Journal of the Korea Society of Computer and Information (한국컴퓨터정보학회논문지)

Korean Society of Computer Information (한국컴퓨터정보학회)
권호 표지
DOI QR코드

DOI QR Code

Enhancement of Internal Control by expanding Security Information Event Management System

  • Im, DongSung (Interdisciplinary program of Information Security, Chonnam National University) ;
  • Kim, Yongmin (Dept. of Electronics Commerce, Chonnam National University)
  • Received : 2015.04.15
  • Accepted : 2015.06.24
  • Published : 2015.08.31
Download PDF
⟨ Previous Next ⟩

Abstract

Recently, internal information leaks is increasing rapidly by internal employees and authorized outsourcing personnel. In this paper, we propose a method to integrate internal control systems like system access control system and Digital Rights Managements and so on through expansion model of SIEM(Security Information Event Management system). this model performs a analysis step of security event link type and validation process. It develops unit scenarios to react illegal acts for personal information processing system and acts to bypass the internal security system through 5W1H view. It has a feature that derives systematic integration scenarios by integrating unit scenarios. we integrated internal control systems like access control system and Digital Rights Managements and so on through expansion model of Security Information Event Management system to defend leakage of internal information and customer information. We compared existing defense system with the case of the expansion model construction. It shows that expanding SIEM was more effectively.

Keywords

References

  1. Jerry Shenk, "Learning from Logs: SANS Eighth Annual 2012 Log and Event Management Survey Results", SANS, pp. 2-3, May 2012.
  2. GiHyouk Lee, "A Study on the implementation of leak prevention system through internal information leaks symptom analysis", Journal of The Korea Institute of Information Security & Cryptology, Vol. 19, No. 3, pp. 70-73, June 2009.
  3. NIST FIPS PUB 800-92, Guide to Computer Security Log Management, pp. 2-32, Sep. 2006.
  4. Jae Chan Yoo, "A Study on the Protection for Corporation Information Using Scenario Technique," The Graduate of SungKyunkwan University, pp. 14-16, August 2012.
  5. Kelly M, Mark Nicolett, Oliver Rockford, "Magic Quadrant for Security Information and Event Management", Gartner Group, pp. 2-8, June 2014.
  6. Donghan Kim, "SIEM Trend to the intelligent Log management platform in the Big Data Environment", National IT Industry Promotion Agency, Weekly Technology Trends, pp. 5-8, Aug. 2013.
  7. mcafee, http://www.mcafee.com/us/resources/reports/rp-when-minutes-count.pdf
  8. Soondeok Yu, "Security response technology in the Big Data Environment ", National IT Industry Promotion Agency, Weekly Technology Trends, pp. 9-11, Sep. 2013.
  9. EMC, http://www.emc.com/security
  10. IBM, http://www-03.ibm.com/software/products/en/qradar-siem
  11. Ki-Soon Yu, and Sul-Hwa Im, "Development directions and technology trends of SIEM", Journal of The Korea Institute of Information Security & Cryptology, Vol. 23, No. 6, pp. 91-93, Dec. 2013.
  12. Gartner, http://blogs.gartner.com/ramon-krikken/2012/05/22/siem-future-would-you-like-some-context-with-that/
  13. Jong-Hyun Kim, and SeonHee Lim, "Technical Trends of Cyber Security with Big Data", Electronics and Telecommunications Research Institute, 2013 Electronics and Telecommunications Trends, pp. 20-23, June 2013.