• Title/Summary/Keyword: 그룹인텔리전스

Search Result 8, Processing Time 0.024 seconds

BPAF2.0: Extended Business Process Analytics Format for Mining Process-driven Social Networks (BPAF2.0: 프로세스기반 소셜 네트워크 마이닝을 위한 비즈니스 프로세스 분석로그 포맷의 확장 표준)

  • Jeon, Myung-Hoon;Ahn, Hyun;Kim, Kwang-Hoon
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.36 no.12B
    • /
    • pp.1509-1521
    • /
    • 2011
  • WfMC, which is one of the international standardization organizations leading the business process and workflow technologies, has been officially released the BPAF1.0 that is a standard format to record process instances' event logs according as the business process intelligence mining technologies have recently issued in the business process and workflow literature. The business process mining technologies consist of two groups of algorithms and their analysis techniques; one is to rediscover flow-oriented process-intelligence, such as control-flow, data-flow, role-flow, and actor-flow intelligence, from process instances' event logs, and the other has something to do with rediscovering relation-oriented process-intelligence like process-driven social networks and process-driven affiliation networks from the event logs. The current standardized format of BPAF1.0 aims at only supporting the control-flow oriented process-intelligence mining techniques, and so it is unable to properly support the relation-oriented process-intelligence mining techniques. Therefore, this paper tries to extend the BPAF1.0 so as to reasonably support the relation-oriented process-intelligence mining techniques, and the extended BPAF is termed BPAF2.0. Particularly, we have a plan to standardize the extended BPAF2.0 as not only the national standard specifications through the e-Business project group of TTA, but also the international standard specifications of WfMC.

OSINT기반의 활용 가능한 사이버 위협 인텔리전스 생성을 위한 위협 정보 수집 시스템

  • Kim, KyeongHan;Lee, Seulgi;Kim, Byungik;Park, SoonTai
    • Review of KIISC
    • /
    • v.29 no.6
    • /
    • pp.75-80
    • /
    • 2019
  • 2018년까지 알려진 표적공격 그룹은 꾸준히 증가하여 현재 155개로 2016년 대비 39개가 증가하였고, 침해사고의 평균 체류시간(dwell-time)은 2016년 172일에서 2018년 204일로 32일이 증가하였다. 점점 다양해지고 심화되고 있는 APT(Advanced Persistent Threat)공격에 대응하기 위하여 국내외 기업들의 사이버 위협 인텔리전스(CTI; Cyber Threat Intelligence) 활용이 증가하고 있는 추세이다. 현재 KISA에서는 글로벌 동향에 발맞춰 CTI를 활용할 수 있는 시스템을 개발 중에 있다. 본 논문에서는 효율적인 CTI 활용을 위한 OSINT(Open Source Intelligence)기반 사이버 위협 정보 수집 및 연관관계 표현 시스템을 소개하고자 한다.

Ensemble Model using Multiple Profiles for Analytical Classification of Threat Intelligence (보안 인텔리전트 유형 분류를 위한 다중 프로파일링 앙상블 모델)

  • Kim, Young Soo
    • The Journal of the Korea Contents Association
    • /
    • v.17 no.3
    • /
    • pp.231-237
    • /
    • 2017
  • Threat intelligences collected from cyber incident sharing system and security events collected from Security Information & Event Management system are analyzed and coped with expanding malicious code rapidly with the advent of big data. Analytical classification of the threat intelligence in cyber incidents requires various features of cyber observable. Therefore it is necessary to improve classification accuracy of the similarity by using multi-profile which is classified as the same features of cyber observables. We propose a multi-profile ensemble model performed similarity analysis on cyber incident of threat intelligence based on both attack types and cyber observables that can enhance the accuracy of the classification. We see a potential improvement of the cyber incident analysis system, which enhance the accuracy of the classification. Implementation of our suggested technique in a computer network offers the ability to classify and detect similar cyber incident of those not detected by other mechanisms.

How to use attack cases and intelligence of Korean-based APT groups (한국어 기반 APT 그룹의 공격사례 및 인텔리전스 활용 방안)

  • Lee Jung Hun;Choi Youn Sung
    • Convergence Security Journal
    • /
    • v.24 no.3
    • /
    • pp.153-163
    • /
    • 2024
  • Despite the increasing hacking threats and security threats as IT technology advances and many companies adopt security solutions, cyberattacks and threats still persist for years. APT attack is a technique of selecting a specific target and continuing to attack. The threat of an APT attack uses all possible means through the electronic network to perform APT for years. Zero-day attacks, malicious code distribution, and social engineering techniques are performed, and some of them directly invade companies. These techniques have been in effect since 2000, and are similarly used in voice phishing, especially for social engineering techniques. Therefore, it is necessary to study countermeasures against APT attacks. This study analyzes the attack cases of Korean-based APT groups in Korea and suggests the correct method of using intelligence to analyze APT attack groups.

