• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.2
• /
• pp.401-415
• /
• 2019

Recently, there has been a lot of studies and efforts to strengthen the stability of critical infrastructures against increasing cyber attacks to critical infrastructures. In this thesis, I defined what cyber threats are, after showing you various definitions about what cyber threats are and what the types are. After studying about significant cyber threats from China, I showed you the realities of cyber threats with the analysis about starting points, types of cyber threats, ratios of attacks and so on. At last, I defined guidelines about unnecessary oversea IP range blocking. Also, I proposed unnecessary oversea IP range blocking methodologies with per information system and per network system. Furthermore, I proposed blocking characteristics per security equipment and security operation improvement and blocking effects and service process to normal oversea users.

• Convergence Security Journal
• /
• v.17 no.5
• /
• pp.187-203
• /
• 2017

This study focuses on analyzing the problems of the Korean standard classification of occupations(KSCO), which is a formal and institutional implementation method that affects the occupational identity and Occupational Prestige of Private Security, and suggests ways to improve it. The following should be supplemented. (1) It is necessary to unify occupations related to private security that are classified into simple labor workers. (2) Delete the Technical Security Guards(4123) and create a Security Guard(4123) instead. (3) Facility Security Guards(41230), Convoy Security Guards, Technical Security Guards(41232), Security monitoring and control personnel(41233), and Special Security Guards(National important facility security guard)(41234) will be newly established. (4) Change the name of subclassification and subclassification in simple labor worker of Major Class 9(Code 9), and adjust Security Guards(9421) to the Surveillance Personnel(9421).

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.249-258
• /
• 2012

Cyber attacks expose sensitive information and cause fatal damage in both the public and the private sectors. Therefore, MKE (Ministry of Knowledge Economy) Cyber Security Center was founded on July 25, 2008, to perform three major roles. First, it detects and analyzes cyber attacks for the both sectors. Second, its ISAC (Information Sharing & Analysis Center) service analyzes and evaluates the vulnerability of the communication and network infrastructure to security threats, including control systems. Third, it provides CERT/CC (Computer Emergency Response Team Coordination Center) service to prevent and to respond to computer security incidents. This study focuses on the MKE Cyber Security Center's service analysis, which is playing an increasingly larger role in the both sectors. Based on this analysis, after grasping the response services activity and pointing out the problems, this study suggests improvements to the MKE Cyber Security Center.

• Journal of the Korean Society for information Management
• /
• v.37 no.2
• /
• pp.197-223
• /
• 2020

The purpose of this study is to analyze the issues resulted from the process of grouping KORMARC records using FRBR WORK concept and to suggest a new method. The previous studies did not sufficiently address the criteria or processes for identifying representative authors of records and their derivatives. Therefore, our study focused on devising a method of identifying the representative author when there are multiple contributors in a work. The study developed a method of identifying representative authors using an author role dictionary constructed by extracting role-terms from the statement of responsibility field (245). We also designed another way to group records as a work by calculating similarity measures of authors and titles. The accuracy rate of WORK grouping was the highest when blank spaces, parentheses, and controling processes were removed from titles and the measured similarity rates of authors and titles were higher than 80 percent. This was an experiment study where we developed an author-role dictionary that can be utilized in selecting a representative author and measured the similarity rate of authors and titles in order to achieve effective WORK grouping of KORMARC records. The future study will attempt to devise a way to improve the similarity measure of titles, incorporate FRBR Group 1 entities such as expression, manifestation and item data into the algorithm, and a method of improving the algorithm by utilizing other forms of MARC data that are widely used in Korea.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.10
• /
• pp.63-68
• /
• 2017

Although automated metro subway systems have the advantage of operating a train without a train driver, it is difficult to detect an immediate fault condition and take countermeasures when an unusual situation occurs. Therefore, it is important to construct a maintenance information system (MIS) that detects the vehicle failure/status information in real time and maintains it efficiently in the depot of the railway's vehicles. This paper proposes a conceptual design method that realizes the interface between the train control system (TCS), the operation control center train control monitoring system (OCC-TCMS) console, and the MIS using wireless communication network in real-time. To transmit a large amount of information on 800,000 occurrences per day during operation, data was collected in a 56 byte data table using a data processing algorithm. This state information was classified into 4 hexadecimal codes and transmitted to the MIS by mapping the status and the fault information on the vehicle during the main line operation. Furthermore, the transmission and reception data were examined in real time between the TCS and MIS, and the implementation of the failure information screen was then displayed.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2015.10a
• /
• pp.87-90
• /
• 2015

Equipments that can transmit maritime distress signals in accordance to Global Maritime Distress Safety System are the followings: A1 water(Very High Frequency, SART), A2 water(MF/HF Radio Equipment), A3 water(INMARSAT), A4 water(Emergency Position Indicating Radio Beacon). Institutions with the capacity to receive distress signals are Korea Coast Guard affiliated radio stations, patrol ships, Rescue Coordination centers, Vessel Traffic centers, Complex problems regarding repetitive distress alarms, inaccurate statistics, multiple control towers are existent. Consequently, effective measurement to resolve dispersed operating maritime distress signal system are in time of need. Moreover, current KCG Headquarter is considering to integrate five distress radio stations dispersed across nation into a single international safety communication center. The integration of radio stations are efficient in terms of information coordination between nations, however, it cannot support efficient response to real-time maritime incident. Therefore, in this study, a new system that can rapidly response to real-time maritime incident will be proposed.

