| 摘要 |
The present invention relates to an apparatus and method for information security. The information security apparatus according to the present invention comprises: a log information collection unit which collects log information about each of users from a unit security system; a standardization database which constructs an integrated database by integrating the log information with user information about each user; a pattern extraction unit which extracts a pattern by each user, obtained by patterning unit security system log information about each user, from the log information collection unit and the standardization database, and defines a normal pattern as a reference for determining whether there is a security-critical action from the pattern by each user; and a pattern analysis unit which compares the pattern by each user with the normal pattern to analyze a security risk. [Reference numerals] (AA) Employee 1; (BB) Employee 2; (CC) Employee 3; (DD) Employee 4; (EE) Employee 5; (FF) Employee 6; (GG) Employee 7; (HH) Employee 8; (II) Employee 9; (JJ) Employee 10; (KK) Employee 11; (LL) Employee 12; (MM) Employee 13; (OO) Employee 14; (PP) Average; (QQ) Non-business site access; (RR) Webmail; (SS) File transmission; (TT) Encrypted document |
