
Recently, targeted cyber attacks have been sophisticated. In case of such attacks, attackers use dedicated malwares against target organizations. Dedicated malwares slip through the conventional countermeasures, e.g., firewall, intrusion detection systems, and so on, which focus on preventing intrusion of malwares. Against such situation, recent countermeasures focus on the mitigation of damages like information leakage after intrusion. Separated network, e.g., separating internal networks, and controlling access among separated sub-networks, is one of the effective countermeasure. It can prevent malicious communication by malwares, and can easily take countermeasure like isolating of infected hosts. However, we need a lot of cost to construct such network. This paper proposes an automated ACL (Access Control List) generation system for secure internal network. The proposed system refers directory service information and network traffic data, and generates proper access controls based on such information. By using this system, we can construct secure internal network which is applied proper access control easily.
| selected citations These citations are derived from selected sources. This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically). | 2 | |
| popularity This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network. | Average | |
| influence This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically). | Average | |
| impulse This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network. | Average |
