상세정보
등록 보안 이벤트의 연관 분석을 통한 사이버 침해 위협 탐지 방법
- 출원번호
- 15823209 (2017.11.27)
- 공개번호
- 20180191761 (2018.07.05)
- 등록번호
- 10523697 (2019.12.31)
- 출원국
- 미국
- 협약과제
- 16HH1900, 맞춤형 보안서비스 제공을 위한 클라우드 기반 지능형 보안 기술 개발, 김익균
- 초록
- Disclosed is a method for detecting a cyberthreat through correlation analysis of security events, which includes extracting a false-positive data set by extracting, from source data, information about security events occurring during a predetermined time period based on a time at which erroneous detection occurred; extracting a true-positive data set by extracting, from the source data, information about security events occurring during the predetermined time period based on a time at which an intrusion threat was correctly detected; extracting a current data set by extracting information about security events occurring during the predetermined time period from data to be analyzed; generating event coincidence statistics by extracting a frequency of each security event in the respective data sets and by compiling statistics thereon; generating an event vector based on the event coincidence statistics; and performing intrusion threat detection through a vector space model based on the event vector.
- KSP 제안 키워드
- Correlation Analysis, Data sets, False-positive data, Positive data, Threat Detection, Time period, Vector based, Vector space model(VSM), model-based, security event, space model, vector space
- 패밀리
| 구분 | 특허 | 출원국 | KIPRIS |
|---|---|---|---|
| 등록 | 보안 이벤트의 연관 분석을 통한 사이버 침해 위협 탐지 방법 및 장치 | 대한민국 | KIPRIS |