• Title/Summary/Keyword: security scoring technique

Search Result 6, Processing Time 0.022 seconds

A Study On Advanced Model of Web Vulnerability Scoring Technique (웹 취약점 스코어링 기법의 advanced 모델 연구)

  • Byeon, Autumn;Lim, Jong In;Lee, Kyong-Ho
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.25 no.5
    • /
    • pp.1217-1224
    • /
    • 2015
  • Web application security problems are addressed by the web vulnerability analysis which in turn supports companies to understand those problems and to establish their own solutions. Ministry of Science, ICT and Future Planning (MSIP) has released its guidelines for analysis and assessment of the web vulnerability. Although it is possible to distinguish vulnerability items in a manner suggested in the MSIP's guidelines, MSIP's factors and criteria proposed in the guidelines are neither sufficient nor efficient in analyzing specific vulnerability entries' risks. This study discusses analysis of the domestic and international Vulnerability Scoring system and proposes an appropriate evaluating method for web vulnerability analysis.

3-Step Security Vulnerability Risk Scoring considering CVE Trends (CVE 동향을 반영한 3-Step 보안 취약점 위험도 스코어링)

  • Jihye, Lim;Jaewoo, Lee
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.27 no.1
    • /
    • pp.87-96
    • /
    • 2023
  • As the number of security vulnerabilities increases yearly, security threats continue to occur, and the vulnerability risk is also important. We devise a security threat score calculation reflecting trends to determine the risk of security vulnerabilities. The three stages considered key elements such as attack type, supplier, vulnerability trend, and current attack methods and techniques. First, it reflects the results of checking the relevance of the attack type, supplier, and CVE. Secondly, it considers the characteristics of the topic group and CVE identified through the LDA algorithm by the Jaccard similarity technique. Third, the latest version of the MITER ATT&CK framework attack method, technology trend, and relevance between CVE are considered. We used the data within overseas sites provide reliable security information to review the usability of the proposed final formula CTRS. The scoring formula makes it possible to fast patch and respond to related information by identifying vulnerabilities with high relevance and risk only with some particular phrase.

An APT Attack Scoring Method Using MITRE ATT&CK (MITRE ATT&CK을 이용한 APT 공격 스코어링 방법 연구)

  • Cho, Sungyoung;Park, Yongwoo;Lee, Kunho;Choi, Changhee;Shin, Chanho;Lee, Kyeongsik
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.32 no.4
    • /
    • pp.673-689
    • /
    • 2022
  • We propose an APT attack scoring method as a part of the process for detecting and responding to APT attacks. First, unlike previous work that considered inconsistent and subjective factors determined by cyber security experts in the process of scoring cyber attacks, we identify quantifiable factors from components of MITRE ATT&CK techniques and propose a method of quantifying each identified factor. Then, we propose a method of calculating the score of the unit attack technique from the quantified factors, and the score of the entire APT attack composed of one or more multiple attack techniques. We present the possibility of quantification to determine the threat level and urgency of cyber attacks by applying the proposed scoring method to the APT attack reports, which contains the hundreds of APT attack cases occurred worldwide. Using our work, it will be possible to determine whether actual cyber attacks have occurred in the process of detecting APT attacks, and respond to more urgent and important cyber attacks by estimating the priority of APT attacks.

Definition of aggressive response scale through quantitative evaluation of cyber attack (사이버공격의 정량적 피해평가를 통한 공세적 대응규모 산정)

  • Hong, Byoungjin;Lim, Jaesung;Kim, Wanju;Cho, Jaemyoung
    • Convergence Security Journal
    • /
    • v.17 no.4
    • /
    • pp.17-29
    • /
    • 2017
  • Various cyber attacks against our society and the government are continuing, and cases and damages are reported from time to time. And the area of cyber attack is not limited to cyberspace, but it is expanding into physical domain and affecting it. In the military arena, we have established and implemented the principle of responding proportionally to enemy physical attacks. This proportionality principle is also required in the version where the region is expanding. In order to apply it, it is necessary to have a quantitative and qualitative countermeasure against cyber attack. However, due to the nature of cyber attacks, it is not easy to assess the damage accurately and it is difficult to respond to the proportionality principle and the proportional nature. In this study, we calculated the damage scale by quantitatively and qualitatively evaluating the cyber attack damage using the Gorden-Lobe model and the security scoring technique based on the scenario. It is expected that the calculated results will be provided as appropriate level and criterion to counteract cyber attack.

A Study on Insider Behavior Scoring System to Prevent Data Leaks

  • Lim, Young-Hwan;Hong, Jun-Suk;Kook, Kwang Ho;Park, Won-Hyung
    • Convergence Security Journal
    • /
    • v.15 no.5
    • /
    • pp.77-86
    • /
    • 2015
  • The organization shall minimize business risks associated with customer information leaks. Enhance information security activities through voluntary pre-check and must find a way to detect the personal information leakage caused by carelessness and neglect accident. Recently, many companies have introduced an information leakage prevention solution. However, there is a possibility of internal data leakage by the internal user who has permission to access the data. By this thread it is necessary to have the environment to analyze the habit and activity of the internal user. In this study, we use the SFI analytical technique that applies RFM model to evaluate the insider activity levels were carried out case studies is applied to the actual business.

A Hybrid Recommendation System based on Fuzzy C-Means Clustering and Supervised Learning

  • Duan, Li;Wang, Weiping;Han, Baijing
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.15 no.7
    • /
    • pp.2399-2413
    • /
    • 2021
  • A recommendation system is an information filter tool, which uses the ratings and reviews of users to generate a personalized recommendation service for users. However, the cold-start problem of users and items is still a major research hotspot on service recommendations. To address this challenge, this paper proposes a high-efficient hybrid recommendation system based on Fuzzy C-Means (FCM) clustering and supervised learning models. The proposed recommendation method includes two aspects: on the one hand, FCM clustering technique has been applied to the item-based collaborative filtering framework to solve the cold start problem; on the other hand, the content information is integrated into the collaborative filtering. The algorithm constructs the user and item membership degree feature vector, and adopts the data representation form of the scoring matrix to the supervised learning algorithm, as well as by combining the subjective membership degree feature vector and the objective membership degree feature vector in a linear combination, the prediction accuracy is significantly improved on the public datasets with different sparsity. The efficiency of the proposed system is illustrated by conducting several experiments on MovieLens dataset.