절충지표

컴퓨터 포렌식(Computer phosency)의 IoC(Intervision of computer pharency)는 네트워크나 운영 체제에서 관측되는 인공물로, 높은 신뢰도로 컴퓨터 침입을 나타낸다.^[1]

표시 유형

대표적인 IoCs는 바이러스 서명 및 IP 주소, MD5 악성 프로그램 파일 해시 또는 봇넷 명령어 및 제어 서버의 URL 또는 도메인 이름이다.사고 대응 및 컴퓨터 포렌식 프로세스를 통해 IoCs를 파악한 후 침입 탐지 시스템과 바이러스 백신 소프트웨어를 이용해 향후 공격 시도를 조기에 탐지하는 데 활용할 수 있다.

자동화

보다 효율적인 자동 처리를 위해 IoC 설명자 형식을 표준화하려는 시책이 있다.^[2]^[3]알려진 지표들은 대개 교통 신호등 프로토콜이 사용되고 있는 산업 내에서 교환된다.^[4]^[5]^[6]^[7]^[8]^[9]^[10]

참고 항목

이 컴퓨터 보안 기사는 엉터리야.위키피디아를 확장하여 도울 수 있다.

참조

^ Gragido, Will (October 3, 2012). "Understanding Indicators of Compromise (IoC) Part I". RSA. Archived from the original on September 14, 2017. Retrieved June 5, 2019.
^ "The Incident Object Description Exchange Format". RFC 5070. IETF. December 2007. Retrieved 2019-06-05.
^ "Introduction to STIX". Retrieved 2019-06-05.
^ "FIRST announces Traffic Light Protocol (TLP) version 1.0". Forum of Incident Response and Security Teams. Retrieved 2019-12-31.
^ Luiijf, Eric; Kernkamp, Allard (March 2015). "Sharing Cyber Security Information" (PDF). Global Conference on CyberSpace 2015. Toegepast Natuurwetenschappelijk Onderzoek. Retrieved 2019-12-31.
^ Stikvoort, Don (11 November 2009). "ISTLP - Information Sharing Traffic Light Protocol" (PDF). Trusted Introducer. National Infrastructure Security Co-ordination Centre. Retrieved 2019-12-31.
^ "Development of Policies for Protection of Critical Information Infrastructures" (PDF). Organisation for Economic Co-operation and Development (OECD). Retrieved 2019-12-31.
^ "ISO/IEC 27010:2015 [ISO/IEC 27010:2015] Information technology — Security techniques — Information security management for inter-sector and inter-organizational communications". International Organization for Standardization/International Electrotechnical Commission. November 2015. Retrieved 2019-12-31.
^ "Traffic Light Protocol (TLP) Definitions and Usage". United States Department of Homeland Security. Retrieved 2019-12-31.
^ "Traffic Light Protocol". Centre for Critical Infrastructure Protection. Archived from the original on 2013-02-05. Retrieved 2019-12-31.

[1] Gragido, Will (October 3, 2012). "Understanding Indicators of Compromise (IoC) Part I". RSA. Archived from the original on September 14, 2017. Retrieved June 5, 2019.

[2] "The Incident Object Description Exchange Format". RFC 5070. IETF. December 2007. Retrieved 2019-06-05.

[3] "Introduction to STIX". Retrieved 2019-06-05.

[4] "FIRST announces Traffic Light Protocol (TLP) version 1.0". Forum of Incident Response and Security Teams. Retrieved 2019-12-31.

[5] Luiijf, Eric; Kernkamp, Allard (March 2015). "Sharing Cyber Security Information" (PDF). Global Conference on CyberSpace 2015. Toegepast Natuurwetenschappelijk Onderzoek. Retrieved 2019-12-31.

[6] Stikvoort, Don (11 November 2009). "ISTLP - Information Sharing Traffic Light Protocol" (PDF). Trusted Introducer. National Infrastructure Security Co-ordination Centre. Retrieved 2019-12-31.

[7] "Development of Policies for Protection of Critical Information Infrastructures" (PDF). Organisation for Economic Co-operation and Development (OECD). Retrieved 2019-12-31.

[8] "ISO/IEC 27010:2015 [ISO/IEC 27010:2015] Information technology — Security techniques — Information security management for inter-sector and inter-organizational communications". International Organization for Standardization/International Electrotechnical Commission. November 2015. Retrieved 2019-12-31.

[9] "Traffic Light Protocol (TLP) Definitions and Usage". United States Department of Homeland Security. Retrieved 2019-12-31.

[10] "Traffic Light Protocol". Centre for Critical Infrastructure Protection. Archived from the original on 2013-02-05. Retrieved 2019-12-31.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

Search

절충지표

네임스페이스

더

목차

표시 유형

자동화

참고 항목

참조