• Journal of Advanced Navigation Technology
• /
• v.21 no.6
• /
• pp.633-637
• /
• 2017

Cyber attacks on aircraft and aeronautical networks are not much different from cyber attacks commonly found in the ground industry. Air traffic management infrastructure is being transformed into a digital infrastructure to secure air traffic. A wide variety of communication environments, information and communications, navigation, surveillance and inflight entertainment systems are increasingly threatening the threat posed by cyber terrorism threats. The emergence of unmanned aircraft systems also poses an uncontrollable risk with cyber terrorism. We have analyzed cyber security standards and response strategies in developed countries by recognizing the vulnerability of cyber threats to aircraft systems and aviation infrastructure in next generation data network systems. We discussed comprehensive measures for cybersecurity policies to consider in the domestic aviation environment, and discussed the concept of security environment and quick response strategies.

• Convergence Security Journal
• /
• v.19 no.3
• /
• pp.71-79
• /
• 2019

The demand of smart cars is increasing rapidly. International stand organize such as 3GPP and 5GAA are proposing standard communication protocvols for connected-car, and automotive network infrastructure. But Smart car network have many security threats and more dangerous against the existed wire communication network. Typically, peripheral devices of a smart car may disguise their identity and steal location information and personal information about the vehicle. In addition, the infrastructure elements around smart cars can conspire and put driving cars in danger, threatening lives. This is a very serious security threat. Therefore, in order to solve these problems, we proposed a system that is secure from collusion and tampering attacks using attribute-based authorize delegation method and threshold encryption algorithms. We have demonstrated using a semantic safety model that the proposed system can be safe from collusion attack.

• Korean Journal of Construction Engineering and Management
• /
• v.15 no.4
• /
• pp.139-149
• /
• 2014

Lifeline service disruptions can have significant impacts on local community in the aftermath natural disaster. Although effective restoration strategies with accurate damage assessment are required, the internal complexity of lifeline networks and their interdependency makes the understanding restoration process of lifeline systems a difficult issue. Additionally, the limitations of previous research relating the influence assessment of lifeline to community disaster resilience, highlight the need for understanding of lifeline networks. Therefore, this paper presents an agent-based model to discover emergent behavior and evaluate the interdependency and resiliency in lifeline networks. This research will provide basic guideline of resource allocation in order to mitigate cascading failures of the post disaster restoration processes.

• The KIPS Transactions:PartC
• /
• v.10C no.6
• /
• pp.815-824
• /
• 2003

Many organizations operate security systems and manage them using the intergrated secutity management (ISM) dechnology to secyre their network environment effectively. But current ISM is passive and behaves post-event manner. To reduce cost and resource for managing security and to remove possbility of succeeding in attacks by intruder, the perventive security management technology is required. In this paper, we propose PRISM model that performs preventative security management with evaluating the security level of host or network and the sensitivity level of information asset from potential risks before security incidents occur. The PRISM can give concrete and effective security management in managing the current complex networks.

• Proceedings of the Korea Water Resources Association Conference
• /
• 2015.05a
• /
• pp.16-16
• /
• 2015

오늘날 전 세계적으로 가속화되는 기상이변에 따라 돌발성, 국지성 폭우 및 폭설의 빈도가 급격히 증가하는 추세이다. 이 같은 돌발기상 현상은 고층 건물과 인구의 과밀화로 인해 열섬효과가 자주 발생하는 도심지에서 특히 높은 발생률을 보이며, 그로 인한 막대한 인명 및 재산상의 피해가 발생하고 있는 실정이다. 하지만 이러한 돌발성 강수 현상들은 주로 저고도에서 생성 및 발달되며, 그 수명은 2~3시간에 불과하기 때문에 현재의 국내 기상관측 시스템으로는 예측 및 예보에 많은 어려움을 겪고 있다. 현재, 이러한 문제점을 해결하기 위해 국내 관련 기관들에서는 도심지를 중심으로 한 저층 기상 관측을 위한 소형 레이더 네트워크 구축을 계획하고 있다. 그와 함께, 본 논문에서는 향후 도입될 소형 레이더 네트워크의 활용성을 증대시키고, 기상재해의 피해를 줄이는 방법으로써, 구글 어스의 지도 서비스를 기반으로 한 기상 레이더 자료 활용 실시간 돌발성 기상재해 감시/추적 및 경보 시스템 플랫폼을 제안한다. 제안하는 플랫폼은 전 세계적으로 통용되는 GIS 엔진으로서, 높은 확장성이 장점인 구글어스 플랫폼을 바탕으로 하며, 레이더 자료 분석 도구, 위험도 판별 도구 및 자료 표출/경보 도구 등으로 크게 세 가지의 기술도구 집단으로 구성된다. 제안한 플렛폼 상에서 시뮬레이션을 통해 구글어스 기반에서 레이더 누적강수량의 실시간 처리와 3차원 GIS 기반에서의 직관적인 경보 메시지 표출을 구현하였으며, 향후 각 기술 도구들 상의 기법들을 연구 및 개선함으로써 국토관측센서 네트워크 및 기상 재해 예 경보 체계를 위해 활용되어질 수 있을 것으로 기대한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.5
• /
• pp.1079-1090
• /
• 2012

