@article{ART003083990},
author={Dongsung Kim and Seon-Gyoung Shon and Dan Dongseong Kim and Huy-Kang Kim},
title={Cluster-Based Similarity Calculation of IT Assets: Method of Attacker's Next Targets Detection},
journal={Journal of The Korea Society of Computer and Information},
issn={1598-849X},
year={2024},
volume={29},
number={5},
pages={1-10},
doi={10.9708/jksci.2024.29.05.001}
TY - JOUR
AU - Dongsung Kim
AU - Seon-Gyoung Shon
AU - Dan Dongseong Kim
AU - Huy-Kang Kim
TI - Cluster-Based Similarity Calculation of IT Assets: Method of Attacker's Next Targets Detection
JO - Journal of The Korea Society of Computer and Information
PY - 2024
VL - 29
IS - 5
PB - The Korean Society Of Computer And Information
SP - 1
EP - 10
SN - 1598-849X
AB - Attackers tend to use similar vulnerabilities when finding their next target IT assets. They also continuously search for new attack targets. Therefore, it is essential to find the potential targets of attackers in advance. Our method proposes a novel approach for efficient vulnerable asset management and zero-day response. In this paper, we propose the ability to detect the IT assets that are potentially infected by the recently discovered vulnerability based on clustering and similarity results. As the experiment results, 86% of all collected assets are clustered within the same clustering. In addition, as a result of conducting a similarity calculation experiment by randomly selecting vulnerable assets, assets using the same OS and service were listed.
KW - Common Platform Enumeration (CPE);Clustering;Similarity Measurement;Network Features;Network Scanner
DO - 10.9708/jksci.2024.29.05.001
ER -
Dongsung Kim, Seon-Gyoung Shon, Dan Dongseong Kim and Huy-Kang Kim. (2024). Cluster-Based Similarity Calculation of IT Assets: Method of Attacker's Next Targets Detection. Journal of The Korea Society of Computer and Information, 29(5), 1-10.
Dongsung Kim, Seon-Gyoung Shon, Dan Dongseong Kim and Huy-Kang Kim. 2024, "Cluster-Based Similarity Calculation of IT Assets: Method of Attacker's Next Targets Detection", Journal of The Korea Society of Computer and Information, vol.29, no.5 pp.1-10. Available from: doi:10.9708/jksci.2024.29.05.001
Dongsung Kim, Seon-Gyoung Shon, Dan Dongseong Kim, Huy-Kang Kim "Cluster-Based Similarity Calculation of IT Assets: Method of Attacker's Next Targets Detection" Journal of The Korea Society of Computer and Information 29.5 pp.1-10 (2024) : 1.
Dongsung Kim, Seon-Gyoung Shon, Dan Dongseong Kim, Huy-Kang Kim. Cluster-Based Similarity Calculation of IT Assets: Method of Attacker's Next Targets Detection. 2024; 29(5), 1-10. Available from: doi:10.9708/jksci.2024.29.05.001
Dongsung Kim, Seon-Gyoung Shon, Dan Dongseong Kim and Huy-Kang Kim. "Cluster-Based Similarity Calculation of IT Assets: Method of Attacker's Next Targets Detection" Journal of The Korea Society of Computer and Information 29, no.5 (2024) : 1-10.doi: 10.9708/jksci.2024.29.05.001
Dongsung Kim; Seon-Gyoung Shon; Dan Dongseong Kim; Huy-Kang Kim. Cluster-Based Similarity Calculation of IT Assets: Method of Attacker's Next Targets Detection. Journal of The Korea Society of Computer and Information, 29(5), 1-10. doi: 10.9708/jksci.2024.29.05.001
Dongsung Kim; Seon-Gyoung Shon; Dan Dongseong Kim; Huy-Kang Kim. Cluster-Based Similarity Calculation of IT Assets: Method of Attacker's Next Targets Detection. Journal of The Korea Society of Computer and Information. 2024; 29(5) 1-10. doi: 10.9708/jksci.2024.29.05.001
Dongsung Kim, Seon-Gyoung Shon, Dan Dongseong Kim, Huy-Kang Kim. Cluster-Based Similarity Calculation of IT Assets: Method of Attacker's Next Targets Detection. 2024; 29(5), 1-10. Available from: doi:10.9708/jksci.2024.29.05.001
Dongsung Kim, Seon-Gyoung Shon, Dan Dongseong Kim and Huy-Kang Kim. "Cluster-Based Similarity Calculation of IT Assets: Method of Attacker's Next Targets Detection" Journal of The Korea Society of Computer and Information 29, no.5 (2024) : 1-10.doi: 10.9708/jksci.2024.29.05.001
