• Title/Summary/Keyword: Linux vulnerability

Search Result 22, Processing Time 0.08 seconds

Design and Implementation of Internet Throats and Vulnerabilities Auto Collector for Cyber Threats Management (사이버위협 관리를 위한 인터넷 위협 및 취약점 정보 수집기 설계 및 구현)

  • Lee, Eun-Young;Paek, Seung-Hyun;Park, In-Sung;Yun, Joo-Beom;Oh, Hung-Geun;Lee, Do-Hoon
    • Convergence Security Journal
    • /
    • v.6 no.3
    • /
    • pp.21-28
    • /
    • 2006

  • Beginning flag security it was limited in Firewall but currently many information security solutions like Anti-virus, IDS, Firewall are come to be many. For efficiently managing different kinds of information security products ESM (Enterprise Security management) are developed and operated. Recently over the integrated security management system, TMS (Threat Management System) is rising in new area of interest. It follows in change of like this information security product and also collection information is being turning out diversification. For managing cyber threats, we have to analysis qualitative information (like vulnerabilities and malware codes, security news) as well as the quantity event logs which are from information security products of past. Information Threats and Vulnerability Auto Collector raises the accuracy of cyber threat judgement and can be utilized to respond the cyber threat which does not occur still by gathering qualitative information as well as quantity information.

  • PDF

Meltdown Threat Dynamic Detection Mechanism using Decision-Tree based Machine Learning Method (의사결정트리 기반 머신러닝 기법을 적용한 멜트다운 취약점 동적 탐지 메커니즘)

  • Lee, Jae-Kyu;Lee, Hyung-Woo
    • Journal of Convergence for Information Technology
    • /
    • v.8 no.6
    • /
    • pp.209-215
    • /
    • 2018

  • In this paper, we propose a method to detect and block Meltdown malicious code which is increasing rapidly using dynamic sandbox tool. Although some patches are available for the vulnerability of Meltdown attack, patches are not applied intentionally due to the performance degradation of the system. Therefore, we propose a method to overcome the limitation of existing signature detection method by using machine learning method for infrastructures without active patches. First, to understand the principle of meltdown, we analyze operating system driving methods such as virtual memory, memory privilege check, pipelining and guessing execution, and CPU cache. And then, we extracted data by using Linux strace tool for detecting Meltdown malware. Finally, we implemented a decision tree based dynamic detection mechanism to identify the meltdown malicious code efficiently.

  • https://doi.org/10.22156/CS4SMB.2018.8.6.209 인용 PDF KSCI HTML