ETRI-Knowledge Sharing Plaform

ENGLISH

성과물

논문 검색
구분 SCI
연도 ~ 키워드

상세정보

학술지 DTB-IDS: An Intrusion Detection System Based on Decision Tree using Behavior Analysis for Preventing APT Attacks
Cited 68 time in scopus Download 13 time Share share facebook twitter linkedin kakaostory
저자
문대성, 임형진, 김익균, 박종혁
발행일
201707
출처
Journal of Supercomputing, v.73 no.7, pp.2881-2895
ISSN
0920-8542
출판사
Springer
DOI
https://dx.doi.org/10.1007/s11227-015-1604-8
협약과제
16MH2100, 다중소스 데이터의 Long-term History 분석기반 사이버 표적공격 인지 및 추적기술 개발, 김익균
초록
Due to rapid growth of communications and networks, a cyber-attack with malicious codes has been coming as a new paradigm in information security area since last few years. In particular, an advanced persistent threats (APT) attack is bringing out big social issues. The APT attack uses social engineering methods to target various systems for intrusions. It breaks down the security of the target system to leak information or to destroy the system by giving monetary damages on the target. APT attacks make relatively simple attacks such as spear phishing during initial intrusion but a back door is created by leaking the long-term information after initial intrusion, and it transmits the malicious code by analyzing the internal network. In this paper, we propose an intrusion detection system based on the decision tree using analysis of behavior information to detect APT attacks that intellectually change after intrusion into a system. Furthermore, it can detect the possibility on the initial intrusion and minimize the damage size by quickly responding to APT attacks.
키워드
Advanced persistent threats (APT), Behavior analysis, Decision tree, Intrusion detection
KSP 제안 키워드
APT attacks, Behavior analysis, Cyber attacks, Decision Tree(DT), Engineering Methods, Intrusion detection system(IDS), Malicious code, Security area, Social issues, Spear phishing, advanced persistent threat