DOI QR코드

DOI QR Code

Adaptive Multi-Layer Security Approach for Cyber Defense

사이버 방어를 위한 적응형 다중계층 보호체제

  • Lee, Seong-kee (The 2nd R&D Institute-3, Agency for Defense Development) ;
  • Kang, Tae-in (The 2nd R&D Institute-3, Agency for Defense Development)
  • Received : 2015.02.02
  • Accepted : 2015.07.21
  • Published : 2015.10.31

Abstract

As attacks in cyber space become advanced and complex, monotonous defense approach of one-one matching manner between attack and defense may be limited to defend them. More efficient defense method is required. This paper proposes multi layers security scheme that can support to defend assets against diverse cyber attacks in systematical and adaptive. We model multi layers security scheme based on Defense Zone including several defense layers and also discuss essential technical elements necessary to realize multi layers security scheme such as cyber threats analysis and automated assignment of defense techniques. Also effects of multi layers security scheme and its applicability are explained. In future, for embodiment of multi layers security scheme, researches about detailed architecture design for Defense Zone, automated method to select the best defense technique against attack and modeling normal state of asset for attack detection are needed.

사이버 공간에서 첨예화, 복잡화되고 있는 공격을 일대일 방식으로 방어하는데 한계가 있으므로 보다 효과적인 방어 방법이 필요하다. 본 고에서는 내외부의 공격에 대해 자산을 체계적 적응적으로 방어할 수 있는 다중계층 보안체제 구축 방안을 제시한다. 방어지역(Defense Zone)을 중심으로 한 다중계층 보안체제의 구조를 고안하고, 사이버 위협분석과 방어기술 자동할당 등 구현에 필요한 기술요소들에 대해 논의한다. 또한, 다중계층 보안체제에 대한 효과와 적용성을 보인다. 향후, 제시된 방안의 구체화를 위해 방어지역에 대한 상세구조설계, 최적 방어기술 자동선택방법, 위협 탐지를 위한 정상상태 모델링 기술 등에 대한 연구가 필요하다.

Keywords

References

  1. F. Yaqin, Z. Ge, L. Miao and Z. Xin, "The study found that the intelligent mobile phone technology of malicious code," ICSEM-13, 2013, pp.1130-1133.
  2. US-CERT Technical Information Paper TIP-10-105-01 Cyber Threats to Mobile Devices, US Dept. of Homeland Security, Apr. 15, 2010.
  3. P. Faruki, A. Bharmal, V. Laxmi, V. Ganmoor, M. S. Gaur, M. Conti and M. Rajarajan, "Android Security: A Survey of Issues, Malware Penetration and Defenses," IEEE Communication Surveys and Tutorial, Jan. 2015.
  4. K. Kim, Development Prospects of Future Internet Security Technology, ppt material, Sep. 2010.
  5. National Science and Technology Council, Federal Plan for Cyber Security and Information Assurance Research and Development, Apr. 2006.
  6. R. Armstrong, J. Mayo and F. Siebenlist, Complexity Science Challenges in Cyber security, Sandia National Lab., Mar. 2009.
  7. P. Phister, "Cyberspace: The Ultimate Complex Adaptive System," The International C2 Journal, vol.4, no.2, 2010-2011.
  8. C. Park, S. Lee, "A Study of the User Privacy Protection Behavior in Online Environment: Based on Protection Motivation Theory," Journal of Internet Computing and Service(JICS), vol.15, no.2, Apr. 2014, pp.59-71. http://dx.doi.org/10.7472/jksii.2014.15.2.59
  9. Y. Ham, H. Lee, "Malicious Trojan Horse Application Discrimination Mechanism using Realtime Event Similarity on Android Mobile Devices," Journal of Internet Computing and Service(JICS), vol.15, no.3, Jun. 2014, pp.31-43. http://dx.doi.org/10.7472/jksii.2014.15.3.31
  10. R. Lamb, R. Hayes and C. Ling, Dynamic Defense: Building Enterprise-wide Cybersecurity that Learns, Adapts, and Proactively Combats Rapidly Changing Cyber Threats, Booz Allen Hamilton Inc., 2012.
  11. K. Wilson and M. Kiy, "Some Fundamental Cybersecurity Concepts," IEEE Access, vol.2 2014, pp.116-124. https://doi.org/10.1109/ACCESS.2014.2305658
  12. R. Goudar and P. More, "Multilayer Security Mechanism in Computer Networks," Int. Jou. of Scientific and Research Pub., vol.2, Issue 1, Jan. 2012.
  13. J. Eom, "Cyber Defense Strategy for Information Superiority in Cyberspace," Journal of Security Engineering, vol.9, no.5, Oct. 2012, pp.377-386.
  14. B. Benyo, P. Pal, R. Schantz, A. Paulos and D. Musliner, "Automated Self-Adaptation for Cyber Defense-Pushing Adaptive Perimeter Protection Inward".
  15. D. Dasgupta. "Immuno-Inspired Autonomic System for Cyber Defense".
  16. A. Shabtal, Y. Fledel, U. Kanonov, Y. Elovici, S. Dolev and C. Glezer, "Google Android:A Comprehensive Security Assessment," IEEE Security & Privacy, Mar./Apr. 2010, pp.35-44.
  17. A. Shabtal, Y. Fledel and Y. Elovici, "Securing Android-Powered Mobile Devices Using SELinux," IEEE Security & Privacy, May/Jun 2010, pp.36-44.
  18. A. Yuksel, A. Zaim and M. Aydin, "A Comprehensive Analysis of Android Security and Proposed Solutions," I.J. Computer Network and Information Security, 2014, pp.9-20. http://www.mecs-press.org/10.5815/ijcnis.2014.12.02
  19. S. Smalley and R. Craig, "Security Enhanced(SE) Android: Bringing Flexible MAC to Android".
  20. D. Wagner and D. Dean, "Intrusion Detection via Static Analysis," IEEE, 2001.
  21. O. Hofmann, A. Dunn, S. Kim, I. Roy and E. Witchel, "Ensuring Operating System Kernel Integrity with OSck," ACM 2011.
  22. N. Petroni and M. Hicks, "Automated Detection of Persistent Kernel Control-Flow Attacks," ACM 2007.
  23. B. Kang, S. Yang and J. Lee, "A Software Development Process for Mobile Applications," Journal of Internet Computing and Service(JICS), vol.15, no.4, Aug. 2014, pp.135-140. http://dx.doi.org/10.7472/jksii.2014.15.4.135

Cited by

  1. Resiliency of mobile OS security for secure personal ubiquitous computing vol.22, pp.1, 2018, https://doi.org/10.1007/s00779-017-1098-x