• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.10
• /
• pp.1392-1397
• /
• 2018

Nuclear power plants(NPPs) are protected as core facilities managed by major countries. Applying general IT technology to facilities of NPPs, the proportion of utilizing the digitized resources for the rest of the assets except for the existing installed analog type operating resources is increasing. Using the network to control the IT assets of NPPs can provide significant benefits, but the potential vulnerability of existing IT resources can lead to significant cyber security breaches that threaten the entire NPPs. In this paper, we analyze the nuclear cyber security vulnerability regulatory requirements, characteristics of existing vulnerability scanners and their requirements and investigate commercial and free vulnerability scanners. Based on the proposed application method, we can improve the efficiency of checking the network security vulnerability of NPPs when applying vulnerability scanner to NPPs.

• Proceedings of the Korea Society for Simulation Conference
• /
• 2002.11a
• /
• pp.17-21
• /
• 2002

네트워크 보안의 중요성과 필요성이 증대됨에 따라 많은 조직들이 다양한 보안 시 스템을 네트워크에 적용하고 있다. 침입 차단 시스템, 침입 탐지 시스템, 취약점 스캐너와 같은 보안 시스템들이 취약성 정보를 공유하게 되면 일관된 통합 보안 환경을 구축할 수 있다. 본 연구진은 통합 보안 시뮬레이션 환경의 구축을 위해 여러 보안 시스템 모델들이 사용할 수 있는 취약성 정보들을 집약시킴으로써 보안 시스템간의 정보 공유를 쉽게 할 수 있는 SVDB (Simulation based Vulnerability Data Base)를 구축하였다. 네트워크의 한 구성요소인 SVDB는 보안 시스템 모델의 구성에 필요한 다양한 정보를 담고 있어 한 호스트나 네트워크가 갖는 취약성을 조기에 발견할 수 있다. 또한 SVDB는 침입 탐지 시스템과 같은 보안 시스템이 존재하는 네트워크를 시뮬레이션 하는데 필요한 보안 정보를 제공한다. 보안시스템을 위한 시뮬레이션 모델은 DEVS (Discrete EVent system Specification) 방법론을 사용하여 구성하였다. 또한 이렇게 구축된 시뮬레이션 모델들이 SVDB와 연동하기 위한 인터페이스 모듈을 구현하였다. 취약성 스캐너, 침입 탐지 시스템, 침임 차단 시스템이 정보를 공유함으로써 공격에 효과적인 대응하는 것을 시뮬레이션을 통해 보인다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2016.10a
• /
• pp.202-205
• /
• 2016

취약점 스캐너(Vulnerability Scanner)는 이름 그대로 기업의 네트워크나 시스템(컴퓨터, 서버, 라우터 등)을 스캔하고 오픈 포트, 활성화된 IP주소와 로그온, 운영체제, 설치되어 실행되는 소프트웨어와 서비스 등을 식별하고 보고하는 도구이다. 가용성과 데이터의 신뢰성이 우선적으로 중요시되고 있는 제어시스템 환경에서는 이러한 취약점 스캐너 도구의 사용은 운영에 영향을 미칠 수 있다. 본 저자는 기존에 상용화된 스캐너 제품의 취약점 식별 방법을 분석하고 현재까지 발표된 제어시스템 풀랫폼의 공개 취약점 정보를 이용하여 폐쇄적인 제어시스템 운영환경에 적합한 새로운 제어시스템 플랫폼 취약점 스캐너를 제안한다.

• Proceedings of the KIEE Conference
• /
• 2007.10a
• /
• pp.337-338
• /
• 2007

센서네트워크를 이용한 광대역 환경에서의 시스템 모니터링 기술에 대한 연구가 많이 이뤄지고 있으며, 능동형 센서네트워크를 구성하기 위한 무인 차량에 관한 연구 또한 진행되고 있다. 본 논문에서는 능동형 센서네트워크를 구성하기 위해 레이저 스캐너가 장치된 무인 ATV를 이용하여 ATV 스스로 장애물을 판별함과 동시에 새로운 경로를 생성하여 회피하는 알고리즘을 제안하고자 한다.

