Byungik Kim, Nakhyun Kim, Seulgi Lee, Hyeisun Cho, Junhyung Park
{"title":"基于自动分析的主动检测网络攻击的网络威胁情报分析平台研究","authors":"Byungik Kim, Nakhyun Kim, Seulgi Lee, Hyeisun Cho, Junhyung Park","doi":"10.1109/PLATCON.2018.8472766","DOIUrl":null,"url":null,"abstract":"This paper proposes an automated cyberattack analysis platform that is designed to analyze and respond to cyberattacks, which are becoming ever more intelligent and advanced. The ICT information generated during previous cyberattacks will be collected to analyze cyberattacks automatically, and the relationship between the collected information, level of re-exploitation, and similar ICT information among cyberattacks will be automatically analyzed. If the values that are currently being monitored are entered into the developed platform, the most similar cyberattacks in the past and the current phase of attacks will be provided to the analyst. In addition, a system capable of blocking attacks in advance before damages are caused could be developed by providing response/analysis guideline information on the potential future attack inflow.","PeriodicalId":231523,"journal":{"name":"2018 International Conference on Platform Technology and Service (PlatCon)","volume":"11 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"A Study on a Cyber Threat Intelligence Analysis (CTI) Platform for the Proactive Detection of Cyber Attacks Based on Automated Analysis\",\"authors\":\"Byungik Kim, Nakhyun Kim, Seulgi Lee, Hyeisun Cho, Junhyung Park\",\"doi\":\"10.1109/PLATCON.2018.8472766\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper proposes an automated cyberattack analysis platform that is designed to analyze and respond to cyberattacks, which are becoming ever more intelligent and advanced. The ICT information generated during previous cyberattacks will be collected to analyze cyberattacks automatically, and the relationship between the collected information, level of re-exploitation, and similar ICT information among cyberattacks will be automatically analyzed. If the values that are currently being monitored are entered into the developed platform, the most similar cyberattacks in the past and the current phase of attacks will be provided to the analyst. In addition, a system capable of blocking attacks in advance before damages are caused could be developed by providing response/analysis guideline information on the potential future attack inflow.\",\"PeriodicalId\":231523,\"journal\":{\"name\":\"2018 International Conference on Platform Technology and Service (PlatCon)\",\"volume\":\"11 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1900-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 International Conference on Platform Technology and Service (PlatCon)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/PLATCON.2018.8472766\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 International Conference on Platform Technology and Service (PlatCon)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PLATCON.2018.8472766","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Study on a Cyber Threat Intelligence Analysis (CTI) Platform for the Proactive Detection of Cyber Attacks Based on Automated Analysis
This paper proposes an automated cyberattack analysis platform that is designed to analyze and respond to cyberattacks, which are becoming ever more intelligent and advanced. The ICT information generated during previous cyberattacks will be collected to analyze cyberattacks automatically, and the relationship between the collected information, level of re-exploitation, and similar ICT information among cyberattacks will be automatically analyzed. If the values that are currently being monitored are entered into the developed platform, the most similar cyberattacks in the past and the current phase of attacks will be provided to the analyst. In addition, a system capable of blocking attacks in advance before damages are caused could be developed by providing response/analysis guideline information on the potential future attack inflow.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
