TY  - JOUR
T1  - Social Engineering based Security Requirements Recommendation Framework to Prevent an Advanced Persistent Threat
AU  - Kim, Seung-Jun 
AU  - Lee, Seok-Won 
JO  - Journal of KIISE, JOK
PY  - 2018
DA  - 2018/1/14
DO  - 10.5626/JOK.2018.45.10.1015
KW  - security requirement
KW  - social engineering
KW  - advanced persistent threat
KW  - human factor
KW  - ontology
KW  - 3-layer model
AB  - Advanced Persistent Threat (APT) is a major threat to Socio-Technical System, which constitutes our society. This threat is an attack process rather than a hacking technique, unlike traditional methods of cyberbullying, so it is difficult to detect or defend a wide range of targets for a long period of time using a wide range of exploits. In particular, traditional advanced threats involve technical approaches, such as firewalls, log checks, and packet analysis, in which the first stage of the intelligent, sustained threat analysis involves the ease with which human vulnerabilities are pursued during the early stages of the process. This paper proposes a framework that analyzes the vulnerable social perspective based on the various human factors to prevent advanced persistent threats by using three-layered approach and recommends a security requirement to complement them by using ontology-based approach.