Correlation Analysis of Cyber Threat Information in Heterogeneous Security Systems

• Published in: Proceedings of the International Conference on Security and Management (SAM) p. 1
• Main Authors: Lee, Jae-Kook, Im, Chae-Tae
• Format: Conference Proceeding
• Language: English
• Published: Athens The Steering Committee of The World Congress in Computer Science, Computer Engineering and Applied Computing (WorldComp) 01.01.2013

Recently, the Internet is widely used. As a result, cyber attacks are continuously changed and increased. Various security systems are used to protect internal network, servers and PCs. The KISA (Krcert/CC) operates a variety of security systems to prevent and protect against cyber attacks. For example, there are systems for detecting and preventing DoS/DDoS attacks, managing cyber threats, trapping spam emails, and preventing botnet damages. In this paper, the authors analyze cyber threat information that were detected through heterogeneous security systems. Then, they propose a new correlation analysis method using gradient measurement for more effective monitoring. Finally, they present the results of continuity and redundancy of source IP address in several security systems.