• The Journal of the Korea Contents Association
• /
• v.10 no.3
• /
• pp.101-112
• /
• 2010

The recent trend of the hacking deals with all the IT infrastructure related to the profit of the companies. Presently, they attack the service itself, the source of the profit, while they tried to access to the service infrastructure through the non-service port in the past. Although they affect the service directly, it is difficult to block them with the old security solution or the old system and they threaten more and more companies with the demand of money menacing the protection of customers and the sustainable management. This paper aims to design and implement multi-platform network packet scanner targeting the exception handling network intrusion detection system which determines normal, abnormal by traffic. Linux and unix have the various network intrusion detection and packet management tools like ngrep, snort, TCPdump, but most of them are based on CUI (Character based User Interface) giving users discomfort who are not used to it. The proposed system is implemented based on GUI(Graphical User Interface) to support the intuitive and easy-to-use interface to users, and using Qt(c++) language that supports multi-platform to run on any operating system.

• Information and Communications Magazine
• /
• v.21 no.11
• /
• pp.92-103
• /
• 2004

광대역 통합망은 유무선 통합, 통신과 방송 응합, 음성 및 데이터의 통합을 위해 필요한 네트워크를 서비스 계층, 제어 계층, 전달망 계층, 접속 계층, 유비쿼터스 접속 및 가입자 단말 계층으로 구분한다. BcN은 사용자가 원하는 품질과 보안의 정도에 따라 차별화된 광대역 멀티미디어 서비스 제공 및 관리가 가능한 네트워크이다. 본고는 현재 진행 중인 BcN 시범 사업에 대하여 기술한다. 우선, 통합 서비스를 제공하기 위한 기본 인프라인 광대역 통합망(BcN, Broadband convergence Network)의 개념, 서비스 특징 및 발전방향 등을 간략히 나타낸다. 그리고 정부의 IT839 전략의 중점 추진과제로 진행 중인 1단계 BcN 시범 사업의 내용과 시범 사업자로 선정된 3개 컨소시엄의 서비스 내용 등을 제시한다. 현재 BcN 시범 사업자로 UbiNet 컨소시엄, Octave 컨소시엄 및 광개토 컨소시엄이 선정된 상태이다. 각 컨소시엄에서는 BcN 환경에 적합한 다양한 서비스 모델 발굴 및 기술개발을 위해 BcN 시범 서비스를 진행할 예정이며, 제공 예정인 BcN 시범 서비스에는 음성 데이터 통합 서비스, 유무선 통합 서비스, 통방 융합 서비스 및 기타 응용 서비스 등이 있다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.461-463
• /
• 2021

With the recent increase in remote access due to network expansion, cloud infrastructure expansion, and telecommuting, the need to be vigilant not only from external access but also from internal access is increasing. Because of this, a new network security model called zero trust is attracting attention. In this paper, we will briefly introduce the concept of zero trust and examine strategies for applying zero trust according to various business environments.

• The Journal of Korean Association of Computer Education
• /
• v.20 no.6
• /
• pp.95-104
• /
• 2017

The damage caused by information spill, forgery, falsification, and deletion by cyber infringement in educational institutions and universities is very large. In this study, we analyzed the types, causes, and problems of cyber infringement in educational administrative institutions and universities. As a result, administrative, physical and technical information protection activities were weak. In this paper, we propose a security enhancement method for each domain by dividing them into Internet zone, network-neutral zone (DMZ: Demilitarized Zone), general server zone, internal server zone (Server Farm), and user zone so that these vulnerabilities can be easily identified, supplemented or security enhanced. In addition, we have proposed a method to apply security information system architecture and information protection technology correctly for educational administration institutions and universities. This study is meaningful not to provide conceptual guidance but to suggest specific action and procedure oriented security management plan.

• Convergence Security Journal
• /
• v.11 no.4
• /
• pp.43-49
• /
• 2011

Web-based health information provides a lot of conveniences, however the security vulnerabilities that appear in the network environment without the risk of exposure in the use of information are growing. Web-based medical information security issues when accessing only the technology advances, without attempting to seek a safe methodology are to increase the threat element. So it is required. to take advantage of web-based information security measures as a web-based access control security mechanism-based design. This paper is based on software architecture, design, ideas and health information systems were designed based on access control security mechanism. The methodologies are to derive a new design procedure, to design architecture and algorithms that make the mechanism functio n. To accomplish this goal, web-based access control for multiple patient information architecture infrastructures is needed. For this software framework to derive features that make the mechanism was derived based on the structure. The proposed system utilizes medical information, medical information when designing an application user retrieves data in real time, while ensuring integration of encrypted information under the access control algorithms, ensuring the safety management system design.

