Journal of KIISE:Computer Systems and Theory (한국정보과학회논문지:시스템및이론)

Korean Institute of Information Scientists and Engineers (한국정보과학회)
권호 표지

Security Risk Evaluation Scheme for Effective Threat Management

효과적인 위협관리를 위한 보안 위험도 평가기법

  • 강필용 (한국인터넷진흥원 정보보호본부)
  • Published : 2009.10.15
Download PDF
⟨ Previous Next ⟩

Abstract

It is most important that identifying security threats(or vulnerabilities) of critical IT assets and checking the propriety of related security countermeasures in advance for enhancing security level. In this paper, we present a new security risk evaluation scheme based on critical assets and threats for this. The presented scheme provides the coverage and propriety of the countermeasures(e.g., intrusion detection rules and vulnerability scan rules, etc.), and the quantitative risk level of identified assets and threats. So, it is expected that the presented scheme will be utilized in threat management process efficiently compared to previous works.

중요 IT 자산에 대한 보안성 강화를 위해서는 관련 위협(또는 취약점)의 식별 및 이에 대한 보안 대비책의 적정성 분석이 선행되어야 한다. 이를 위해 본 논문에서는 자산 및 위협에 기반한 보안 위험도 평가기법을 제안한다. 제안한 기법은 식별된 자산 및 위협 관련 공격시도 탐지와 취약점 점검 등의 대응 범위 및 수준의 사전 점검과 정량적인 위험도 평가를 제공함으로써 기존 연구에 비해 효과적으로 위협관리 업무에 활용될 것으로 기대된다.

Keywords

References

  1. S. Drew, "Reducing Enterprise Risk with Effective Threat Management," Information Systmes Security, vol.13, Jan. 2005, pp.37-42. https://doi.org/10.1201/1086/44954.13.6.20050101/86219.6
  2. S. J. Scott, "Threat Management Systems - The State of Intrucsion Detection," Snort Documents, Aug. 2002, hppt://www.snort.org/docs/threatmenagement.pdf
  3. Cisco Threat Response, http://www.cisco.com
  4. Symantec DeepSight Threat Management System, http://www.symantec.com
  5. G. Stonebumer, A. Goguen, and A. Feringa, "Risk Management Guide for Information Technology Systems," NIST SP 800-30, NIST, July 2002.
  6. British Standard Institute, "Guide to BS7799 Risk Assessment," PD 3002:2002, 2002.
  7. ISO/IEC JCT 1/SC 27, "Guidelines for the Management of IT Security(GMITS) - Park 3: Techniques for the Management of IT Security," ISO/IEC TR 13335-3:1998, 1998,
  8. P. Kan and W. Si, "Mesage-basd Open EFramewor orSecurity ncidents Prevention and Respnse," Proceeding ofthe JWIS2007, Japan (Tkyo), Aug. 207, pp.395-408.
  9. CVE - Common Vulnerabiliie and Expsures, MITRE,http://w.cve.itre.org
  10. SNORT - Th OpenSourc etwork Inrusion Detection System, http://www.snort.org
  11. NESSUS - Vuneablity Scanner, http://www.nessus.org
  12. SARA - Security Auitor's Research Assistant,http://www.arc.com/sara/
  13. BUGtrag,http://www.securityfocus.com