US 12,348,570 B2
Security requirement recommendation system and operation method
Seok Won Lee, Suwon-si (KR); and Ji Wook Jung, Suwon-si (KR)
Assigned to AJOU UNIVERSITY INDUSTRY-ACADEMIC COOPERATION FOUNDATION, Suwon-si (KR)
Filed by AJOU UNIVERSITY INDUSTRY-ACADEMIC COOPERATION FOUNDATION, Suwon-si (KR)
Filed on Dec. 5, 2022, as Appl. No. 18/074,938.
Claims priority of application No. 10-2021-0171953 (KR), filed on Dec. 3, 2021.
Prior Publication US 2023/0179639 A1, Jun. 8, 2023
Int. Cl. G06F 21/57 (2013.01); H04L 9/40 (2022.01)
CPC H04L 63/205 (2013.01) [H04L 63/1425 (2013.01); H04L 63/1441 (2013.01)] 13 Claims
OG exemplary drawing
 
1. An operation method of a security requirement recommendation system, comprising:
inputting an attack scenario of an advanced persistent threat (APT);
estimating a specific APT attack case similar to the attack scenario based on a case-based problem domain ontology including characteristic models of APT attack cases; and
recommending a security requirement corresponding to the specific APT attack case, the recommending having:
extracting a specific attack component by applying the attack scenario to an attack component model,
measuring a similarity between the specific attack component and each attack component of each of the APT attack cases,
listing attack target candidates in an order of greater similarities,
estimating the specific APT attack case for the attack target candidates by analyzing the attack target candidates with a security requirement component model, a risk component model, and a domain component model, and
extracting the security requirement corresponding to the specific APT attack case.