Ç¥ÁØÈ­ Âü¿©¾È³»

TTAÀÇ Ç¥ÁØÇöȲ

Ȩ > Ç¥ÁØÈ­ °³¿ä > TTAÀÇ Ç¥ÁØÇöȲ

Ç¥ÁعøÈ£ TTAK.KO-12.0353-Part3 ±¸Ç¥ÁعøÈ£
Á¦°³Á¤ÀÏ 2019-12-11 ÃÑÆäÀÌÁö 30
ÇѱÛÇ¥ÁØ¸í µðÁöÅÐ Æ÷·»½Ä Á¶»ç¸¦ À§ÇÑ ÅëÇÕ Á¤º¸ ó¸® ±Ô°Ý - Á¦3ºÎ: µ¥ÀÌÅÍ Ã³¸® »óÈ£ ȣȯÀ» À§ÇÑ ÂüÁ¶ ¸ðµ¨
¿µ¹®Ç¥Áظí Data Specification for Digital Forensic Investigation: Part 3. Examples Reference Model for Data Processing Interoperability
Çѱ۳»¿ë¿ä¾à ÀÌ Ç¥ÁØÀº 1ºÎ¿Í 2ºÎ¿¡¼­ ¼Ò°³ÇÏ°í Á¤ÀÇÇÑ ¼Ó¼ºµéÀ» È°¿ëÇÏ¿©, µðÁöÅÐ Æ÷·»½Ä Á¶»ç¿¡¼­ È°¿ëµÇ´Â ±âÁ¸ ȯ°æ(·¹°Å½Ã)ÀÇ µ¥ÀÌÅÍ Ã³¸®°¡ »óÈ£ÀûÀ¸·Î ȣȯµÇ±â À§ÇÑ ÂüÁ¶ ¸ðµ¨À» Á¦½ÃÇÑ´Ù. ÀÌ Ç¥ÁØÀ» È°¿ëÇϱâ À§ÇÑ ¾È³»¼­°¡ µÉ ¼ö ÀÖµµ·Ï Á¤º¸ À¯Ãâ, »ê¾÷ÀçÇØ, ħÇØ»ç°í ´ëÀÀ ½Ã³ª¸®¿À¸¦ ¿¹Á¦·Î Æ÷ÇÔÇÑ´Ù. ·¹°Å½Ã¿¡¼­ ÀÚÁÖ »ç¿ëµÇ´Â CSV/SQLite ÇüÅ·ΠÃâ·ÂµÈ µ¥ÀÌÅÍ¿Í º» Ç¥ÁØ¿¡¼­ Á¦½ÃÇÏ´Â ±Ô°ÝÀ¸·Î ÀÛ¼ºÇÑ ³»¿ëÀ» ºñ±³ÇÒ ¼ö ÀÖ´Â ³»¿ëÀ» º»¹®°ú ºÎ·Ï¿¡ Æ÷ÇÔÇÏ¿´°í, ƯÈ÷ ħÇØ»ç°í ´ëÀÀ ½Ã³ª¸®¿À´Â STIX ±â¹Ý »çÀ̹ö À§Çù Á¤º¸ ü°è¿Í ¿¬µ¿½ÃÅ°´Â ¹æ¹ýÀÇ ¿¹½Ã¸¦ Æ÷ÇÔÇÑ´Ù.
¿µ¹®³»¿ë¿ä¾à The standard suggests a model which helps interoperability in data processing with the existing environment (i.e. legacy), applying defined the properties introduced in Part1 and Part2. To give you a guideline how to use the standard, it includes three different scenarios; leakage of confidential information, occupational accident, and incident response scenarios. In the context and appendix, CSV/SQLite data from the existing environment and standardized contents using the standard are included to compare the difference between them. It proposes how to integrate the data in the incident response scenario with Structured Threat Information Expression (STIX) especially.
±¹Á¦Ç¥ÁØ
°ü·ÃÆÄÀÏ TTAK.KO-12.0353-Part3.pdf TTAK.KO-12.0353-Part3.pdf            

ÀÌÀü
i-PIN ¼­ºñ½º Àü´Þ ¸Þ½ÃÁö Çü½Ä
´ÙÀ½
ÄÄÇ»ÅÍ Æ÷·»½ÄÀ» À§ÇÑ µðÁöÅÐ µ¥ÀÌÅÍ ¼öÁýµµ±¸ ¿ä±¸»çÇ×