Digital Library[ Search Result ]
A Security Requirements Recommendation Framework Based on APT Attack Cases
MinJu Kim, Sihn-Hye Park, Seok-Won Lee
http://doi.org/10.5626/JOK.2021.48.9.1014
Advanced Persistent Threat (APT) attacks are intelligent and continuous attacks on specific targets. This type of attack is one of the most difficult attacks to detect and defend because it uses an organized and advanced technique for attacking targets, and it continuously attempts to attack the undetected for a certain period. In this paper, we propose a framework that recommends security requirements for real-world APT attacks as a proactive defense against APT attacks. The proposed framework derives attack elements based on scenarios for specific APT attacks and analyzes the relationships between elements. Through case-based reasoning of analytical results, attack patterns are deduced, and security requirements are recommended. For case-based reasoning and security requirements recommendation, we build an integrated knowledge base that includes APT attack knowledge, general security knowledge, and domain-specific knowledge. The integrated knowledge base consists of knowledge-specific ontology and related databases. We implement this framework as a web application to conduct case studies on specific APT attacks.
Analysis and Modeling of Advanced Persistent Threat through Case Study
http://doi.org/10.5626/JOK.2019.46.12.1328
Advanced Persistent Threat(APT) attack is one of the cyber-attack methods that continuously attacks the specific target with advanced tools. Since attackers use various methods that are specialized to targets, it is difficult to prevent the attacks with common security countermeasures. Currently, there exist various the APT attack stage models. However, the models only express APT attacks simply. Consequently, it is difficult to use them for risk assessment or as a recommendation for security requirements for a specific system. In order to overcome the limitations of such models, we derived factors of APT attack through a case study for defining the features of APT attack. We have also analyzed and defined the factors and their relationships to construct the APT attack factor model. For validation purpose, the model applied to the actual attack case has been referred to as ‘APT 1’. Through the proposed model, it would be possible to gain understanding about the overall flow of APT attacks and classify attack factors not only in terms of technical aspects but also with respect to social engineering facets.
Ontology-based Approach to Determine the Conflicts between Security and Usability Requirements in the Requirements Engineering Process
http://doi.org/10.5626/JOK.2018.45.11.1142
Considering the trade-offs or conflicts between security and usability during the requirements engineering (RE) process is a complicated task. This is due to the contrary characteristics of security and usability as well as a lack of research on finding a consensus on the semantics of quality attributes, especially for security and usability. Furthermore, the number of security experts available is decreasing, while a methodology to determine the conflicts between security and usability during the RE process has not yet been developed. We, therefore, propose a novel approach to construct a three-layer ontological knowledge base by linking the keywords from definitions, criteria, and metrics of security and usability. In addition, we discuss the applicability of this knowledge base by examining two case studies with software engineering (SE) students. These case studies show that the participants using the proposed approach (Team A) can derive conflicts that are more precise compared to the participants who did not use the knowledge base (Team B). Moreover, the number of conflicts derived by Team A is half that by Team B. Regardless of the knowledge level, the proposed approach can determine the conflicts between security and usability during the RE process. Also, while practical RE studies have often been considered difficult to handle, the proposed approach can show the applicability of RE research.
Social Engineering based Security Requirements Recommendation Framework to Prevent an Advanced Persistent Threat
http://doi.org/10.5626/JOK.2018.45.10.1015
Advanced Persistent Threat (APT) is a major threat to Socio-Technical System, which constitutes our society. This threat is an attack process rather than a hacking technique, unlike traditional methods of cyberbullying, so it is difficult to detect or defend a wide range of targets for a long period of time using a wide range of exploits. In particular, traditional advanced threats involve technical approaches, such as firewalls, log checks, and packet analysis, in which the first stage of the intelligent, sustained threat analysis involves the ease with which human vulnerabilities are pursued during the early stages of the process. This paper proposes a framework that analyzes the vulnerable social perspective based on the various human factors to prevent advanced persistent threats by using three-layered approach and recommends a security requirement to complement them by using ontology-based approach.
A Comparative Study of Machine Learning Algorithms for Diagnosis of Ischemic Heart Disease
Pyoung-Woo Park, Min-Koo Kim, Hong-Seok Lim, Duk-Yong Yoon, Seok-Won Lee
http://doi.org/10.5626/JOK.2018.45.4.376
In recent years, studies on artificial intelligence have been actively conducted, and artificial intelligence technology supports accurate and efficient decision-making for mankind. Also, the accumulation of medical knowledge and related data is accelerating, and studies on diagnosis of diseases through artificial intelligence technology are being carried out briskly. In this study, I chose a representative cardiovascular disease, specifically ischemic heart disease, as a research domain, and analyzed the available algorithms comparing effective approaches in the medical expert system for diagnosis of the disease. Concretely, the purpose of the study is to assist medical experts and physicians based on the initial patient record data, help them to explain the cause of ischemic heart disease, and minimize unnecessary related tests. In addition, the experimental data can be configured so that medical professionals can use them as learning models, thereby maximizing their experience and knowledge efficiently.
