연구동향 분석
박사

빅 데이터 保安이벤트 相關分析을 통한 APT 攻擊探知 方案에 관한 硏究

손경호 2015년

논문상세정보
인용/피인용
' 빅 데이터 保安이벤트 相關分析을 통한 APT 攻擊探知 方案에 관한 硏究' 의 주제별 논문영향력
논문영향력 선정 방법
논문영향력 요약
주제
  • apt
  • 빅 데이터 보안이벤트
  • 악성코드
  • 이상징후
동일주제 총논문수 논문피인용 총횟수 주제별 논문영향력의 평균
110 0

0.0%

' 빅 데이터 保安이벤트 相關分析을 통한 APT 攻擊探知 方案에 관한 硏究' 의 참고문헌

  • 확장된 증거수집 및 사건연관분석을 기반으로 한 컴퓨터 포렌식.
    정일옥 한국정보과학회 종합학술대회 논문집 제 35 권 제 1 호 (D) 35.1D, pp. 66-70, 2008 [2008]
  • 데이타마이닝 기법을 이용한 경보데이타 분석기 구현
  • “Introducing Forrester's Cyber Threat Intelligence Research". Forrester Research. Retrieved 2014-04-14.
  • “Exploit on Amnesty pages tricks AV software". The H online. Heinz Heise. 20 April 2011.
  • “A Buyer's Guide to Endpoint Protection Platforms“, Gartner, April 2012
  • caida, http://www.caida.org
  • Zhuge, Jianwei, et al. "Collecting autonomous spreading malware using high-interaction honeypots." Information and Communications Security. Springer Berlin Heidelberg, pp. 438-451, 2007.
  • ZeroWine, http://zerowine.sourceforge.net/
  • Yoshioka, Katsunari, et al. "Vulnerability in public malware sandbox analysis systems." Applications and the Internet (SAINT), 2010 10th IEEE/IPSJ International Symposium, 2010.
  • Ye, Yanfang, et al. "IMDS: Intelligent malware detection system." Proceedings of the 13th ACM SIGKDD international conference on Knowledge discovery and data mining, 2007.
  • Yan, Wei, Zheng Zhang, and Nirwan Ansari. "Revealing packed malware." IEEE Security & Privacy, pp. 65-69, 2008.
  • Xie, Mengjun, Zhenyu Wu, and Haining Wang. "Secure instant messaging in enterprise-like networks." Computer Networks 56.1, pp. 448-461, 2012.
  • Xie, Mengjun, Zhenyu Wu, and Haining Wang. "HoneyIM: Fast detection and suppression of instant messaging malware in enterprise-like networks." IEEE Computer Security Applications Conference. ACSAC 2007. Twenty Third Annual, 2007.
  • Xiao, Fu, Shi Jin, and Xie Li. "A novel data mining-based method for alert reduction and analysis." Journal of networks, pp. 88-97, 2010.
  • Willems, Carsten, Thorsten Holz, and Felix Freiling. "Toward automated dynamic malware analysis using cwsandbox." IEEE Security & Privacy, pp. 32-39, 2007.
  • Wang, Yi-Min, et al. "Automated web patrol with strider honeymonkeys." Proceedings of the 2006 Network and Distributed System Security Symposium. 2006.
  • Virustotal, https://www.virustotal.com
  • Valdes, Alfonso, and Keith Skinner. "Probabilistic alert correlation." Recent advances in intrusion detection. Springer Berlin Heidelberg, 2001.
  • Trinius, Philipp, et al. "Visual analysis of malware behavior using treemaps and thread graphs." 6th International Workshop on IEEE Visualization for Cyber Security, 2009.
  • TrendLabs APT Research Team, "Spear-Phishing Email: Most Favored APT Attack Bait", Trend Micro, 2012.
  • TheSecDevGroup, "Tracking GhostNet: Investigating a Cyber Espionage Network", March 2009.
  • Thakur, Manoj Rameshchandra, et al. "Detection and Prevention of Botnets and malware in an enterprise network." International Journal of Wireless and Mobile Computing 5.2, pp. 144-153, 2012.
  • Sun, Xiaoyan, et al. "Collecting internet malware based on client-side honeypot." Young Computer Scientists, 2008. ICYCS 2008. The 9th International Conference for. IEEE, 2008.
  • Stolfo, Salvatore J., et al. "Behavior-based modeling and its application to email analysis." ACM Transactions on Internet Technology (TOIT) 6.2, pp. 187-221, 2006.
  • Song, Dawn, et al. "BitBlaze: A new approach to computer security via binary analysis." Information systems security. Springer Berlin Heidelberg, pp. 1-25, 2008.
  • Solutionary, Inc., "Defending Against Advanced Persistent Threats", January, 2012.
  • Ruili, Zhou, et al. "Application of CLIPS expert system to malware detection system." Computational Intelligence and Security, CIS'08. International Conference on. Vol. 1, 2008.
  • Royal, Paul, et al. "Polyunpack: Automating the hidden-code extraction of unpack-executing malware." IEEE Computer Security Applications Conference, 2006.
