보안 공격 대응을 위한 추론 기반 접근제어 프레임워크

Abstract

Recently, security breaches have diversified types of attacks, including damage to companies, use and leakage of personal information, and the level of attacks has also been increasing. Since the number of attack case has been gradually increased, the needs of Access Control Technology and Security Analysis is becoming more and more important.

Therefore, in this paper, it will be suggested the way that applying the Intelligent Context Awareness Access Control Model to the System through these processes: 1) modelling the security context information ontology of system, 2) testing the Intelligent Context Awareness Access Control Model which uses the inference of security situation when the illegal approach is happened. In the experiment, it is used that the ‘syslog’ log file analysis and combining it into the Security Context Information to trace certain action which occurred in the system.

Since the Probability of Detection, according to the security context, was 70% and the accuracy of Response Rate on the attack situation was 72.8% in the experiment of this paper, it can be regarded as the detection and response was appropriate.

The proposed method in this paper is following. To respond on the attack which is comprehensive and intelligent security invasion accident. it is needed that designing and applying the Intelligent Context Awareness Access Control Model which can response simultaneously on the illegal approach of power system resource. This Model can be derived by Inferring Technology which uses ontology modelling based on the security context information of system.