 보안위협으로부터 보다 안전하고 유동적인 대처를 하기 위한 시스템을 제안하였다. 해당 시스템은 물리관제센터와 가상관제센터의 연동을 통하여 상호간의 현황을 알 수 있음으로써 가상머신 모니터링, 플랫폼 간 공격연관성 분석 등이 용이하며 자원고갈공격이나 DDoS 공격과 같은 위협으로부터 안전하다. 제안하는 시스템은 향후 클라우드 서비스 운용시 물리영역과 가상영역을 총괄적으로 관리하는 통합관제센터 활용에 적합할 것으로 보인다.

Development of Managing Security Services System Protection Profile (보안관제시스템 보호프로파일 개발)

  • Son, Seung-Wan;Kim, Kwang-Seok;Choi, Jung-Won;Lee, Gang-Soo
    • Journal of Digital Contents Society
    • /
    • v.16 no.2
    • /
    • pp.345-353
    • /
    • 2015
  • Security Management System is a system which operates in the security control center for security control. All living things across the Internet in recent years, with the rapid increase in the subscriber base has increased the need for network security dramatically depending on yirueojim through web services, thus cyber security sheriff, I have a big issue to build a security management system, each agency and perform control tasks. But the security functional requirements for security management system would not specified exactly, in developing a security management system to build and design a situation that PP's needs require a lot of trouble. In this paper, we develop a Managed Security System Protection Profile for the security functional requirements specification of the security management system.

A Study on Integration Security Management Model in Cloud Environment (클라우드 환경에서의 통합 보안관제 모델 연구)

  • Byun, Yun Sang;Kwak, Jin
    • Journal of Digital Convergence
    • /
    • v.11 no.12
    • /
    • pp.407-415
    • /
    • 2013
  • Recently, Interest variety of IT services and computing resources are increasing. As a result, the interest in the security of cloud environments is also increasing. Cloud environment is stored that to provide services to a large amount of IT resources on the Cloud. Therefore, Cloud is integrity of the stored data and resources that such as data leakage, forgery, etc. security incidents that the ability to quickly process is required. However, the existing developed various solutions or studies without considering their cloud environment for development and research to graft in a cloud environment because it has been difficult. Therefore, we proposed wire-wireless integrated Security management Model in cloud environment.

긴급점검 / 보안관제시장 혼선 '차별화.신뢰성 확보' 승패 좌우

  • Korea Database Promotion Center
    • Digital Contents
    • /
    • no.8 s.99
    • /
    • pp.80-85
    • /
    • 2001
  • 우리나라에서도 정보 보안에 관한 인식이 이젠 과거와는 달리 많이 높아지고 있는 실정이며, 그래서 과거의 시스템 구축만으로 보안을 끝이라고 아는 인식보다는 보안의 사후 지속적인 관리가 더 중요하다고 인식하는 사례가 증가하고 있는 실정이다. 이에따라 구축해 놓은 보안 시스템을 24시간 감시해주고 모니터링 해주는 관제서비스 분야가 서서히 두각을 나타내고 있다.

  • PDF

A Study on Effective Security Control Model Based on Characteristic of Web Service (웹 서비스 특성 기반 효율적인 보안관제 모델 연구)

  • Lee, Jae-heon;Lee, Sang-Jin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.29 no.1
    • /
    • pp.175-185
    • /
    • 2019
  • The security control is to protect IT system from cyber infringement by deriving valid result values in the process of gathering and analyzing various information. Currently, security control is very effective by using SIEM equipment which enables analysis of systematic and comprehensive viewpoint based on a lot of data, away from analyzing cyber threat information with only fragmentary information. However, It can also be said that cyber attacks are analyzed and coped with the manual work of security personnel. This means that even if there is excellent security equipment, the results will vary depending on the user using. In case of operating a characteristic web service including information provision, This study suggests the basic point of security control through characteristics information analysis, and proposes a model for intensive security control through the type discovery and application which enable a step-wise analysis and an effective filtering. Using this model would effectively detect, analyze and block attacks.

A Study on the Operation and System Improvement of Cyber Security Center (사이버보안관제센터 운영 및 제도 개선에 관한 연구)

  • Hoo-Ki Lee
    • Convergence Security Journal
    • /
    • v.24 no.2
    • /
    • pp.39-45
    • /
    • 2024
  • The purpose of security control in the public sector is to secure the safety of administrative services for the public by preventing resource loss or information infringement in information systems and information and communication networks. The security control system is a process that performs real-time detection, analysis, response, and reporting through system vulnerability analysis and security system detection pattern optimization. This study aims to objectively identify the current situation of the mismatch between the supply and demand of cyber security control centers currently in operation and specialized security control companies that can be entrusted to operate them, and to derive and propose practical and institutional improvement measures. Considering that the operation of security control centers in the public sector is expected to increase in the future, research on the practical supplementation required for the operation process of security control centers and the improvement of the designation system of security control specialized organizations has fundamental and timely significance, and it is an area that requires continuous research in terms of strategic industrialization.