| Presentation | 2020-11-26 Initial Study of Incident Response Support System for Multi-Located Network Masahito Kumazaki, Hirokazu Hasegawa, Yukiko Yamaguchi, Hajime Shimada, Hiroki Takakura, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | In the organization network which are consisted multi-sites, there are differences in security strength between the headquarter and other sites, so it is difficult to protect our networks from targetted attacks. In such an environment, the early detection and response against the attacks are important to mitigate damages, however, it is difficult to conduct them in the current general management style of networks. To solve the problem, we proposed an incident response support system for multi-located networks. The proposed system generates recommendations for incident response based on the similarity between the ongoing incident and all other ongoing/past incidents by consulting all incidents archived by the organization. The system also analyzes the correlation among recent occurred incidents and notifies the estimated attack targets to the headquarter administrator. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | Targeted Attacks / Security Incident Response / Correlation Analysis |
| Paper # | ICSS2020-22 |
| Date of Issue | 2020-11-19 (ICSS) |
| Conference Information | |
| Committee | ICSS |
|---|---|
| Conference Date | 2020/11/26(2days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | Online |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | Security, etc. |
| Chair | Hiroki Takakura(NII) |
| Vice Chair | Katsunari Yoshioka(Yokohama National Univ.) / Kazunori Kamiya(NTT) |
| Secretary | Katsunari Yoshioka(NICT) / Kazunori Kamiya(KDDI labs.) |
| Assistant | Keisuke Kito(Mitsubishi Electric) / Toshihiro Yamauchi(Okayama Univ.) |
| Paper Information | |
| Registration To | Technical Committee on Information and Communication System Security |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Initial Study of Incident Response Support System for Multi-Located Network |
| Sub Title (in English) | |
| Keyword(1) | Targeted Attacks |
| Keyword(2) | Security Incident Response |
| Keyword(3) | Correlation Analysis |
| 1st Author's Name | Masahito Kumazaki |
| 1st Author's Affiliation | Nagoya University(Naoya Univ.) |
| 2nd Author's Name | Hirokazu Hasegawa |
| 2nd Author's Affiliation | Nagoya University(Naoya Univ.) |
| 3rd Author's Name | Yukiko Yamaguchi |
| 3rd Author's Affiliation | Nagoya University(Naoya Univ.) |
| 4th Author's Name | Hajime Shimada |
| 4th Author's Affiliation | Nagoya University(Naoya Univ.) |
| 5th Author's Name | Hiroki Takakura |
| 5th Author's Affiliation | National Institute of Informatics(NII) |
| Date | 2020-11-26 |
| Paper # | ICSS2020-22 |
| Volume (vol) | vol.120 |
| Number (no) | ICSS-264 |
| Page | pp.pp.17-20(ICSS), |
| #Pages | 4 |
| Date of Issue | 2020-11-19 (ICSS) |