산업융합연구 (Journal of Industrial Convergence)

  • 제20권7호
  • /
  • Pages.65-71
  • /
  • 2022
  • /
  • 2635-8875(pISSN)
  • /
  • 2672-0124(eISSN)
대한산업경영학회 (DAEHAN Society of Industrial Management)
권호 표지
DOI QR코드

DOI QR Code

이벤트 감지를 통한 파일 유출 대응 시스템 설계

A Design of File Leakage Response System through Event Detection

  • 투고 : 2022.05.09
  • 심사 : 2022.07.20
  • 발행 : 2022.07.28
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

ICT의 발달과 함께 4차 산업혁명 시대가 도래 하면서 데이터의 양은 방대해지고, 빅데이터 기술들이 대두되면서 데이터를 가공, 저장, 처리하는 기술이 중요해지고 있다. 본 논문에서는 산업체와 공공장소 등에서 중요 파일 유출 시 그 피해는 국가적, 재산적으로 심각하기 때문에 모니터링을 통해 이벤트를 감지하고 해시 값을 이용하여 판단하는 시스템을 제안한다. 연구 방법으로는 선택적 이벤트 방식을 사용하여 파일 유출 발생 시 암호화 작업 수행 후 사전에 등록한 해시 값을 비교한 뒤 중요 파일 여부를 판단한다. 특정 이벤트에 대한 모니터링으로 시스템 부하를 최소화하고 Signature를 분석한 후 판별하여 정확성을 개선한다. 데이터베이스에 사전 등록한 해시 값을 비교하여 판별하는 것으로 기밀성을 개선한다. 향후 연구로는 네트워크 및 다양한 경로를 통한 파일 유출 방지를 위한 보안 솔루션 연구가 필요하다.

With the development of ICT, as the era of the 4th industrial revolution arrives, the amount of data is enormous, and as big data technologies emerge, technologies for processing, storing, and processing data are becoming important. In this paper, we propose a system that detects events through monitoring and judges them using hash values because the damage to important files in case of leakage in industries and public places is serious nationally and property. As a research method, an optional event method is used to compare the hash value registered in advance after performing the encryption operation in the event of a file leakage, and then determine whether it is an important file. Monitoring of specific events minimizes system load, analyzes the signature, and determines it to improve accuracy. Confidentiality is improved by comparing and determining hash values pre-registered in the database. For future research, research on security solutions to prevent file leakage through networks and various paths is needed.

키워드

과제정보

This Research was supported by the Tongmyong University Research Grants (2020(2020A033-1).

참고문헌

  1. H. S. Lee, D. J. Kim, H. J. Lee & D. H. Hwang. (2021). A File Access Control System Based on File Access Logs for Ransomware Response and Data Loss Prevention System. Korea Computer Congress 2021.
  2. J. S. Lee & K. H. Lee. (2014). A Study on Security Container to Prevent Data Leaks. Journal of The Korea Institute of Information Security & Cryptology, 24(6), 1225-1241. DOI :10.13089/JKIISC.2014.24.6.1225
  3. G. J. Shin, G. H. Jung, D. M. Yang & B. H. Lee. (2017). A USB DLP Scheme for Preventing Loss of Internal Confidential Files. Journal of the Korea Institute of Information and Communication Engineering, 21(12), 2333-2340. DOI : 10.6109/jkiice.2017.21.12.2333
  4. M. B. Hyun & S. J. Lee. (2016). The Proactive Threat Protection Method from Predicting Resignation Throughout DRM Log Analysis and Monitor. Journal of The Korea Institute of Information Security & Cryptology, 26(2), 369-375. DOI : 10.13089/JKIISC.2016.26.2.369
  5. B. J. Jeon, D. B. Yoon & S. S. Shin. (2017). Improved Integrated Monitoring System Design and Construction. Journal of Convergence for Information Technology, 7(1), 25-33. DOI : 10.22156/CS4SMB.2017.7.1.025
  6. J. H. Choi & S. Y. Rhew. (2005). Monitoring System of File Outflow through Storage Devices and Printers. Journal of the Korea Institute of Information Security & Cryptology, 15(4), 51-60. https://doi.org/10.13089/JKIISC.2005.15.4.51
  7. J. U. Choi, Y. J. Lee & J. M. Park. (2012). E-DRM-based Privacy Protection Technology for Overcoming Technical Limitations of DLP-based Solutions. Journal of the Korea Institute of Information Security & Cryptology, 22(5), 1103-1113. https://doi.org/10.13089/JKIISC.2012.22.5.1103
  8. J. H. Ko, G. S. Lee, H. Y. Kim & N. G. Kim. (2020). A Log Management System of Removable Storage Devices Based on Blockchain. Journal of Korean Institute of Information Technology, 18(7), 51-56. https://doi.org/10.14801/jkiit.2020.18.7.51
  9. H. B. Chang. (2015). A Study on The Countermeasure by The Types through Case Analysis of Industrial Secret Leakage Accident. Convergence security journal, 15(7), 39-45.
  10. Police. (2021). Police Statistical Yearbook. (Online). https://www.police.go.kr
  11. The JoongAng. (2020). Available online: https://news.joins.com/article/23883461
  12. Insight. (2021). Available online: https://www.insight.co.kr/news/322291
  13. M. R. Lee. (2017). A study on the improvement plan of monitoring system for preventing inside information loss of Korean firms overseas. Sungkyunkwan University.
  14. J. H. In. (2015). Research on DLP security policy with case study of internal information leakage. Dankook University.
  15. S. J. Ahn. (2016). Countermeasures to strengthen technology protection capabilities of SMEs. Industry-Academic Cooperation Foundation of Sungkyunkwan University.
  16. H. H. Heo. (2007). Small and medium-sized enterprise technology leakage cases and response strategies. Korea Industrial Technology Promotion Association.
  17. Ministry of SMEs and Startups. (2021). Amount of damage from technology leakage(Online). https://www.ultari.go.kr/portal/introduce/realTechProtect.do
  18. S. J. Yoo. (2018). A Study on DLP System for Preventing Internal Information Leakage. Convergence security journal, 18(5), 121-126.
  19. H. R. Yoo, G. J. Shin, D. M. Yang & B. H. Lee. (2018). A Digital Secret File Leakage Prevention System via Hadoop-based User Behavior Analysis. Journal of the Korea Institute of Information and Communication Engineering, 22(11), 1544-1553. DOI : 10.6109/jkiice.2018.22.11.1544