As the number of information asset and their vulnerabilities are increasing, it becomes more difficult for network security administrators to assess security vulnerability of their system and network. There are several researches for vulnerability analysis based on quantitative approach. However, most of them are based on experts' subjective evaluation or they require a lot of manual input for deriving quantitative assessment results. In this paper, we propose HRMS(Hacking and Response Measurement System) for enumerating attack path using automated vulnerability measurement automatically. HRMS can estimate exploitability of systems or applications based on their known vulnerability assessment metric, and enumerate attack path even though system, network and application's information are not fully given for vulnerability assessment. With this proposed method, system administrators can do proactive security vulnerability assessment.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.7 no.12
• /
• pp.955-963
• /
• 2017

Nowadays, fintech becomes the key technology of the mobile banking and payments. Financial market is moved to fintech-based non-face-to-face trade/payment from traditional face-to-face process in Korea. Core of this transition is the smartphones, which have several sensitive sensors for personal identifications such as fingerprint and iris recognition sensors. But it has some originated security risks by data path attacks, for instance, hacking and pharming. Multi-level certification and security systems are applied to avoid these threats effectively, while these protections can be cause of some inconvenience for non-face-to-face certifications and financing processes. In this paper, I confirmed that it have sensible differences correspond with the data connection paths such as WiFi networks and mobile communication networks of the smartphones, and I propose a gradual certification method which alleviates the inconvenience by risk-level definitions of the data-paths.

• Journal of Korea Multimedia Society
• /
• v.11 no.5
• /
• pp.661-672
• /
• 2008

Mobile Ad-hoc NETwork is a kind of self-controlled network composed only of mobile hosts. Since its range of use is gradually expanding into various sections applicable to practical lives, active researches are being conducted on it. However, as it depends on cooperation of nodes composing the entire network, due to weakness of wireless link and lack of its central infrastructure, so it is exposed to more serious risk than general network in security. Therefore, this paper proposes Cluster-Based Dynamic Authentication that enables only reliable nodes to participate in communication, by solving lack of centralized infrastructure, using hierarchical Mobile Ad hoc NETwork structure based on cluster, and by complementing security weakness through mutual authentication between hierarchical nodes. Simulation shows that the proposed scheme can complement security weakness of Mobile Ad hoc NETwork and that it is more adequate in reliability and expandability than the existing schemes.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.1
• /
• pp.21-29
• /
• 2024

With the development of ICT and network, security management of IT infrastructure that has grown in size is becoming very difficult. Many companies and public institutions are having difficulty managing system and network security. In addition, as the complexity of hardware and software grows, it is becoming almost impossible for a person to manage all security. Therefore, AI is essential for network security management. However, since it is very dangerous to operate an attack model in a real network environment, cybersecurity emulation research was conducted through reinforcement learning by implementing a real-life network environment. To this end, this study applied reinforcement learning to the network environment, and as the learning progressed, the agent accurately identified the vulnerability of the network. When a network vulnerability is detected through AI, automated customized response becomes possible.

• The KIPS Transactions:PartD
• /
• v.14D no.3 s.113
• /
• pp.303-310
• /
• 2007

Information system failure is various such as program test unpreparedness, physical facilities for damage prevention unpreparedness from simple software error. Although cross is trifling the result causes vast damage. Recently, became difficult by simple outside security system to solve this problem. Now, synthetic countermove establishment and suitable confrontation connected with danger came in necessary visual point about general Information Technology of enterprise. In connection with, in this paper, various informations and system and control about data that can happen information inside and outside considering integrity for IT resource, solubility, confidentiality within organization studied about special quality to model synthetic Risk Management System that can of course and cope in danger.