Method of Quantification of Cyber Threat Based on Indicator of Compromise

Abstract

As a large quantity of new and varied attacks occur in Korea, it is difficult to analyze and respond to them with limited security experts and existing equipment. This paper proposes a method of analyzing the threat of Indicator of Compromise (IoC) used for cyber incidents and calculating it as a quantitative value in order to check the analysis priority of cyber incidents that occur in large quantities. Using this method, a large quantity of cyber incidents can be efficiently responded to by checking the quantification of cyber threat objectively to quickly determine the response level of the cyber incident and actively analyze cyber incidents with high threat levels.