• Journal of Digital Convergence
• /
• v.15 no.8
• /
• pp.195-202
• /
• 2017

Unmanned Aerial Vehicles (UAV) have mostly been used for military purposes but with the progress in ICT and reduced manufacturing costs, they are increasingly used for various private services. UAVs are expected to carry out autonomous flying in the future. In order to carry out complex tasks, swarm flights are essential. Although the swarm flights has been researched a lot due to its different network and infrastructure from the existing UAV system, There are still not enough study on security threats and requirements for the secure swarm flights. In this paper, to solve these problems, UAV autonomous flight technology is defined based on US Army Corps of Engineers (USACE) and Air Force Research Laboratory (AFRL), and swarm flights and security threat about it are classified. And then we defined and compared security requirements according to security threats of each swarm flights so as to contribute to the development of secure UAC swarm flights in the future.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.8 no.6
• /
• pp.439-444
• /
• 2015

The Social infrastructure systems such as communication, transportation, power and water supply systems are now facing various types of threats including component failures, security attacks and natural disasters, etc. Whenever such undesirable events occur, it is crucial to recover the system as quickly as possible because the downtime of social infrastructure causes catastrophic consequences in the society. Especially when there is a network link-failure, we need an automatic link-recovery method. This means that customers are aware of network failures that can be recovered before you say that service. In this paper, we analysis the relation between Auto-recovery performance and cost.

• Convergence Security Journal
• /
• v.12 no.1
• /
• pp.35-42
• /
• 2012

Increase of data traffic and the advent of new real-time services require to change from the traditional TDM-based (Time Division Multiplexing) networks to the optical networks that soft and dynamic configuration. Voice and lease line services are main service area of the traditional TDM-based networks. This optical network became main infrastructure that offer many channel that can convey data, video, and voice. To provide high resilience against failures, Packet-optical networks must have an ability to maintain an acceptable level of service during network failures. Fast and resource optimized lightpath restoration strategies are urgent requirements for the near future Packet-optical networks with a Generalized Multi-Protocol Label Switching(GMPLS) control plane. The goal of this paper is to provide packet-optical network with a hierarchical multi-layer recovery in order to fast and coordinated restoration in packet-optical network/GMPLS, focusing on new implementation information. The proposed schemes do not need an extension of optical network signaling (routing) protocols for support.

• Convergence Security Journal
• /
• v.15 no.2
• /
• pp.63-68
• /
• 2015

Current ICT(Information & Communication Technology) infrastructures (Internet and server/client communication) are struggling for a wide variety of devices, services, and business and technology evolution. Cloud computing originated simply to request and execute the desired operation from the network of clouds. It means that an IT resource that provides a service using the Internet technology. It is getting the most attention in today's IT trends. In the distributed cloud environments, management costs for the network and computing resources are solved fundamentally through the integrated management system. It can increase the cost savings to solve the traffic explosion problem of core network via a distributed Micro DC. However, traditional flooding methods may cause a lot of traffic due to transfer to all the neighbor DCs. Restricted Path Flooding algorithms have been proposed for this purpose. In large networks, there is still the disadvantage that may occur traffic. In this paper, we developed Lightweight Path Flooding algorithm to improve existing flooding algorithm using hop count restriction.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.6
• /
• pp.336-342
• /
• 2017

Traffic can be localized by reducing the traffic load on the physical network by causing traffic to be generated at the end of the packet network. By localizing traffic, the IoT-based sensitive data-related security issues can be supported effectively. In addition, it can be applied effectively to the next-generation smart network environment without changing the existing network infrastructure. In this paper, a content priority scheme was applied to smart network-based IoT data. The IoT contents were localized to efficiently pinpoint the flow of traffic on the network to enable smart forwarding. In addition, research was conducted to determine the effective network traffic routes through content localization. Through this study, the network load was reduced. In addition, it is a network structure that can guarantee user quality. In addition, it proved that the IoT service can be accommodated effectively in a smart network-based environment.