Design and Implementation of Automatic Security Event Analysis System for Effective Intrusion Response 


Vol. 46,  No. 2, pp. 302-309, Feb.  2021
10.7840/kics.2021.46.2.302


PDF
  Abstract

Recently, most organizations and companies have been establishing their own security control process that collects security logs based on big data in order to respond to cyber-attacks. However, there are some degree of limitations in responding cyber-attacks that are becoming more intelligent day by day. This paper deals with a design and implementation of security event automatic analysis system that is applied in the security control system for cyber attack response. The proposed system collects and analyzes http ‘body’ information along with http ‘header’ as the security log even if the existing system makes use of http ‘header’ only. On concentrating of the mail security events, an automatic analysis of security log are executed a true or false decision based on the machine learning technique, to determine whether there"s a malicious web attack. In addition, the detected attack can be blocked by instructing the firewall device, in order to be applied the protection rule immediately through the security control situation panel. As a result, the proposed scheme shows that the total amount of security events are reduced about 40%, and achieved 10% improvement in the attack detection rate in compare to the existing SIEM system

  Statistics
Cumulative Counts from November, 2022
Multiple requests among the same browser session are counted as one view. If you mouse over a chart, the values of data points will be shown.


  Cite this article

[IEEE Style]

B. Choi, J. Cho, G. Cho, "Design and Implementation of Automatic Security Event Analysis System for Effective Intrusion Response," The Journal of Korean Institute of Communications and Information Sciences, vol. 46, no. 2, pp. 302-309, 2021. DOI: 10.7840/kics.2021.46.2.302.

[ACM Style]

Bang-ho Choi, Juphil Cho, and Gihwan Cho. 2021. Design and Implementation of Automatic Security Event Analysis System for Effective Intrusion Response. The Journal of Korean Institute of Communications and Information Sciences, 46, 2, (2021), 302-309. DOI: 10.7840/kics.2021.46.2.302.

[KICS Style]

Bang-ho Choi, Juphil Cho, Gihwan Cho, "Design and Implementation of Automatic Security Event Analysis System for Effective Intrusion Response," The Journal of Korean Institute of Communications and Information Sciences, vol. 46, no. 2, pp. 302-309, 2. 2021. (https://doi.org/10.7840/kics.2021.46.2.302)

Search
(IN TITLE, AUTHOR, ABSTRACT,KEYWORDS)

Advanced Search

POPULAR KEYWORDS
(TOP 10 KEYWORDS)

Recent Publications
(LAST 3 YEARS)






pISSN : 1226 - 4717
eISSN : 2287 - 3880