MENU
Library HOME > Library > º¸¾È Á¦Ç°Á¤º¸

º¸¾È Á¦Ç°Á¤º¸


Ú¸ »çÀ̹öÀ§Çù Á¤º¸°øÀ¯ ±Ô°Ý °³Á¤¾È ¹ßÇ¥ 2014.08.05  

»çÀ̹öÀ§Çù Á¤º¸°øÀ¯ ±Ô°Ý STIX/TAXIIÀÇ ¾÷µ¥ÀÌÆ® ¹öÀü ¹ßÇ¥ 


[º¸¾È´º½º ¹Î¼¼¾Æ] Ú¸ ±¹Åä¾Èº¸ºÎ´Â(DHS) MITRE¸¦ ÅëÇØ »çÀ̹öÀ§Çù Á¤º¸°øÀ¯ ±Ô°ÝÀÎ STIX/TAXIIÀÇ ¾÷µ¥ÀÌÆ® ¹öÀüÀ» ¹ßÇ¥Çß´Ù.


MITRE´Â Áö³­ 5¿ù »çÀ̹öÀ§Çù Á¤º¸Ç¥Çö ±Ô°ÝÀÎ STIX¸¦ ±âÁ¸ ¹öÀü 1.0.1¿¡¼­ ÇöÀç ¹öÀü 1.1À¸·Î 1³â¿© ¸¸¿¡ ¾÷µ¥ÀÌÆ®ÇßÀ¸¸ç, 7¿ù¿¡´Â Ú¸ »çÀ̹öÀ§Çù Á¤º¸Àü¼Û ±Ô°ÝÀÎ TAXII ¼öÁ¤º»À» ¹ßÇ¥Çß´Ù.


À̹ø ¾÷µ¥ÀÌÆ®¿¡¼­´Â TAXIIÀÇ XML ¸Þ½ÃÁö Á¤º¸ Àü¼ÛÀ» À§ÇÑ ¹ÙÀεù ºÎºÐÀ» Æ÷ÇÔÇÑ 2°¡Áö ¹ÙÀεù ½ºÆå ¿À·ù¸¦ ¼öÁ¤ÇÏ°í, STIXÀÇ 8°³ ÁÖ¿ä ±¸¼º¿ä¼Òµé¿¡ ÀÏ°ýÀûÀ¸·Î À̸§(Title), ¼³¸í(Description), ¿ä¾à¼³¸í(Short Description) ¼Ó¼ºÀ» Ãß°¡ÇØ ÅëÀϼºÀ» ºÎ¿©ÇÏ°í ±¸¼º¿ä¼Ò ÆľÇÀÇ ÀÌÇصµ¸¦ ³ô¿´´Ù.


¡ãSTIXÀÇ 8°³ ÁÖ¿ä ±¸¼º¿ä¼Ò°£ÀÇ °ü°èµµ


¶ÇÇÑ, STIXÀÇ 8°³ ÁÖ¿ä ±¸¼º¿ä¼Òµé Áß °ø°Ý±â¹ý °ü·Ã ±¸Á¶Ã¼ÀÎ TTP(Tactics, Techniques and Procedure)¿¡ ½Äº°ÀÚ °ü·Ã(id ¹× idref) Á¤º¸ÀÇ ºÎ¿©°¡ ÇÊ¿äÇÑ Ç׸ñÀÌ ÀÖÀ½À» ÀνÄÇÏ°í ½Äº°ÀÚ¸¦ ºÎ¿©Çß´Ù.

ÀÌ¿Í ÇÔ²² STIXÀÇ 8°³ ÁÖ¿ä ±¸¼º¿ä¼Òµé Áß °ø°ÝÀÚ °ü·Ã ±¸Á¶Ã¼ÀÎ Threatr Actor¿¡ °ø°ÝÀÚÀÇ Á¤±³ÇÔÀ» Ç¥ÇöÇϱâ À§ÇØ sophistication ¼Ó¼ºÀ» Ãß°¡ÇßÀ¸¸ç, ¿øº»¹®¼­¸¦ ±× ¿ªÇÒ µî¿¡ µû¶ó º¼ ¼ö ÀÖµµ·Ï Á¤º¸Ãâó ¼Ó¼ºÀ» °³¼±Çß´Ù.

ÀÌ¿Í °ü·ÃÇØ º¸´Ù ÀÚ¼¼ÇÑ »çÇ×Àº Çѱ¹ÀÎÅͳÝÁøÈï¿ø ÀÎÅͳÝħÇØ´ëÀÀ¼¾ÅÍ È¨ÆäÀÌÁö³ª ¾Æ·¡ Ãâó ³»¿ëÀ» ÂüÁ¶ÇÏ¸é µÈ´Ù.


[Ãâó]

1. https://taxii.mitre.org/specifications/version1.1/

2. http://stix.mitre.org/about/documents/STIX_Whitepaper_v1.1.pdf

3. http://stix.mitre.org/language/version1.1/

4. http://stix.mitre.org/language/version1.1/xsddocs/XMLSchema/ttp/1.1/ttp.html

5. http://stix.mitre.org/language/version1.1/STIX_1.1_Release_Notes.pdf

6.http://stix.mitre.org/language/version1.1/xsddocs/XMLSchema/threat_actor/1.1/threat_actor.html


[¿ë¾î¼³¸í]

MITRE : ¹Ì ¿¬¹æÁ¤ºÎÀÇ Áö¿øÇÏ¿¡ R&D»ç¾÷À» ÆîÄ¡´Â ºñ¿µ¸®´Üü

STIX(The Structured Threat Information eXpression) : »çÀ̹öÀ§Çù Á¤º¸Ç¥Çö ±Ô°Ý

TAXII(Trusted Automated eXchange of Indicator Information) : »çÀ̹öÀ§Çù Á¤º¸Àü¼Û ±Ô°Ý

°ü·Ã TTP ¼Ó¼º : °ø°ÝÆÐÅÏ(Attack Patterns) ¹× ¾Ç¼ºÄÚµå(Malware), ¾Ç¼ºÇàÀ§(Exploits), °ø°Ý±â¹Ý (Infrastructure) ¡æ ¿¹¸¦ µé¸é, Attack PatternsÀº ½Äº°ÀÚ¸¦ ºÎ¿©¹ÞÀº ´ÜÀ§ Attack PatternÀÇ Á¶ÇÕµé·Î ±¸¼º. À̸¦ ÅëÇØ ÀÚÄ© ºÐ¼®°¡º°·Î ´Ù¾çÇÏ°Ô ±â¼úµÉ ¼ö ÀÖ¾ú´ø °ø°Ý±â¹ý¿¡ ´ëÇÑ ÀÛ¼ºÀÌ ·¹°íó·³ ±Ô°ÝÈ­µÈ ´ÜÀ§Á¤º¸µéÀÇ Á¶ÇÕÀ¸·Î ±¸¼ºÀÌ °¡´ÉÇÏ°Ô µÈ´Ù.

[¹Î¼¼¾Æ ±âÀÚ(boan5@boannews.com)]


<ÀúÀÛ±ÇÀÚ: º¸¾È´º½º(http://www.boannews.com/) ¹«´ÜÀüÀç-Àç¹èÆ÷±ÝÁö>




COPYRIGHT CISOKOREA.ORG. ALL RIGHTS RESERVED.
°³ÀÎÁ¤º¸Ã³¸®¹æħ