A study on effective outer document flow based on dast for APT response
- Authors
- Kim, Jong Pil; Na, Onechul; Yu, Harang; Hong, Giwan; Chang, Hangbae
- Issue Date
- Aug-2020
- Publisher
- ICIC International
- Keywords
- Advanced Persistent Threat (APT); Detection technology; Document Attachment Sanitization Technology (DAST); Malicious code; Spreading course of malicious code
- Citation
- ICIC Express Letters, v.14, no.8, pp 821 - 827
- Pages
- 7
- Journal Title
- ICIC Express Letters
- Volume
- 14
- Number
- 8
- Start Page
- 821
- End Page
- 827
- URI
- https://scholarworks.bwise.kr/cau/handle/2019.sw.cau/43928
- DOI
- 10.24507/icicel.14.08.821
- ISSN
- 1881-803X
- Abstract
- The Advanced Persistent Threat (APT) is a method of social engineering which refers to a meticulous attack by utilizing a precise attack target and sophisticated program and is also rapidly increasing in continuous progress and development of commercial detection technology. Accordingly, in this research, Document Attachment Sanitization Technology (DAST) based harmless technology through contents reconstitution is established and implemented by analyzing the types of malicious code, attack method, etc. and furthermore, precedent researches which analyze these were investigated. Since the existing technology can only detect simple signature comparison or detection of known malicious code, the technology proposed in this study is able to actively and quickly respond to new malicious code such as concealment, bypass, and latency. DAST is a technology with new perspective of interpretation and a differentiated access method, which is applicable on documentation which inflows from exterior to interior from various types of channels and uses technology which reconstructs documentation after extracting safe contents and therefore able to preemptively and actively respond to APT attack. This study suggested a solution that can improve limitation of existing detection technology; however, it has a limitation of detection by damage on the original document during the process of documentation reconstitution and non-supporting extension, and therefore requires to conduct an additional study in the future time. © 2020 ICIC International. All rights reserved.
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - College of Business & Economics > Department of Industrial Security > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.