資訊技術蓬勃發展的現在,資訊安全事故也層出不窮。資訊安全廠商如雨後春筍般的冒出,但面對日新月異的惡意網路行為,資訊安全廠商能做的就是跟隨著已經發現的惡意攻擊程式進行系統漏洞修補、惡意程式特徵萃取防禦或是攻擊行為模式偵測阻擋。這樣的攻防模式已經行之有年,處於被動防禦的資訊安全廠商依然無法突破此困境,而每當有新型態的惡意程式攻擊行為發生時,初期所造成的災害較攻擊事故中期的影響,往往是數以倍計的。
新型態的攻擊行為資訊在商業利基主導的環境中是不容易被公開分享,但新型態攻擊所造成的商業損失卻是無法估計的。本論文的目的希望在不損及商業行為的前提下,提出新型態的攻擊資訊分享機制,在此建議機制中,資訊安全服務廠商能減低對於資訊安全資訊分享的商業損失疑慮,進而在新型態的攻擊行為發生初期盡量減小攻擊所造成的損害範圍,甚至抑制該攻擊行為擴散並且迅速消滅。
最後,經由文獻探討、技術分析,提出現行資訊技術、資訊安全事故資訊不易分享之原因,並逐一進行研究探討,以提出可以被接受且易於進行實作之資訊安全事故分享機制。
Nowadays with the booming of developing the information technology, information security consulting venders have sprung up like bamboo shoots after spring rain since the security events emerge in endlessly. Facing these malicious attacks, the ways, security venders can do, are fixing the bugs related to the system loopholes, adapting appropriate defend processes depend on the characters of malicious programs or detecting and stopping the attacks activities. The defend ways has been implemented for years but the security venders still have not broken away for the security attacks. When the new types of malicious attacks happen, the damage in the early stage is higher and many times than middle stage.
Based on the commercial interest, the companies reluctant to share the information of new types of security attacks, however the commercial losses caused by new type of security attacks are inestimable. Based on the purpose of not harming commercial interest, this research aims at providing a new type of information sharing system of information security incidents. According to this system, the information security consulting venders could lower their concerns that the security information sharing could cause the commercial loss, reduce the damage caused by new type of security attack in the early stage when attacks happen, controlling the spread of security attacks and eliminate these activities quickly.
Finally, through literature review and technique analysis, this research finds out and studies the difficulties of sharing the information security incidents, and then brings up a practical and acceptable an information sharing system.