발간년도 : [2014]
| 논문정보 |
|
| 논문명(한글) |
[Vol.9, No.6] A Study on the Improvement of Security Monitoring in the Separate Network Environment |
|
| 논문투고자 |
Chang-Woo Han, Huy Kang Kim, Eunjin Kim |
|
| 논문내용 |
Internal network connected to the internet are vulnerable to external attack. A consensus of awareness of that problem are spreading. As solutions to that problem, To prevent any damage on the system in the organization, The network separation obligation are spreading. Even if the intranet operates as a closed network by separating the internet can not be guaranteed to be secure. Security threats posed by malicious code are still present, such as stuxnet which works on control network that operates on a closed network. User carelessness, internet connect by intranet PC due to malicious intent, information leakage through the USB, an influx of malicious code to intranet, and using a technique for transferring data between separate networks without the use data transmission system for secure data transfer can be transferred uncontrolled data between internet and intranet. Also, even if network separation is completed insider threat is still present. Network separation made a difference of the traffic form occurring in each of the network, and the characteristics of the security log was affected. Accordingly, separately many researching for the internet about malicious traffic detection, need a plan that can effectively detect anomalies in the security log occurring in the interanet. In this study, Analysis of the characteristics of the security log occurring in physically separate the network environment focusing on the interanet and proposes a model for efficiently performing the security control. |
|
| 첨부논문 |
|
|
|
|
|
자료실 > 논문지 
