KR20170074386A - Cyber security commerce platform for providing one-stop service of security knowledge and security products - Google Patents
Cyber security commerce platform for providing one-stop service of security knowledge and security products Download PDFInfo
- Publication number
- KR20170074386A KR20170074386A KR1020150183584A KR20150183584A KR20170074386A KR 20170074386 A KR20170074386 A KR 20170074386A KR 1020150183584 A KR1020150183584 A KR 1020150183584A KR 20150183584 A KR20150183584 A KR 20150183584A KR 20170074386 A KR20170074386 A KR 20170074386A
- Authority
- KR
- South Korea
- Prior art keywords
- security
- cyber
- providing
- service
- knowledge
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/12—Payment architectures specially adapted for electronic shopping systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/06—Buying, selling or leasing transactions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Systems or methods specially adapted for specific business sectors, e.g. utilities or tourism
- G06Q50/10—Services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Systems or methods specially adapted for specific business sectors, e.g. utilities or tourism
- G06Q50/30—Transportation; Communications
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Strategic Management (AREA)
- Accounting & Taxation (AREA)
- Tourism & Hospitality (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- Physics & Mathematics (AREA)
- Marketing (AREA)
- Economics (AREA)
- Finance (AREA)
- Primary Health Care (AREA)
- Human Resources & Organizations (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Operations Research (AREA)
- Development Economics (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
Discloses a cyber security commerce platform capable of supporting one-stop support for security knowledge and security products. The cyber security commerce platform includes a security knowledge service unit for providing security knowledge to a customer terminal connected through a network, a security product service unit for providing a security product to the customer terminal, And cluster center services that provide cluster collaboration research results from the security experts group.
Description
The present invention relates to a cyber security platform, and more particularly, to a cyber security commerce platform capable of supporting security knowledge and security products one-stop.
A security platform refers to means for limiting or blocking multidimensional access to data, such as people, data, applications, hosts, networking, physical access, etc. Among these security platforms, online cyber security platform is changing to platform itself and application-oriented security model. For example, existing firewalls and network access control lists are being replaced by virtual firewalls and host packet filters.
A network-based intrusion detection system, which is one of the current cyber security technologies, analyzes the characteristics of cyber attacks, automatically creates a pattern that can detect cyber attacks, and realizes network packet real-time detection with DPI (deep packet inspection) To detect the same pattern. This network-based intrusion detection system can be used for misuse detection.
Although this network-based intrusion detection technology has a relatively high detection rate, it requires a pattern of detection (signature) generated by a group of professional analysts. Therefore, every time a cyber attack is detected, Therefore, there is a limitation in that it can not be applied to an attack that bypasses the present detection pattern or a new type of attack.
SUMMARY OF THE INVENTION Accordingly, it is an object of the present invention to provide a cyber security commerce platform capable of supporting security knowledge and security products one-stop.
Another object of the present invention is to provide a cyber security commerce platform capable of supporting security knowledge, security products, and cluster center one-stop.
According to an aspect of the present invention, there is provided a security information service unit for providing security knowledge to a customer terminal connected through a network. A security product service unit for providing a security product to the customer terminal; And a cluster center service unit for providing a cluster test result of a security experts group and a performance evaluation test bed for at least one of the security knowledge and the security product.
In one embodiment, a cyber security commerce platform comprises a processor, a memory coupled to the processor, an input / output system coupled to the processor, a user interface coupled to the input / output system, and context data associated with the cyber attack recognition, The sensor may further include one or more sensors. Here, the service units may be stored in a module form in the memory and executed by the processor.
In one embodiment, the cyber security commerce platform is stored in a module form in the memory and outputs cost settlement information for the security knowledge service and the security product to the customer terminal through the user interface, And a settlement processing unit for processing the cost settlement process.
In one embodiment, the security knowledge services department is configured to provide a technical knowledge service on cyber attack and defense technologies, a knowledge knowledge service on security policy establishment or attack defense scenarios, and a corresponding analysis including security pattern, hardware, And one or more first modules for providing at least one of a technical knowledge service for a hacking forensic investigation device and a technical knowledge service for a hacking forensic investigation device and technology.