• KIPS Transactions on Software and Data Engineering
• /
• v.12 no.2
• /
• pp.99-110
• /
• 2023

This study proposed a classification of malicious network traffic using the cyber threat framework(Mitre ATT&CK) and machine learning to solve the real-time traffic detection problems faced by current security monitoring systems. We applied a network traffic dataset called UNSW-NB15 to the Mitre ATT&CK framework to transform the label and generate the final dataset through rare class processing. After learning several boosting-based ensemble models using the generated final dataset, we demonstrated how these ensemble models classify network traffic using various performance metrics. Based on the F-1 score, we showed that XGBoost with no rare class processing is the best in the multi-class traffic environment. We recognized that machine learning ensemble models through Mitre ATT&CK label conversion and oversampling processing have differences over existing studies, but have limitations due to (1) the inability to match perfectly when converting between existing datasets and Mitre ATT&CK labels and (2) the presence of excessive sparse classes. Nevertheless, Catboost with B-SMOTE achieved the classification accuracy of 0.9526, which is expected to be able to automatically detect normal/abnormal network traffic.

• Convergence Security Journal
• /
• v.21 no.4
• /
• pp.109-115
• /
• 2021

Currently, with the development of 5G and IoT technology, it is being used in connection with the things used in real life through a network. However, attempts to use networked computers for malicious purposes are increasing, and attacks using malicious codes that infringe the confidentiality and integrity of user information are becoming more intelligent. As a countermeasure to this, research is being conducted on a method of detecting malicious packets using a security control system and AI technology, supervised learning. The cyber security control system is being operated inefficiently in terms of manpower and cost. In addition, in the era of the COVID-19 pandemic, remote work has increased, making it difficult to respond immediately. In addition, malicious code detection using the existing AI technology, supervised learning, does not detect variant malicious code, and has an inaccurate malicious code detection rate depending on the quantity and quality of data. Therefore, in this study, by converging malicious packet detection technologies through various machine learning and deep learning models, the accuracy of malicious packet detection is increased, the false positive rate and the false positive rate are reduced, and a new type of malicious packet can be efficiently detected when intrusion. We propose a malicious packet detection technology.

• Journal of the Korean GEO-environmental Society
• /
• v.15 no.7
• /
• pp.13-21
• /
• 2014

Recently, a great number of natural disasters have more frequently happened than the past. The National Emergency Management Agency of Korea has made preparation for the integrated management system of steep slope lands. There is information based on the steep slope inspection sheets and the underground spatial information related to the prevention against steep slope disasters. Nevertheless, building a complete DB System to prevent the hazards and secure the safeties should be urgently dealt with. It is mainly because the information of the National Disaster Management System is restricted to the text-based brief data. Therefore, the purpose of this study is to suggest the method as to building steep slope DB system for disaster prevention and maximizing the availabilities. This study shows the way of building a web-based DB system having its root in the steep slope inspection sheets. The method of establishing the ideal DB system that has liaisons between the Ministry of Land, Infrastructure and Transport and the National Emergency Management Agency is discussed in this study. Furthermore the optimization of DB utilization will assist the various integrated steep slope management systems based on U-IT which are ongoing projects.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.21 no.6
• /
• pp.625-633
• /
• 2020

this study, an expert AHP questionnaire analysis of public and private groups was conducted to take into consideration the requirements for realistic disaster services. Considered are public areas that manage disasters like fires and earthquakes that can be a major threat to national safety, as well as private areas that mainly develop disaster-related technologies. In the questionnaire, the public respondents valued accurate disaster situation information (ranked 4th and 6th) for citizens (1st), managers (3rd), and related organizations (2nd); the private sector highly valued the importance of three-dimensional (3D) control (ranked 1st, 3rd, and 5th) using future technologies. This study suggests the realization of a disaster-response service that meets the needs of public safety and technological innovation based on a 3D safety state information platform. We anticipate that this study will provide useful data for applying technology and for establishing detailed scenarios during the test bed and commercialization phases. We also expect that further studies will be conducted, such as the practical application and operation of realistic disaster response services, on the financial resources for the proliferation of local governments, and on policy support measures.