  • Roundy, Kevin A., and Barton P. Miller. "Binary-code obfuscations in prevalent packer tools." ACM Computing Surveys (CSUR), 2013.
  • Rossow, Christian, et al. "Sandnet: Network traffic analysis of malicious software." Proceedings of the First Workshop on ACM Building Analysis Datasets and Gathering Experience Returns for Security, 2011.
  • Roland Dela Paz, “The HeartBeat APT Campaign”, Trend Micro Incorporated Research Paper, 2012.
  • Qin, Xinzhou, and Wenke Lee. "Statistical causality analysis of infosec alert data." Recent Advances in Intrusion Detection. Springer Berlin Heidelberg, 2003.
  • Park, In-woo, and Dea-woo Park. "Study of Keylogger Information Sniffing by Using Hooking Technology." Journal of Next Generation Information Technology 4.9, 2013.
  • Norman Sandbox, http://www.norman.com
  • Noel, Steven, Eric Robertson, and Sushil Jajodia. "Correlating intrusion events and building attack scenarios through attack graph distances." IEEE Computer Security Applications Conference, 2004.
  • Ning, Peng, and Yun Cui. "Y.: An Intrusion Alert Correlator Based on Prerequisites of Intrusions.", 2002.
  • Ning, Peng, Yun Cui, and Douglas S. Reeves. "Constructing attack scenarios through correlation of intrusion alerts." Proceedings of the 9th ACM conference on Computer and communications security, 2002.
  • Ning, Peng, Yun Cui, and Douglas S. Reeves. "Analyzing intensive intrusion alerts via correlation." Recent Advances in Intrusion Detection. Springer Berlin Heidelberg, 2002.
  • Niki, Aikaterinaki. "Drive-by download attacks: Effects and detection methods." 3rd IT student conference for the next generation, University of East London, London, UK. 2009.
  • NIST F&Q, http://csrc.nist.gov/publications/nistpubs/800-39/SP800-39-final.pdf
  • Mohr, Gordon, et al. "Introduction to heritrix." 4th International Web Archiving Workshop. 2004.
  • Miwa, Shinsuke, et al. "Design and Implementation of an Isolated Sandbox with Mimetic Internet Used to Analyze Malwares." DETER. 2007.
  • MapReduce를 이용한 대용량 보안 로그 분석
    최대수 한국정보기술학회논문지, pp. 125-132 [2011]
  • Lu, Huabiao, Xiaofeng Wang, and Jinshu Su. "CCS: Collaborative Malware Clustering and Signature Generation using Malware Behavioral Analysis." International Journal of Hybrid Information Technology, pp. 147-152, 2012.
  • Logothetis, Dionysios, et al. "In-situ MapReduce for log processing." 2011 USENIX Annual Technical Conference (USENIX ATC’11), 2011.
  • Lee, Jae-Seo, et al. "The activity analysis of malicious http-based botnets using degree of periodic repeatability." IEEE Security Technology,. SECTECH'08. International Conference on, 2008.
  • Kruegel, Christopher, Giovanni Vigna, and William Robertson. "A multi-model approach to the detection of web-based attacks." Computer Networks, pp. 717-738, 2005.
  • Konstantinou, Evgenios, and Stefen Wolthusen. "Metamorphic virus: Analysis and detection." Royal Holloway University of London 15, 2008.
  • Komisarczuk, Peter, Ramon Steenson, and Christian Seifert. The Capture-HPC client architecture. School of Engineering and Computer Science, Victoria University of Wellington, 2009.
  • Julisch, Klaus. "Mining alarm clusters to improve alarm handling efficiency." Computer Security Applications Conference, ACSAC 2001. Proceedings 17th Annual. IEEE, 2001.
  • Joltsik, Networkworld
    “빅 데이터 보안 분석의 정의와 요건” IDG Tech Focus [2013]
  • Joll, Bill, Keith Rhodes, and James Deerman. "Cyber Behavior Analysis and Detection Method, System and Architecture." U.S. Patent Application 13/693,226.
  • Jiang, Xuxian, and Dongyan Xu. "Profiling self-propagating worms via behavioral footprinting." Proceedings of the 4th ACM Workshop on Recurring Malcode. ACM, 2006.
  • Jacob, Gr goire, et al. "A static, packer-agnostic filter to detect similar malware samples." Detection of intrusions and Malware, and vulnerability assessment. Springer Berlin Heidelberg, pp. 102-122, 2013.