In one embodiment, the security product service department may include one or more second modules for providing customized module development and provision services in accordance with security consulting, and one or more of the customized product relay services after security consulting.
In addition, the security product service department includes a first sub module for examining security hardware and software, a second sub module for collecting a source including a module or a part, a firewall (FW), an intrusion prevention system (IPS) an intrusion detection system, an enterprise security management (ESM), or a combination thereof.
In one embodiment, the cluster center service comprises one or more third party services for providing one or more services for personnel support, training, performance evaluation or a combination thereof, and services for research and development, collaborative research, Modules.
In one embodiment, the cyber security commerce platform comprises: a homepage providing unit for managing the homepage providing the homepage to the customer terminal; A bulletin board control unit for providing a bulletin board to the customer terminal and managing the bulletin board; An engine module management unit for managing an engine module including at least one general purpose engine module used in the service units; And a test bed management unit for providing a test bed for at least one of a security knowledge service provided through the security knowledge service unit and a security product provided through the security product service unit at the request of the customer terminal and providing a test result As shown in FIG.
According to the present invention, by using a cyber security commerce platform supporting one-stop support for security knowledge and security products, information on cyber attacks detected in real time is shared with a group of specialized analysts, Providing a ready-made security product tailored to cyber attacks by leveraging a group of professional analysts.
In addition, according to the present embodiment, by using the cyber security commerce platform supporting one-stop support for security knowledge, physical security products and cluster labs, it is possible to provide security technology knowledge services and security product services, It has the advantage of being able to perform the performance evaluation of the security product or the subsequent cyber attack test effectively.
In addition, according to the present embodiment, it is possible to provide a variety of integrated security solutions to customers who subscribed monthly, customized billing in the event of an attack or an accident, or a user requesting various cyber security in the domestic and overseas security markets, And provides a cyber security commerce platform that can be quickly serviced.
1 is an illustration of an ontology for a cyber security commerce platform according to an embodiment of the present invention.
2 is a block diagram of the cyber security commerce platform of FIG.
3 is a block diagram illustrating a hardware structure of the cyber security commerce platform of FIG.
4 is a block diagram of sub-modules of the security knowledge service unit of FIG. 2
5 is a block diagram of sub-modules that can be employed in the security product service unit of FIG.
6 is a flowchart of the operation principle of the cyber security commerce platform of FIG.
FIG. 7 is a flowchart of a variation of the operating principle of the cyber security commerce platform of FIG. 2;
Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the accompanying drawings. However, the embodiments of the present invention may be modified into various other forms, and the scope of the present invention should not be construed as being limited by the embodiments described below. The embodiments of the present invention are provided to explain the present invention more fully to those skilled in the art. Therefore, the shapes and the like of the elements in the drawings may be exaggerated in order to emphasize a clearer description, and elements denoted by the same reference numerals in the drawings may denote the same elements.
1 is an illustration of an ontology for a cyber security commerce platform according to an embodiment of the present invention.
Referring to FIG. 1, a
That is, the cyber
Cyber Security Technical Knowledge Service
- Cyber attack analysis and security analysis
- Creation of cyber attack and defense (attack / defense) scenarios and analysis of technology trends
- Construction of cyber attack pattern analysis algorithm
- Establishment of pattern DB according to intrusion method as one of cyber attack pattern analysis algorithms
- Cyber attack software (SW), hardware (HW), network, system analysis
- Cyber attack and defense research and development: FW (firewall), intrusion prevention system (IPS), intrusion detection system (IDS), enterprise security management (ESM)
Cyber Security solution (Security product service)
- Collection, evaluation and analysis of cyber security software (SW) and hardware (HW) solutions at home and abroad
- Collection, evaluation and analysis of cyber security source (module)
- Performance evaluation and total ranking module design
Cyber Security Cluster Lab (Center)
- human, physical, network resource clusters
- Attack precursor emergency alarm
- Mock attack, defense, analysis and information sharing using online
- Hacking test bed, cooperation study, research and development, task progression, cluster formation and network activity
- Cyber attack, defense and cyber-control education (on-line, off-line)
2 is a block diagram of the cyber security commerce platform of FIG.
