• The Journal of the Korea Contents Association
• /
• v.16 no.11
• /
• pp.139-153
• /
• 2016

Cyber incident collected from cyber-threat-intelligence sharing Center is growing rapidly due to expanding malicious code. It is difficult for Incident analysts to extract and classify similar features due to Cyber Attacks. To solve these problems the existing Similarity Analysis Method is based on single or multiple cyber observable of similar incidents from Cyber Attacks data mining. This method reduce the workload for the analysis but still has a problem with enhancing the unreality caused by the provision of improper and ambiguous information. We propose a incident analysis model performed similarity analysis on the hierarchically classified cyber observable based on cyber incident that can enhance both availability by the provision of proper information. Appling specific cyber incident analysis model, we will develop a system which will actually perform and verify our suggested model.