Development of Dynamic Simulation Model for Measuring of Organization Intelligence (조직지능 측정을 위한 동태적 시뮬레이션 모델 개발 -측정요인의 개념화와 인과지도를 중심으로-)

  • Kim, Sang-Wook;Park, Sang-Hyun;Shin, Mal-Sook;Kim, Jong-Tae
    • Korean System Dynamics Review
    • /
    • v.7 no.1
    • /
    • pp.5-26
    • /
    • 2006
  • Ever increasing dependence of organization on information technology stimulates interactions between individuals and groups in the process of knowledge creation, which overall impies that a reciprocal mechanism lies within the structure of the growth of group intelligence. Individual's intelligence may affect the group intelligence, and vise versa. However, the level of group intelligence is not necessarily determined by the sum of individual's intelligence but the quality of the interactions among the individuals. This study thus aims to conceptually identify the dynamic structure of interactions among the factors influencing the group intelligence level, which is believed to be used as a tool to measure the difference of intelligence between groups. To achieve this goal several attempts were made. First, determinants of intelligence at indiviual level and group level and similarities and differences between individual's and group intelligence were identified from the previous research. Second, causal loop diagrams were developed, which show how individual's intelligence influences group intelligence and vise versa. Third, it was attempted to identify and interpret which feedback loops are most influential in either improving or hapering group intelligence as a whole. Since this study remains only at exploratory level, a more detailed and workable model for field applications has to be developed in the future.

  • PDF

A BPM Activity-Performer Correspondence Analysis Method (BPM 기반의 업무-수행자 대응분석 기법)

  • Ahn, Hyun;Park, Chungun;Kim, Kwanghoon
    • Journal of Internet Computing and Services
    • /
    • v.14 no.4
    • /
    • pp.63-72
    • /
    • 2013
  • Business Process Intelligence (BPI) is one of the emerging technologies in the knowledge discovery and analysis area. BPI deals with a series of techniques from discovering knowledge to analyzing the discovered knowledge in BPM-supported organizations. By means of the BPI technology, we are able to provide the full functionality of control, monitoring, prediction, and optimization of process-supported organizational knowledge. Particularly, we focus on the focal organizational knowledge, which is so-called the BPM activity-performer affiliation networking knowledge that represents the affiliated relationships between performers and activities in enacting a specific business process model. That is, in this paper we devise a statistical analysis method to be applied to the BPM activity-performer affiliation networking knowledge, and dubbed it the activity-performer correspondence analysis method. The devised method consists of a series of pipelined phases from the generation of a bipartite matrix to the visualization of the analysis result, and through the method we are eventually able to analyze the degree of correspondences between a group of performers and a group of activities involved in a business process model or a package of business process models. Conclusively, we strongly expect the effectiveness and efficiency of the human resources allotments, and the improvement of the correlational degree between business activities and performers, in planning and designing business process models and packages for the BPM-supported organization, through the activity-performer correspondence analysis method.

Control-Path Driven Process-Group Discovery Framework and its Experimental Validation for Process Mining and Reengineering (프로세스 마이닝과 리엔지니어링을 위한 제어경로 기반 프로세스 그룹 발견 프레임워크와 실험적 검증)

  • Thanh Hai Nguyen;Kwanghoon Pio Kim
    • Journal of Internet Computing and Services
    • /
    • v.24 no.5
    • /
    • pp.51-66
    • /
    • 2023
  • In this paper, we propose a new type of process discovery framework, which is named as control-path-driven process group discovery framework, to be used for process mining and process reengineering in supporting life-cycle management of business process models. In addition, we develop a process mining system based on the proposed framework and perform experimental verification through it. The process execution event logs applied to the experimental effectiveness and verification are specially defined as Process BIG-Logs, and we use it as the input datasets for the proposed discovery framework. As an eventual goal of this paper, we design and implement a control path-driven process group discovery algorithm and framework that is improved from the ρ-algorithm, and we try to verify the functional correctness of the proposed algorithm and framework by using the implemented system with a BIG-Log dataset. Note that all the process mining algorithm, framework, and system developed in this paper are based on the structural information control net process modeling methodology.

3-Step Security Vulnerability Risk Scoring considering CVE Trends (CVE 동향을 반영한 3-Step 보안 취약점 위험도 스코어링)

  • Jihye, Lim;Jaewoo, Lee
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.27 no.1
    • /
    • pp.87-96
    • /
    • 2023
  • As the number of security vulnerabilities increases yearly, security threats continue to occur, and the vulnerability risk is also important. We devise a security threat score calculation reflecting trends to determine the risk of security vulnerabilities. The three stages considered key elements such as attack type, supplier, vulnerability trend, and current attack methods and techniques. First, it reflects the results of checking the relevance of the attack type, supplier, and CVE. Secondly, it considers the characteristics of the topic group and CVE identified through the LDA algorithm by the Jaccard similarity technique. Third, the latest version of the MITER ATT&CK framework attack method, technology trend, and relevance between CVE are considered. We used the data within overseas sites provide reliable security information to review the usability of the proposed final formula CTRS. The scoring formula makes it possible to fast patch and respond to related information by identifying vulnerabilities with high relevance and risk only with some particular phrase.