규칙기반 물리/IT 보안 이벤트 연관성 분석 장치 및 방법
강동호, 정치윤, 나중찬, 손선경, 김익균, 조현숙
- 9158894 (2015.10.13)
- An apparatus for analyzing rule-based security event association includes a rule management unit to check whether an security event is a candidate security event requiring association analysis, and an event management unit to analyze the candidate security event and check whether the analyzed security event is the candidate security event requiring association analysis. An association processing unit analyzes whether an association event of a rule DB corresponding to a user ID of the candidate security event is matched with a user event list to generate an association analysis result.
- KSP 제안 키워드
- Event Management, Processing unit, Rule management, Rule-based, User ID, association analysis, security event