• The Journal of the Korea Contents Association
• /
• v.10 no.3
• /
• pp.101-112
• /
• 2010

The recent trend of the hacking deals with all the IT infrastructure related to the profit of the companies. Presently, they attack the service itself, the source of the profit, while they tried to access to the service infrastructure through the non-service port in the past. Although they affect the service directly, it is difficult to block them with the old security solution or the old system and they threaten more and more companies with the demand of money menacing the protection of customers and the sustainable management. This paper aims to design and implement multi-platform network packet scanner targeting the exception handling network intrusion detection system which determines normal, abnormal by traffic. Linux and unix have the various network intrusion detection and packet management tools like ngrep, snort, TCPdump, but most of them are based on CUI (Character based User Interface) giving users discomfort who are not used to it. The proposed system is implemented based on GUI(Graphical User Interface) to support the intuitive and easy-to-use interface to users, and using Qt(c++) language that supports multi-platform to run on any operating system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.6
• /
• pp.1317-1330
• /
• 2017

To collect server information and construct network map enable us to prevent security breach, prepare for national cyber warfare and make effective policies. In this paper, we analyze well-known network scanners, Nmap and ZMap, and construct network map using banner grabbing. We use multiple threads in order to increase scanning speed and arrange IP lists by specific order to reduce the load on information gathering targets. Also, we applied performance tests to compare the real-time banner grabbing tool with the existing network scanners. As a result, we gathered server information from domestic and overseas servers and derived a risk index based on the collected database. Although there are slight differences among countries, we can identify the risky situation that many users in every country are exposed to several security breaches.

• Journal of Navigation and Port Research
• /
• v.46 no.6
• /
• pp.509-516
• /
• 2022

Recently, ships have begun using the Asterix CAT 240 format as a method for transmitting radar image data to other devices. However, the Asterix format has a flexible structure that can be defined by the user, and a format structure defined as unsuitable for ship radar operation may undesirably increase navigational equipment network traffic or reduce stability. Therefore, to reduce the traffic of the navigation network and enhance the stability, a method of defining the optimized Asterix CAT 240 format with an appropriate setting value according to the performance of the radar scanner and display device was studied.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.10a
• /
• pp.407-410
• /
• 2012

Recently, wireless network services are widely used, depending on the development of wireless network module technologies and the utilization gradually expanded, and thus is a trend that appears a lot of IT convergence industries. For this study, the OBD-II communication to Import your vehicle information, and other external devices in high-speed driving condition of the vehicle to verify the information system was developed to transfer data to an external server. From various sensors inside the vehicle using the OBD-II connector easily convert all users to read the information, then, Sent to the external server using the wireless network module, high-speed vehicle status check system was implemented. It was to test the performance of the system was developed using the actual circuit in a high-speed road racing vehicles. Transfer data generated from high-speed driving vehicles through the OBD-II scanner and check the status of a high-speed vehicle system was confirmed that this data is normally received. In the future, these new cars convergence of IT technology will grow as a new field of research.

• Convergence Security Journal
• /
• v.19 no.3
• /
• pp.51-59
• /
• 2019

In this paper, we propose a device identification system for network visibility that can maintain the secure internal network environment in the IoT era. Recently, the area of enterprise network is getting huge and more complicated. Not only desktops and smartphones but also business pads, barcode scanners, APs, Video Surveillance, digital doors, security devices, and lots of Internet of Things (IoT) devices are rapidly pouring into the business network, and there are highly risk of security threats. Therefore, in this paper, we propose the device identification system that includes the process and module-specific functions to identify the exploding device in the IoT era. The proposed system provides in-depth visibility of the devices and their own vulnerabilities to the IT manager in company. These information help to mitigate the risk of the potential cyber security threats in the internal network and offer the unified security management against the business risks.

• Journal of the Korea Computer Industry Society
• /
• v.5 no.2
• /
• pp.251-260
• /
• 2004

As the importance and the need for network security is increased, many organization uses the various security systems. They enable to construct the consistent integrated security environment by sharing the vulnerable information among firewall, intrusion detection system, and vulnerable scanner. We construct the integrated security simulation environment that can be used by some security system model. In this paper, we have designed and constructed the general simulation environment of network security model composed of multiple IDSs agent and a firewall agent which coordinate by CNP (Contract Net Protocol). The CNP, the methodology for efficient integration of computer systems on heterogeneous environment such as distributed systems, is essentially a collection of agents, which cooperate to resolve a problem. We compare the selection algorithm in the CPN with the Fuzzy Controller for the effective method to select the agents.