• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.1
• /
• pp.123-128
• /
• 2010

Graph expression of attack scenarios is a necessary method for analysis of vulnerability in server as well as the design for defence against attack. Although various requirement analysis model are used for this expression, they are restrictive to express combination of complex scenarios. Role Based Petri Net suggested in this paper offer an efficient expression model based role on Petri Net which has the advantage of concurrency and visuality and can create unknown scenarios.

• Journal of Convergence for Information Technology
• /
• v.11 no.4
• /
• pp.55-63
• /
• 2021

Recently, the incidence rate of malicious codes is over tens of thousands of cases, and it is known that it is almost impossible to detect/respond all of them. This study proposes a method for detecting multiple behavior patterns based on a graph database as a new method for dealing with malicious codes. Traditional dynamic analysis techniques and has applied a method to design and analyze graphs of representative associations malware pattern(process, PE, registry, etc.), another new graph model. As a result of the pattern verification, it was confirmed that the behavior of the basic malicious pattern was detected and the variant attack behavior(at least 5 steps), which was difficult to analyze in the past. In addition, as a result of the performance analysis, it was confirmed that the performance was improved by about 9.84 times or more compared to the relational database for complex patterns of 5 or more steps.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.48 no.3
• /
• pp.76-81
• /
• 2011

Intrusion prevention systems (IPS) are important solution about solved problems for inside system security or outsider attacks. When introduce this system, first consideration item is secured rather than multiple function. Colored Petri Nets (CPNs) used that in order to secured verification for user authentication function of intrusion prevention system security model. CPNs is a graphical modeling language suitable for modeling distributed, concurrent, deterministic or non-deterministic systems with synchronous. Like these CPNs was expressed every possible state and occurrence graph. Secured of IPS security model was verified because expression every state using CPN tool and as a result of analyzing the occurrence graph was without a loop or interruption.

• Journal of the Korea Convergence Society
• /
• v.8 no.8
• /
• pp.51-57
• /
• 2017

A wireless sensor network is composed of many resource constrained sensor nodes. These networks are attacked by malicious attacks like DDoS and routing attacks. In this paper, we propose the intrusion detection and prevention system using convergence of software-defined networking and security technology in wireless sensor networks. Our proposed scheme detects various intrusions in a central server by accumulating log messages of OpenFlow switch through SDN controller and prevents the intrusions by configuring OpenFlow switch. In order to validate our proposed scheme, we show it can detect and prevent some malicious attacks in wireless sensor networks.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.11a
• /
• pp.1100-1103
• /
• 2007

보안관제시스템이 사이버 공격 현황을 보다 한눈에 알 수 있도록 시각적이고 입체적으로 바뀌고 있다. 네트워크 이상트래픽과 보안이벤트를 단순 텍스트나 표, 그래프를 넘어 3차원 영상 화면에서 직관적으로 분석하고 공격 상황을 볼 수 있는 기술이 보안관제시스템에 속속 결합되고 있어 주목된다. 본 연구는 기존 보안시스템 화상의 저장방법, 화상의 감시, 녹화된 화상의 검색 시 불안정성, 운영방법, 설치 방법 등을 혁신적으로 보완한 NETWORK CAMERA 은 RTOS, 카메라, 영상압축기, LAN제어기 등을 하나로 통합한 Embedded System으로 구성되어 운영자뿐만 아니라 누구든지 손쉽게 운영할 수 있도록 초점을 맞추어 인터넷 웹 환경에서 제공토록 개발되어 운영의 효율성을 높인 차세대 보안시스템을 구축하고자 합니다.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.16 no.1
• /
• pp.79-92
• /
• 2020

As the number of systems increases and the network size increases, automated attack prediction systems are urgently needed to respond to cyber attacks. In this study, we developed four types of information gathering sensors for collecting asset and vulnerability information, and developed technology to automatically generate attack graphs and predict attack targets. To improve performance, the attack graph generation method is divided into the reachability calculation process and the vulnerability assignment process. It always keeps up to date by starting calculations whenever asset and vulnerability information changes. In order to improve the accuracy of the attack target prediction, the degree of asset risk and the degree of asset reference are reflected. We refer to CVSS(Common Vulnerability Scoring System) for asset risk, and Google's PageRank algorithm for asset reference. The results of attack target prediction is displayed on the web screen and CyCOP(Cyber Common Operation Picture) to help both analysts and decision makers.

• Journal of Korea Society of Industrial Information Systems
• /
• v.19 no.5
• /
• pp.51-56
• /
• 2014

In the digital world of the internet, steganography is introduced to hide the existence of the secret communication by concealing a secret message inside another unsuspicious cover medium. The third parties are unaware that a stego medium is being communicated. There exists a large variety of steganography methods based on texts. In this paper, analyzed the advantages and significant disadvantages of each existing text steganography method and how new approach could be proposed as a solution. The objective of this paper is to propose a method for hiding the secret messages in safer manner from external attacks by encryption rearrangement key.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2019.05a
• /
• pp.52-55
• /
• 2019

최근 여러 블록체인 플랫폼에서 잇따라 51% 공격에 대한 소식이 들려 옴에 따라 새로운 블록체인의 필요성이 부각되고 있다. 그중 Hashgraph 는 기존의 블록체인과 다르게 블록단위가 아닌 이벤트 즉, 블록에 기록되는 트랜잭션 그 자체로 체인이 구성되는 메커니즘을 가지고 있기 때문에 차세대 블록체인으로 대두되고 있다. 그러나 트랜잭션 단위로 Hash 또는 Hash 검증을 수행하기 때문에 연산 량이 기하급수적으로 늘어나며, 검증 또는 합의에 소요되는 시간이 상당하다. 본 논문에서는 이를 해소하기 위해 Verifiable Random Function 을 이용하여, Hash 에 대한 검증 절차와 연산 량을 감소하여 최종적으로 합의에 소요되는 시간을 단축하는 방법에 대해 제시한다.

• Journal of the Korea Society of Computer and Information
• /
• v.24 no.10
• /
• pp.205-213
• /
• 2019

Network robustness is one of the most important characteristics needed as the network. Over the military tactical communication network, robustness is a key function for maintaining attack phase constantly. Tactical Information Communication Network, called TICN, has mixed characteristics of lattice- and tree-type network topology, which looks somewhat weak in the viewpoint of network robustness. In this paper, we search articulation points and bridges in a current Tactical Information Communication Network using graph theory. To improve the weak points empirically searched, we try to add links to create the concrete network and then observe the change of network-based verification values through diminishing nodes. With these themes, we evaluate the generated networks through SNA techniques. Experimental results show that the generated networks' robustness is improved compared with current network structure.

• Journal of Convergence for Information Technology
• /
• v.9 no.8
• /
• pp.35-44
• /
• 2019

The purpose of this study is to find out quantitative vulnerability assessment about COTS(Commercial Off The Shelf) O/S based I&C System. This paper analyzed vulnerability's lifecycle and it's impact. this paper is to develop a quantitative assessment of overall cyber security risks and vulnerabilities I&C System by studying the vulnerability analysis and prediction method. The probabilistic vulnerability assessment method proposed in this study suggests a modeling method that enables setting priority of patches, threshold setting of vulnerable size, and attack path in a commercial OS-based measurement control system that is difficult to patch an immediate vulnerability.