2, the cyber
The security
The security
The cluster
The
3 is a block diagram illustrating a hardware structure of the cyber security commerce platform of FIG.
3, the cyber
The
In the
In addition, the
In addition, the
The
The
The
The
Each module stored in the
The
4 is a block diagram of sub-modules of the security knowledge service unit of FIG.
Referring to FIG. 4, the security
5 is a block diagram of sub-modules that can be employed in the security product service unit of FIG.
5, the security
With the above-described sub-modules, a security product can be effectively developed or relayed to a customer terminal connected to a cyber security commerce platform effectively according to the context of a cyber attack.
6 is a flowchart of the operation principle of the cyber security commerce platform of FIG.
Referring to FIG. 6, the cyber security commerce platform according to the present embodiment detects a cyber attack through a sensor (S61).
When a cyber attack is detected, the sensor activates an application programming interface (API) of the sensor access framework of the platform (S62).
Next, the cyber security commerce platform recognizes the context from the cyber attack source or type detected by the sensor (S63). The platform can determine how to provide the security knowledge service S64, the security product service S65, the cluster center service S66, or a combination thereof to the customer terminal through one-stop through the awareness of the cyber attack.
The cyber security commerce platform combines at least one service among the security knowledge service, the security product service, and the cluster center service according to the determined process of the one-stop service (S67) The attack can be blocked or prevented (S68).
Figure 7 is a flow chart of another operating principle of the cyber security commerce platform of Figure 2;
Referring to FIG. 7, the cyber security commerce platform according to the present embodiment allows a platform access to a customer terminal so that a customer can access a security service (S71).
Next, the service information provided by the cyber security commerce platform is provided to the customer terminal (S72).
Next, in response to the input of the customer terminal or the context information, a context for cyber attack or cyber security is selected (S73).
Next, in step S74, a service prepared in advance is provided for providing security technology knowledge according to the selected context, transmitting a security product, or executing both of them.
If the security technology knowledge service is selected, the platform provides security technology knowledge to the customer terminal (S75). The security technology knowledge may be implemented to select one of the security experts corresponding to the context in a pool of security experts previously stored in the platform according to predetermined rules. The security technology knowledge can have various forms such as interactive using voice, message transmission type, document type using text or picture, and multimedia type using image.
If the security product service is selected in the service selection, the platform transmits the security product selected by the customer to the customer terminal in response to the context (S76). Of course, the transmission of the security product may be implemented such that the security product stored in the storage connected to the platform or the platform is directly transferred (S76), but it is also possible to relay the security product provided by another repository or other platform.
Of course, when both the security knowledge service and the security product service are selected in the service selection, provision of the security technology knowledge and transmission of the security product can be performed simultaneously or sequentially.
Next, the cyber security commerce platform receives a signal as to whether or not the cluster lab is used from the customer terminal, and can determine whether to use the cluster lab based on the received signal (S77). When a customer uses a cluster lab (center), the platform can provide a hacking test field, provide educational services for cyber security, or provide cluster collaboration research results (S78).
Then, the cyber security commerce platform can perform the cost settlement procedure for the cyber security one-stop service previously provided to the customer terminal (S79).
As described above, the cyber security commerce platform according to the present embodiment is implemented to support security, analysis and sharing one-stop. Cyber Security Commerce Platform provides cyber security technology knowledge service, and it can have an online commerce homepage or bulletin board.
In addition, Cyber Security Commerce Platform analyzes the hacking cases for each case to analyze the vulnerability information and establishes the sharing protocol so that the security technology can be applied to the field through the cyber security hacking attack information and security technology information collection. And can standardize and store the security measures for each cyber attack and the processes for plural by manual method.
In addition, the Cyber Security Commerce Platform is a platform that allows users to organize and save the results of the hacking attacks and analyzes through the scenarios in the test site, Can be standardized in a manual manner and constructed as a database (DB).
