Abstract
Recently, the leak of domestic core technology of major business in Korea and the subsequent damage, has been increasing every year. Financial losses due to this leak are estimated to be about 220 trillion, which is equivalent to the gross budget of Korea Besides. Currently, the paradigm of industrial security has been changed from simple installation of security equipment to efficient management and control market. Leakage of internal material is able to be prevented, blocked and tracking afterward innovatively through enterprise risk management and security control by fusion of physical security system (entrance control system, vision security system etc.) and IT integrated security control system. It can be possible to setup systematical converging security control process in short term by achieving an effect to running expert organization without additional investment for current physical security and IT security personnel, and it is needed to firmly setup the acquisition and integrated control of IT security and physical security, connected tracking control when security issue is happened, definition for terms of information leakage and security violation and real-time observation, rapid determination and reaction/corrective action for trial of security violation and information leakage, phased and systematic security policy by individual technology. The majority of the leaks are caused by former and current staff members, cooperated businesses, scientists and investment companies. This shows that the sources of the leaks are internal personnel. In this manner, we can infer that the management and plan of personnel security has not implemented sound practices to prevent technology leak by people. Therefore, this thesis suggests classifying methods of technology leak through clustering, one of the data mining methods about the information of internal personnel to prevent core technology leak from businesses.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Lee, D., Lee, D., Kim, K.: Event types of threats in real-time design and implementation of formalized. J. Inf. Sec. (2006)
Zou, C., Gao, L., Gong, W., Towsley, D.: Monitoring and early warning for internet worms. In: Proceedings of the 10th ACM Conference on Computer and Communication Security, p. 10 (2003)
Cabrera, J.B.D., Lewis, L., Qin, X., Gutierrez, C., Lee, W., Mehra, R.K.: Proactive intrusion detection and SNMP based security management. In: Proceedings of IFIP/IEEE Eighth International Symposium on Integrated Net Work Management, pp. 225–254 (2003)
Zhai, J., Tian, J., Du, R., Huang, J.: Network intrusion early warning model based on D-S evidence theory. In: Proceedings of 2003 International Conference on Machine Learning and Cybernetics, vol. 4, pp. 1972–1977 (2003)
Li, J., Manikopoulos, C.: Early statistical anomaly intrusion detection of DOS attacks using MIB traffic parameters. In: IEEE Systems, Man and Cybernetics Society, Information Assurance Workshop, pp. 53–59 (2003)
Lee, K.-H., Lee, C.-K.: The research on establishment for leaking prevention system through the analysis of internal information symptoms. Information Protection Academy Paper, vol. 19, No. 3, June 2009
Song, S.-K., Park, J.-S., Woo, J.-H., Lim, J.-I.: Research on the method for internal computing environment optimization to prevent information leaking. Information Protection Academy Paper, vol. 18, No. 6, Dec. 2008
Lee, D.-S., Kim, J.-S., Kim, K.: The trend of information leaking prevention technology. Information Protection Academy Paper, 20, No. 1, Feb. 2010
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Lee, D., Kim, J.G. & Kim, K.J. A study on abnormal event correlation analysis for convergence security monitor. Cluster Comput 16, 219–227 (2013). https://doi.org/10.1007/s10586-011-0191-6
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10586-011-0191-6