그래프 기반 이기종 위협정보 분석기술 연구

Vol. 34, No. 3, pp. 417-430, 6월. 2024
10.13089/JKIISC.2024.34.3.417, Full Text:
Keywords: Cyber Attack, Metapath2Vec, Attack group, Decision support, unsupervised model
Abstract

As modern technology advances and the proliferation of the internet continues, cyber threats are also on the rise. To effectively counter these threats, the importance of utilizing Cyber Threat Intelligence (CTI) is becoming increasingly prominent. CTI provides information on new threats based on data from past cyber incidents, but the complexity of data and changing attack patterns present significant analytical challenges. To address these issues, this study aims to utilize graph data that can comprehensively represent multidimensional relationships. Specifically, the study constructs a heterogeneous graph based on malware data, and uses the metapath2vec node embedding technique to more effectively identify cyber attack groups. By analyzing the impact of incorporating topology information into traditional malware data, this research suggests new practical applications in the field of cyber security and contributes to overcoming the limitations of CTI analysis.

Statistics
Show / Hide Statistics

Statistics (Cumulative Counts from December 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article
[IEEE Style]
이예은 and 이태진, "A Study on Graph-Based Heterogeneous Threat Intelligence Analysis Technology," Journal of The Korea Institute of Information Security and Cryptology, vol. 34, no. 3, pp. 417-430, 2024. DOI: 10.13089/JKIISC.2024.34.3.417.

[ACM Style]
이예은 and 이태진. 2024. A Study on Graph-Based Heterogeneous Threat Intelligence Analysis Technology. Journal of The Korea Institute of Information Security and Cryptology, 34, 3, (2024), 417-430. DOI: 10.13089/JKIISC.2024.34.3.417.