| Summary: | 碩士 === 中國文化大學 === 資訊安全產業研發碩士專班 === 98 === Nowadays with the booming of developing the information technology, information security consulting venders have sprung up like bamboo shoots after spring rain since the security events emerge in endlessly. Facing these malicious attacks, the ways, security venders can do, are fixing the bugs related to the system loopholes, adapting appropriate defend processes depend on the characters of malicious programs or detecting and stopping the attacks activities. The defend ways has been implemented for years but the security venders still have not broken away for the security attacks. When the new types of malicious attacks happen, the damage in the early stage is higher and many times than middle stage.
Based on the commercial interest, the companies reluctant to share the information of new types of security attacks, however the commercial losses caused by new type of security attacks are inestimable. Based on the purpose of not harming commercial interest, this research aims at providing a new type of information sharing system of information security incidents. According to this system, the information security consulting venders could lower their concerns that the security information sharing could cause the commercial loss, reduce the damage caused by new type of security attack in the early stage when attacks happen, controlling the spread of security attacks and eliminate these activities quickly.
Finally, through literature review and technique analysis, this research finds out and studies the difficulties of sharing the information security incidents, and then brings up a practical and acceptable an information sharing system.
|
|---|