A Method to Elicit Privacy Requirements and Build Privacy Assurance Cases for Privacy Friendly System
http://doi.org/10.5626/JOK.2017.44.9.918
Recently, the spread of smartphones and various wearable devices has led to increases in the accumulation and usage of personal information. As a result, privacy protection has become an issue. Even though there have been studies and efforts to improve legal and technological security measures for protecting privacy, personal information leakage accidents still occur. Rather than privacy requirements, analysts mostly focus on the implementation of security technology within software development. Previous studies of security requirements strongly focused on supplementing the basic principles and laws for privacy protection and securing privacy requirements without understanding the relationship between privacy and security. As a result, personal information infringement occurs continuously despite the development of security technologies and the revision of the Personal Information Protection Act. Therefore, we need a method for eliciting privacy requirements based on related privacy protection laws that are applicable to software development. We also should clearly specify the relationship between privacy and security. This study aims to elicit privacy requirements and create privacy assurances cases for Privacy Friendly System development.
A Method to Specify and Verify Requirements for Safety Critical System
http://doi.org/10.5626/JOK.2017.44.9.893
In safety-critical systems, software defects may have serious consequences. Therefore, defects should be considered during the requirements specification process, which is the first step of a software development lifecycle. Stakeholder requirements that are usually written in natural language are difficult to derived, and there may also be defects due to ambiguity and inaccuracy. To address these issues, we propose a requirement specification method using a standardized Boilerplate and a GSN Model. The Boilerplate is a semi-standard language that follows a predefined format. Due to its ability to provide a consistent representation of the requirements, boilerplate helps stakeholders avoid ambiguities about what they mean and to define the exact meaning of the requirement. Meanwhile, GSN is recognized notation to prepare a Safety Case to prove to authorities that a system is safe. It can be expressed as a functional goal, e.g., Safety Evidence, etc. The proposed study allows an analyst to easily identify a fault from the early stage of the software development lifecycle. The Boilerplate and GSN Model are designed to specify the requirements of safety critical systems and to prove safety conformity through a connection with Safety Evidence. In addition, the proposed approach is also useful to develop secure software by correcting deficiencies in the requirements found during this process.
A Framework Integrating Problem Frames and Goal Modeling to Support Variability Analysis during Requirements Elicitation
Variability management is the foremost criterion that defines the extent to which complexities can be handled in a system. Predominantly, the requirements’ engineering (RE) study overlooks, or speculates a consistent behavior of, the environment in which a system functions. In real-time systems it is vital to observe and adjust to an intrinsically changing context. Therefore, in this work we identify the requirements of the system in various contexts by recommending a framework using i* goal model, problem frames, use case maps and live sequence charts. The framework is illustrated using a case study of the smart grid RTP system. In the case study, elaboration of scenarios using use case maps and live sequence charts proved beneficial as they assisted in early analysis and validation of contexts. In addition, the elaboration of requirements for obstacle and conflict analysis assists the requirements engineer to increase the robustness of the system. The proposed framework is evaluated theoretically and by empirical study.
An Architectural Pattern Recommendation Method Based on a Quality-Attributes Trade-off Analysis
Recently, the accomplishment of a system’s quality attributes requires the negotiation of increasingly complex requirements, and this is because the contextual and developmental environments in which software is used has undergone broad changes. Nevertheless, with regard to most architectural designs, many of the proportions depend on the architect’s intuition. Moreover, even if reusable architectural patterns are adapted to an architectural design, common schemas for the description of their use are nonexistent, and it is difficult to make a comparison for the selection of an appropriate systemic pattern because the focus of the schemas is not the user’s perspective. To achieve a fast initial-design decision, this paper suggests new schemas that reduce the distance between the quality attribute requirements and the design by reinterpreting architectural patterns from the user’s perspective. Also, based on the reconstructed pattern model that is derived from the use of the new schemas, an architectural-pattern recommendation method (APOQATo) for which the trade-off and the constraints that are due to the design decision are considered is provided as well as the advantages of the architectural pattern for which the quality attributes are satisfied.
Requirements Elicitation and Specification Method for the Development of Adaptive User Interface
Many studies have addressed ‘Adaptive User Interface (AUI)’, wherein the user interface changes in accordance with the situation and the environment of each user at runtime. Nevertheless, previous papers for AUI barely reflected the viewpoints from requirements engineering field, since most of them focused on proposing the architecture and design. In this study, we outline AUI with the perspective of requirements engineering and propose the requirements elicitation and specification method based on concepts which have been researched in the area of self-adaptive system. Step by step, we first redefine and reinterpret the well-known concepts of self-adaptive software, after which the AUI requirements are elicited and specified. Finally, we illustrate a case study, which demonstrates the effectiveness of our method.
Search
Journal of KIISE
- ISSN : 2383-630X(Print)
- ISSN : 2383-6296(Electronic)
- KCI Accredited Journal
Editorial Office
- Tel. +82-2-588-9240
- Fax. +82-2-521-1352
- E-mail. chwoo@kiise.or.kr