Registered
APPARATUS AND METHOD FOR ANALYZING RULE-BASED SECURITY EVENT ASSOCIATION
- Inventors
-
Dong Ho Kang, Seon-Gyoung Sohn, Jeong Chi Yoon, Na Jung-Chan, Cho Hyun Sook, Kim Ik Kyun
- Application No.
-
13714362 (2012.12.13)
- Publication No.
-
20130160074 (2013.06.20)
- Registration No.
- 9158894 (2015.10.13)
- Country
- UNITED STATES
- Project Code
-
11MS2500, Development of Intrusion detection and response technology based on the security convergence for protecting Information assets of Industrial facilitie,
Na Jung-Chan
- Abstract
- An apparatus for analyzing rule-based security event association includes a rule management unit to check whether an security event is a candidate security event requiring association analysis, and an event management unit to analyze the candidate security event and check whether the analyzed security event is the candidate security event requiring association analysis. An association processing unit analyzes whether an association event of a rule DB corresponding to a user ID of the candidate security event is matched with a user event list to generate an association analysis result.
- KSP Keywords
- Event Management, Processing unit, Rule management, Rule-based, User ID, association analysis, security event