KJCKorea
Journal Central

@article{ART002891728},
author={Lee, Hyung Woo},
title={Analysis of Cyber Incident Artifact Data Enrichment Mechanism for SIEM},
journal={Journal of Internet of Things and Convergence},
issn={2466-0078},
year={2022},
volume={8},
number={5},
pages={1-9},
doi={10.20465/KIOTS.2022.8.5.001}

TY - JOUR
AU - Lee, Hyung Woo
TI - Analysis of Cyber Incident Artifact Data Enrichment Mechanism for SIEM
JO - Journal of Internet of Things and Convergence
PY - 2022
VL - 8
IS - 5
PB - The Korea Internet of Things Society
SP - 1
EP - 9
SN - 2466-0078
AB - As various services are linked to IoT(Internet of Things) and portable communication terminals, cyber attacks that exploit security vulnerabilities of the devices are rapidly increasing. In particular, cyber attacks targeting heterogeneous devices in large-scale network environments through advanced persistent threat (APT) attacks are on the rise. Therefore, in order to improve the effectiveness of the response system in the event of a breach, it is necessary to apply a data enrichment mechanism for the collected artifact data to improve threat analysis and detection performance. Therefore, in this study, by analyzing the data supplementation common elements performed in the existing incident management framework for the artifacts collected for the analysis of intrusion accidents, characteristic elements applicable to the actual system were derived, and based on this, an improved accident analysis framework The prototype structure was presented and the suitability of the derived data supplementary extension elements was verified. Through this, it is expected to improve the detection performance when analyzing cyber incidents targeting artifacts collected from heterogeneous devices.
KW - Internet of Things;Security Information and Event Management(SIEM);Cyber Incident Response;Data Enrichment Mechanism.
DO - 10.20465/KIOTS.2022.8.5.001
ER -

Lee, Hyung Woo. (2022). Analysis of Cyber Incident Artifact Data Enrichment Mechanism for SIEM. Journal of Internet of Things and Convergence, 8(5), 1-9.

Lee, Hyung Woo. 2022, "Analysis of Cyber Incident Artifact Data Enrichment Mechanism for SIEM", Journal of Internet of Things and Convergence, vol.8, no.5 pp.1-9. Available from: doi:10.20465/KIOTS.2022.8.5.001

Lee, Hyung Woo "Analysis of Cyber Incident Artifact Data Enrichment Mechanism for SIEM" Journal of Internet of Things and Convergence 8.5 pp.1-9 (2022) : 1.

Lee, Hyung Woo. Analysis of Cyber Incident Artifact Data Enrichment Mechanism for SIEM. 2022; 8(5), 1-9. Available from: doi:10.20465/KIOTS.2022.8.5.001

Lee, Hyung Woo. "Analysis of Cyber Incident Artifact Data Enrichment Mechanism for SIEM" Journal of Internet of Things and Convergence 8, no.5 (2022) : 1-9.doi: 10.20465/KIOTS.2022.8.5.001

Lee, Hyung Woo. Analysis of Cyber Incident Artifact Data Enrichment Mechanism for SIEM. Journal of Internet of Things and Convergence, 8(5), 1-9. doi: 10.20465/KIOTS.2022.8.5.001

Lee, Hyung Woo. Analysis of Cyber Incident Artifact Data Enrichment Mechanism for SIEM. Journal of Internet of Things and Convergence. 2022; 8(5) 1-9. doi: 10.20465/KIOTS.2022.8.5.001

Lee, Hyung Woo. Analysis of Cyber Incident Artifact Data Enrichment Mechanism for SIEM. 2022; 8(5), 1-9. Available from: doi:10.20465/KIOTS.2022.8.5.001

Lee, Hyung Woo. "Analysis of Cyber Incident Artifact Data Enrichment Mechanism for SIEM" Journal of Internet of Things and Convergence 8, no.5 (2022) : 1-9.doi: 10.20465/KIOTS.2022.8.5.001