Ȩ > Ç¥ÁØÈ °³¿ä > TTAÀÇ Ç¥ÁØÇöȲ
Ç¥ÁعøÈ£ | TTAK.KO-12.0353-Part3 | ±¸Ç¥ÁعøÈ£ | |
---|---|---|---|
Á¦°³Á¤ÀÏ | 2019-12-11 | ÃÑÆäÀÌÁö | 30 |
ÇѱÛÇ¥Áظí | µðÁöÅÐ Æ÷·»½Ä Á¶»ç¸¦ À§ÇÑ ÅëÇÕ Á¤º¸ ó¸® ±Ô°Ý - Á¦3ºÎ: µ¥ÀÌÅÍ Ã³¸® »óÈ£ ȣȯÀ» À§ÇÑ ÂüÁ¶ ¸ðµ¨ | ||
¿µ¹®Ç¥Áظí | Data Specification for Digital Forensic Investigation: Part 3. Examples Reference Model for Data Processing Interoperability | ||
Çѱ۳»¿ë¿ä¾à | ÀÌ Ç¥ÁØÀº 1ºÎ¿Í 2ºÎ¿¡¼ ¼Ò°³ÇÏ°í Á¤ÀÇÇÑ ¼Ó¼ºµéÀ» È°¿ëÇÏ¿©, µðÁöÅÐ Æ÷·»½Ä Á¶»ç¿¡¼ È°¿ëµÇ´Â ±âÁ¸ ȯ°æ(·¹°Å½Ã)ÀÇ µ¥ÀÌÅÍ Ã³¸®°¡ »óÈ£ÀûÀ¸·Î ȣȯµÇ±â À§ÇÑ ÂüÁ¶ ¸ðµ¨À» Á¦½ÃÇÑ´Ù. ÀÌ Ç¥ÁØÀ» È°¿ëÇϱâ À§ÇÑ ¾È³»¼°¡ µÉ ¼ö ÀÖµµ·Ï Á¤º¸ À¯Ãâ, »ê¾÷ÀçÇØ, ħÇØ»ç°í ´ëÀÀ ½Ã³ª¸®¿À¸¦ ¿¹Á¦·Î Æ÷ÇÔÇÑ´Ù. ·¹°Å½Ã¿¡¼ ÀÚÁÖ »ç¿ëµÇ´Â CSV/SQLite ÇüÅ·ΠÃâ·ÂµÈ µ¥ÀÌÅÍ¿Í º» Ç¥ÁØ¿¡¼ Á¦½ÃÇÏ´Â ±Ô°ÝÀ¸·Î ÀÛ¼ºÇÑ ³»¿ëÀ» ºñ±³ÇÒ ¼ö ÀÖ´Â ³»¿ëÀ» º»¹®°ú ºÎ·Ï¿¡ Æ÷ÇÔÇÏ¿´°í, ƯÈ÷ ħÇØ»ç°í ´ëÀÀ ½Ã³ª¸®¿À´Â STIX ±â¹Ý »çÀ̹ö À§Çù Á¤º¸ ü°è¿Í ¿¬µ¿½ÃÅ°´Â ¹æ¹ýÀÇ ¿¹½Ã¸¦ Æ÷ÇÔÇÑ´Ù. | ||
¿µ¹®³»¿ë¿ä¾à | The standard suggests a model which helps interoperability in data processing with the existing environment (i.e. legacy), applying defined the properties introduced in Part1 and Part2. To give you a guideline how to use the standard, it includes three different scenarios; leakage of confidential information, occupational accident, and incident response scenarios. In the context and appendix, CSV/SQLite data from the existing environment and standardized contents using the standard are included to compare the difference between them. It proposes how to integrate the data in the incident response scenario with Structured Threat Information Expression (STIX) especially. | ||
±¹Á¦Ç¥ÁØ | |||
°ü·ÃÆÄÀÏ | TTAK.KO-12.0353-Part3.pdf |