As described above, the present embodiment can provide an online security center platform capable of providing technical knowledge, solutions, and consulting services of cyber accident and modules used in the platform.
Specifically, the online security center platform provides cyber security expertise knowledge services. To provide cyber security expertise knowledge services, the online security center platform includes a specialized knowledge database module. These online security center platforms can analyze cyber attack preoccupations. In other words, the online security center platform can store the cyber attack and defense scenario written according to the analysis of the cyber attack and defensive technology trend analysis, or can store the cyber attack pattern analysis algorithm. The cyber attack pattern analysis algorithm can be constructed to include the pattern DB according to the intrusion method. In addition, the online security center platform can be constructed to perform cyber attack software, hardware, network, and system analysis, and apply research and development results on cyber attack and defense.
Technical knowledge services on cyber security can be divided into attack and defense technologies, defense scenarios, attack pattern analysis algorithms, and the latest security trend technologies. The Online Security Center Platform, an online customized service platform required by corporations and public institutions, integrates the above-mentioned various technical knowledge services to provide cyber security professionals and security products and cyber security expertise as one-stop services. .
To provide a cyber security solution, the online security center platform may include a product management DB, a homepage, a bulletin board, a search engine, and a commerce module. The cyber security solution consists of modules for the collection, evaluation and analysis of cyber security software and hardware products at home and abroad, modules for collection, evaluation and analysis of cyber security sources (including modules and parts) Modules.
In addition, in order to provide a cyber security cluster lab, an online security center platform may include a cluster management DB, a homepage, a bulletin board, and an engine module. These online security center platforms can generate cyber attack pre-emergence alarms using human, physical, and network resource clusters, and can be used for self-test bed testing such as simulated attack, defense, analysis, bed can be provided. In addition, it can provide online-offline education and manpower-oriented contents on collaborative research, research and development, task progression, cluster formation and network activity, cyber attack and defense and cyber control.
Currently, the response of cyber security attacks is mainly focused on individual information security products. In the case of cyber-hacking attacks, security service providers are called after cyber attack There is a problem that it is difficult to appropriately cope with the problem.
In this embodiment, the cyber security clusters can collaborate with specialists who can share emergency alarms, attacks using online, defense, and analysis information when a cyber security incident is an aggressive phenomenon, To provide technical levels and solutions for cybersecurity.
It will be apparent to those skilled in the art that various modifications and variations can be made in the present invention without departing from the spirit or scope of the present invention as defined by the following claims It can be understood that
Claims (8)
A security product service unit for providing a security product to the customer terminal; And
And a cluster center service unit for providing cluster collaboration research results of a performance evaluation test bed and a security expert group for at least one of the security knowledge and the security product.
A processor coupled to the processor, a memory coupled to the processor, an input / output system coupled to the processor, a user interface coupled to the input / output system, and at least one sensor coupled to the processor for providing context data according to cyber attack awareness,
Wherein the service units are stored in a modular form in the memory and executed by the processor.
A settlement processing unit which is stored in a module form in the memory and outputs cost settlement information for a security knowledge service and a security product to the customer terminal through the user interface and processes a cost settlement process according to an input from the customer terminal Included, cyber security commerce platform.
The security knowledge service unit includes a technical knowledge service for cyber attack and defense technology, a technical knowledge service for security policy establishment or attack defense scenario, and a technical knowledge service for correspondence analysis including security pattern, hardware, network, And one or more first modules for providing one or more services of technical knowledge services for hacking forensic investigation equipment and technology.
Wherein the security product service comprises one or more second modules for providing customized module development and provision services according to security consulting and customized product relay services after security consulting.
The security product service unit includes a first sub module for examining security hardware and software, a second sub module for collecting a source including a module or a part, a firewall, an intrusion prevention system (IPS), an IDS intrusion detection system (ESM), enterprise security management (ESM), or a combination thereof.