  • Inoue, Daisuke, et al. "Automated malware analysis system and its sandbox for revealing malware's internal and external activities." IEICE transactions on information and systems, pp. 945-954, 2009.
  • Ikinci, Ali, Thorsten Holz, and Felix C. Freiling. "Monkey-Spider: Detecting Malicious Websites with Low-Interaction Honeyclients." Sicherheit. Vol. 8. 2008.
  • Hu, Xin, et al. "MutantX-S: Scalable Malware Clustering Based on Static Features." USENIX Annual Technical Conference. 2013.
  • Guo, Fanglu, Peter Ferrie, and Tzi-Cker Chiueh. "A study of the packer problem and its solutions." Recent Advances in Intrusion Detection. Springer Berlin Heidelberg, 2008.
  • Gragido, Will, "Lions at the Watering Hole – The "VOHO" Affair". The RSA Blog. EMC Corporation, 2012.
  • Fredrikson, Matt, et al. "Synthesizing near-optimal malware specifications from suspicious behaviors." Security and Privacy (SP), 2010 IEEE Symposium on. IEEE, 2010.
  • Ferrie, Peter. "Anti-unpacker tricks–part one." Virus Bulletin, 2008.
  • Eric M. Hutchins, Michael J. Clopperty, Rohan M. Amin, Ph.D. "Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains". Lockheed Martin Corporation Abstract. Retrieved March 13, 2013.
  • Elshoush, Huwaida Tagelsir, and Izzeldin Mohamed Osman. "Alert correlation in collaborative intelligent intrusion detection systems—A survey." Applied Soft Computing, pp. 4349-4365, 2011.
  • Egele, Manuel, Engin Kirda, and Christopher Kruegel. "Mitigating drive-by download attacks: Challenges and open problems." iNetSec 2009–Open Research Problems in Network Security. Springer Berlin Heidelberg, pp. 52-62. 2009.
  • ESM 에서 보안이벤트 분석기술에 관한 연구.
    이용균 최대수 한국정보과학회 한국컴퓨터종합학술대회 논문집 제 34 권 제 1 호 (D) 34.1D, pp. 21-24, 2007 [2007]
  • Dain, Oliver M., and Robert K. Cunningham. "Building scenarios from a heterogeneous alert stream." Proceedings of the 2001 IEEE workshop on Information Assurance and Security. Vol. 235. West Point, NY, USA, 2001.
  • Cuckoo Sandbox, http://www.cuckoosandbox.org/
  • Coogan, Kevin, et al. "Automatic static unpacking of malware binaries." IEEE 16th Working Conference on Reverse Engineering, 2009.
  • Command Five Pty Ltd. “Advanced Persistent Threats:A Decade in Review”, June 2011.
  • Christodorescu, Mihai, and Somesh Jha. Static analysis of executables to detect malicious patterns. WISCONSIN UNIV-MADISON DEPT OF COMPUTER SCIENCES, 2006.
  • Cheung, Steven, Ulf Lindqvist, and Martin W. Fong. "Modeling multistep cyber attacks for scenario recognition." DARPA information survivability conference and exposition, 2003. Proceedings. Vol. 1. IEEE, 2003.
  • Chen, W., and Jazz Wang. "Building a Cloud Computing Analysis System for Intrusion Detection System." CLOUD SLAM, April 2009.
  • Chen, Ping, Lieven Desmet, and Christophe Huygens. "A Study on Advanced Persistent Threats." Communications and Multimedia Security. Springer Berlin Heidelberg, 2014.
  • Cesare, Silvio, and Yang Xiang. "A fast flowgraph based classification system for packed and polymorphic malware on the endhost." 24th IEEE International Conference on Advanced Information Networking and Applications, 2010.
  • CWSandbox, http://www.threattracksecurity.com
  • Binkley, James R., and Suresh Singh. "An algorithm for anomaly-based botnet detection." Proceedings of USENIX Steps to Reducing Unwanted Traffic on the Internet Workshop (SRUTI). 2006.
  • Bednar, Peter, Moufida Sadok, and Vasilis Katos. "Contextual Dependencies in Information Systems Security." Workshop on Information Security and Privacy (WISP) 2013, AIS SIGSEC and IFIP TC 11.1. 2013.
  • Bayer, Ulrich, et al. "Scalable, Behavior-Based Malware Clustering." NDSS. Vol. 9. 2009.
  • Anubis, http://anubis.iseclab.org/
  • Albright, David, Paul Brannan, and Christina Walrond. Did Stuxnet Take Out 1,000 Centrifuges at the Natanz Enrichment Plant?. Institute for Science and International Security, 2010.
  • Al Daoud, Essam, Iqbal H. Jebril, and Belal Zaqaibeh. "Computer virus strategies and detection methods." Int. J. Open Problems Compt. Math 1.2, pp. 12-20, 2008.