Decision support system (DSS) for zero day attack response제로데이 공격 대응을 위한 의사결정지원시스템에 관한 연구

Cited 0 time in webofscience Cited 0 time in scopus
  • Hit : 827
  • Download : 0
To manage information security process, and to maintain high level security, companies deploy protection, detection and reaction systems and methods. For the protection of the network and server infrastructure, companies deploy official patches of vendors. When official patches are not available, they apply work-around for temporary remedy. These methods help companies to eliminate all the known security vulnerabilities. Still, they cannot protect companies from unknown security vulnerability. For the detection, companies usually deploy intrusion detection system (IDS). However, for the present, most IDS can only response to the known attacks. Therefore, companies remain vulnerable to the unknown attacks if they do not have a well-designed anomaly based detection system. Even though they are equipped with a well-crafted anomaly based detection system, their information security officers cannot detect the unknown attacks if there were no anomalous symptom such as traffic burst-in or server crash. Hence, the unknown attacks so called the zero-day attacks remain as the big problems to solve even for the companies that maintain protection and detection systems. Due to such limitation that are listed above, companies and their information security officers may not know whether the zero-day attacks occur or not. Even though security officers find such attacks, it is very hard for them, who are in charge of information security, to take any action before they get enough information regarding this new attack pattern. This is because some work-around method that can be deployed before the completion of the vulnerability analysis often gives rise to negative side effects on the systems. The limitation of the security officers in making reaction to such attacks right on time makes their companies more vulnerable to the zero-day attacks. This is the problem in the current information security process and the deployment of detection and protection systems that are readi...
Advisors
Park, Sang-Chan박상찬
Description
한국과학기술원 : 산업및시스템공학과,
Publisher
한국과학기술원
Issue Date
2009
Identifier
309056/325007 / 020005097
Language
eng
Description

학위논문(박사) - 한국과학기술원 : 산업및시스템공학과, 2009.2, [ vii, 130 p. ]

Keywords

atomic vulnerability; zero-day attack; attack similarity; intrusion detection; decision support system; 단위 취약점; 제로데이 공격; 공격 유사도; 침입 탐지; 의사결정지원시스템; atomic vulnerability; zero-day attack; attack similarity; intrusion detection; decision support system; 단위 취약점; 제로데이 공격; 공격 유사도; 침입 탐지; 의사결정지원시스템

URI
http://hdl.handle.net/10203/40636
Link
http://library.kaist.ac.kr/search/detail/view.do?bibCtrlNo=309056&flag=dissertation
Appears in Collection
IE-Theses_Ph.D.(박사논문)
Files in This Item
There are no files associated with this item.

qr_code

  • mendeley

    citeulike


rss_1.0 rss_2.0 atom_1.0