Enterprise SECURITY Management for IoT Services Based on Event Correlation in Republic of KOREA

With radical development of information and communication Technology, Internet of Things(IoT) era has come. All the things around us are connected through internet so that it enables objects to exchange data with connected devices and is expected to offer new advanced services that goes beyond the value where each existing objects could have offered respectively. Concerns regarding security threat are being raised in adopting IoT as the number of internet-connected appliances are rapidly increasing. So, we need to consider how to protect and control countless objects. However, traditional security systems including intrusion detection systems(IDSs), firewalls(FWs), anti-viruses(A/Vs), etc., focus on low level attack or anomalies, and raise alerts independently. And IoT services have different types of security frameworks. As a result, it is difficult for human security manager or attack response systems to understand the alerts and take appropriate actions. In this paper describes the analysis of security methods in the area of IoT and describes a mechanism that analyzes logs generated by IoT devices attacks. Data collected from the lightweight application is sent to the network component for further analysis. The collaborative component is used for collecting data in the distributed network and indicates the possible attacks. Also this paper suggests enterprise security management including IoT services which are based on distributed environments, and presents a practical technique to address this issue, and introduces Event Correlation Model(ECM) which is a simple free text causal language. We show how the concept of class in object-oriented methodology is used to provide scalability to our approach. Graph and coding theories are used for correlation.