최소 단어 이상 선택하여야 합니다.
최대 10 단어까지만 선택 가능합니다.
다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
NTIS 바로가기情報保護學會論文誌 = Journal of the Korea Institute of Information Security and Cryptology, v.34 no.1, 2024년, pp.53 - 60
김해린 (LIG넥스원) , 이승운 (LIG넥스원) , 홍수연 (LIG넥스원)
Security assessment is an indispensable process for a secure network, and appropriate performance indicators must be present to manage risks. The most widely used quantitative indicator is CVSS. CVSS has a problem that it cannot consider context in terms of subjectivity, complexity of interpretation...
The MITRE Corporation, "MITRE ATT&CK." [Online]. Available: https://attack.mitre.org, 2023.10
Ahn, G., Lee, S. A., &Park, W. H.(2021, October). Changes of Cyber Hacking Attack Aspect of North Korea Cyber-Attack Groups Applying MITRE ATT&CK. Research Briefs on Information and Communication Technology Evolution, 7, 75-88.
Pirca, A. M., & Lallie, H. S. (2023,April). An empirical evaluation of the effectiveness of attack graphs and MITRE ATT&CK matrices in aidingcyber attack perception amongst decision-makers. Computers & Security, 130, 103254.
Ahmed, M., Panda, S., Xenakis, C., & Panaousis, E. (2022, August). MITRE ATT&CK-driven cyber risk assessment. In Proceedings of the 17th International Conference on Availability, Reliability and Security (pp. 1-10).
Kwon, R., Ashley, T., Castleberry, J., Mckenzie, P., & Gourisetti, S. N.?G. (2020, October). Cyber threat?dictionary using mitre att&ck matrix?and nist cybersecurity framework?mapping. In 2020 Resilience Week?(RWS) (pp. 106-112). IEEE.
Singhal, A., & Ou, X. (2009, April).?Techniques for enterprise network?security metrics. In Proceedings of?the 5th Annual Workshop on Cyber?Security and Information Intelligence?Research: Cyber Security and?Information Intelligence Challenges?and Strategies (pp. 1-4).
Pendleton, M., Garcia-Lebron, R.,?Cho, J. H., & Xu, S. (2016,?December). A survey on systems?security metrics. ACM Computing?Surveys (CSUR), 49(4), 1-35.
Doynikova, E., Fedorchenko, A., &?Kotenko, I. (2019, August). Ontology?of metrics for cyber security?assessment. In Proceedings of the?14th International Conference on?Availability, Reliability and Security?(pp. 1-8).
F. of Incident Response and S.?Teams, "CVSS." [Online]. Available:?https://www.first.org/cvss, 2023.10.15
National Institute of Standards and?Technology, [Online]. Available: https://nvd.nist.gov/, 2023.10
Spring, J., Hatleback, E.,?Householder, A., Manion, A., &?Shick, D. (2021, Match). Time to?Change the CVSS?. IEEE Security &?Privacy, 19(2), 74-78.
Hemberg, E., Kelly, J., Shlapentokh-Rothman, M., Reinstadler, B., Xu, K., Rutar, N., & O'Reilly, U.M. (2020, October). Linking threat tactics, techniques, and patterns with defensive weaknesses, vulnerabilities and affected platform configurations for cyber hunting. arXiv preprint arXiv:2010.00533.
https://aag-it.com/the-latest-cyber-crime-statistics/, 2023.08, Charles Griffiths
https://www.concert.or.kr/bbs/board.php?bo_tablenewsletter&wr_id515&page3, 2023.01, CONSERT(CONsortium of CERT)
International Organization for Standardization. (2005). Information Technology; Security Techniques; Evaluation Criteria for IT Security: Part 1: Introduction and General?Model. International Organization for Standardization.
Ou, X., Govindavajhala, S., & Appel, A. W. (2005, August). MulVAL: A logic-based network security analyzer. In USENIX security symposium(Vol. 8, pp. 113-128)
*원문 PDF 파일 및 링크정보가 존재하지 않을 경우 KISTI DDS 시스템에서 제공하는 원문복사서비스를 사용할 수 있습니다.
Free Access. 출판사/학술단체 등이 허락한 무료 공개 사이트를 통해 자유로운 이용이 가능한 논문
※ AI-Helper는 부적절한 답변을 할 수 있습니다.