Wherein the cluster center service unit comprises one or more third modules for providing services for one or more of services for personnel support, education, performance evaluation or a combination thereof, and services for research and development, collaborative research or a combination thereof , Cyber security commerce platform.
A homepage providing unit for providing a homepage to the customer terminal;
A bulletin board control unit for providing a bulletin board to the customer terminal and managing the bulletin board;
An engine module management unit for managing an engine module including at least one general purpose engine module used in the service units; And
A test bed management unit for providing a test bed for at least one of a security knowledge service provided through the security knowledge service unit and a security product provided through the security product service unit according to a request of the customer terminal and providing a test result, More included, cyber security commerce platform.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150183584A KR20170074386A (en) | 2015-12-22 | 2015-12-22 | Cyber security commerce platform for providing one-stop service of security knowledge and security products |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150183584A KR20170074386A (en) | 2015-12-22 | 2015-12-22 | Cyber security commerce platform for providing one-stop service of security knowledge and security products |
Publications (1)
Publication Number | Publication Date |
---|---|
KR20170074386A true KR20170074386A (en) | 2017-06-30 |
Family
ID=59279477
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020150183584A KR20170074386A (en) | 2015-12-22 | 2015-12-22 | Cyber security commerce platform for providing one-stop service of security knowledge and security products |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR20170074386A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11038901B2 (en) | 2017-12-07 | 2021-06-15 | Samsung Electronics Co., Ltd. | Server and method for defending malicious code using same |
-
2015
- 2015-12-22 KR KR1020150183584A patent/KR20170074386A/en not_active Application Discontinuation
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11038901B2 (en) | 2017-12-07 | 2021-06-15 | Samsung Electronics Co., Ltd. | Server and method for defending malicious code using same |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11218474B2 (en) | Contextual and risk-based multi-factor authentication | |
CN113302609B (en) | Detecting inappropriate activity in the presence of unauthenticated API requests using artificial intelligence | |
US11429625B2 (en) | Query engine for remote endpoint information retrieval | |
US20170126712A1 (en) | Detection mitigation and remediation of cyberattacks employing an advanced cyber-decision platform | |
Ramaki et al. | A systematic mapping study on intrusion alert analysis in intrusion detection systems | |
US10491621B2 (en) | Website security tracking across a network | |
Li et al. | Dynamic security risk evaluation via hybrid Bayesian risk graph in cyber-physical social systems | |
CN110213198A (en) | The monitoring method and system of network flow | |
JP2021528749A (en) | Automatic packetless network reachability analysis | |
CN109828824A (en) | Safety detecting method, device, storage medium and the electronic equipment of mirror image | |
WO2018027226A1 (en) | Detection mitigation and remediation of cyberattacks employing an advanced cyber-decision platform | |
US10554701B1 (en) | Real-time call tracing in a service-oriented system | |
Yang et al. | ICAS: An inter-VM IDS log cloud analysis system | |
Makura et al. | Proactive forensics: Keystroke logging from the cloud as potential digital evidence for forensic readiness purposes | |
Rajmohan et al. | A decade of research on patterns and architectures for IoT security | |
US20230239293A1 (en) | Probe-based risk analysis for multi-factor authentication | |
CN109460930B (en) | Method for determining risk account and related equipment | |
CN106330811A (en) | Domain name credibility determination method and device | |
KR20170074386A (en) | Cyber security commerce platform for providing one-stop service of security knowledge and security products | |
US20210165907A1 (en) | Systems and methods for intelligent and quick masking | |
Behera et al. | Security issues in distributed computation for big data analytics | |
RU2747099C1 (en) | Automated cybersecurity event testing system | |
US11075882B2 (en) | Method and system for reducing false positives in web application firewalls | |
US20230344840A1 (en) | Method, apparatus, system, and non-transitory computer readable medium for identifying and prioritizing network security events | |
Mlotshwa et al. | Opportunistic security architecture for osmotic computing paradigm in dynamic IoT-Edge's resource diffusion |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A201 | Request for examination | ||
E902 | Notification of reason for refusal | ||
E601 | Decision to refuse application |