ETRI-Knowledge Sharing Plaform

KOREAN
특허 검색
Status Country
Year ~ Keyword

Detail

Registered APPARATUS AND METHOD FOR ANALYZING RULE-BASED SECURITY EVENT ASSOCIATION

규칙기반 물리/IT 보안 이벤트 연관성 분석 장치 및 방법
이미지 확대
Inventors
Dong Ho Kang, Seon-Gyoung Sohn, Jeong Chi Yoon, Na Jung-Chan, Cho Hyun Sook, Kim Ik Kyun
Application No.
13714362 (2012.12.13)
Publication No.
20130160074 (2013.06.20)
Registration No.
9158894 (2015.10.13)
Country
UNITED STATES
Project Code
11MS2500, Development of Intrusion detection and response technology based on the security convergence for protecting Information assets of Industrial facilitie, Na Jung-Chan
Abstract
An apparatus for analyzing rule-based security event association includes a rule management unit to check whether an security event is a candidate security event requiring association analysis, and an event management unit to analyze the candidate security event and check whether the analyzed security event is the candidate security event requiring association analysis. An association processing unit analyzes whether an association event of a rule DB corresponding to a user ID of the candidate security event is matched with a user event list to generate an association analysis result.
KSP Keywords
Event Management, Processing unit, Rule management, Rule-based, User ID, association analysis, security event