과제정보
This work was supported by Institute for Information & communications Technology Planning & Evaluation (IITP) grant funded by the Korea government (MSIT) (No. 2019-0-01343, Training Key Talents in Industrial Convergence Security).
참고문헌
- Y. Lee, "Hacking into PyeongChang Winter Olympics: a long time ago carefully prepared APT, system destruction attack," 2018 [Online]. Available: https://byline.network/2018/05/3-13/.
- G. Andy, "The Untold Story of the 2018 Olympics Cyberattack, the Most Deceptive Hack in History," 2019 [Online]. Available: https://www.wired.com/story/untold-story-2018-olympics-destroyer-cyberattack/.
- S. Y. Choi, C. G. Lim, and Y. M. Kim, "Automated link tracing for classification of malicious websites in malware distribution networks," Journal of Information Processing Systems, vol. 15, no. 1, pp. 100-115, 2019. https://doi.org/10.3745/JIPS.03.0107
- H. Arshad, A. B. Jantan, and O. I. Abiodun, "Digital forensics: review of issues in scientific validation of digital evidence," Journal of Information Processing Systems, vol. 14, no. 2, pp. 346-376, 2018. https://doi.org/10.3745/JIPS.03.0095
- A. Souri and R. Hosseini, "A state-of-the-art survey of malware detection approaches using data mining techniques," Human-centric Computing and Information Sciences, vol. 8, article no. 3, 2018. https://doi.org/10.1186/s13673-018-0125-x
- Korea Internet & Security Agency, "Research for malware mutants group identification based on data mining," 2017 [Online]. Available: https://www.kisa.or.kr/public/library/report_View.jsp?regno=022709&searchType=&searchKeyword=&pageIndex=1.
- AV-TEST Institute, "Latest malware statistics and trends report," 2021 [Online]. Available: https://www.avtest.org/en/statistics/malware/.
- T. G. Kim and E. G. Im, "Code Reuse Analysis Techniques for Detection of Malware Variant," Journal of the Korea Institute of Information Security and Cryptology, vol. 24, no. 1, pp. 32-38, 2014.
- J. Zhang, K. Zhang, Z. Qin, H. Yin, and Q. Wu, "Sensitive system calls based packed malware variants detection using principal component initialized multilayers neural networks," Cybersecurity, vol. 1, article no. 10, 2018. https://doi.org/10.1186/s42400-018-0010-y
- S. B. Park, M. S. Kim, and B. N. Noh, "Detection method using common features of malware variants generated by automated tools," Journal of Korean Institute of Information Technology, vol. 10, no. 9, pp. 67-75, 2012.
- D. Moon, H. Lee, and I. Kim, "Host based feature description method for detecting APT attack," Journal of the Korea Institute of Information Security & Cryptology, vol. 24, no. 5, pp. 839-850, 2014. https://doi.org/10.13089/JKIISC.2014.24.5.839
- S. Kang, S. Kim, M. Park, and J. Kim, "Study on windows event log-based corporate security audit and malware detection," Journal of the Korea Institute of Information Security & Cryptology, vol. 28, no. 3, pp. 591-603, 2018. https://doi.org/10.13089/JKIISC.2018.28.3.591
- Microsoft, "Sysmon v13.23," 2021 [Online]. Available: https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon.