• Journal of Digital Contents Society
• /
• v.19 no.6
• /
• pp.1185-1195
• /
• 2018

Industrial Control System (ICS) is a system that carry out monitoring and controls of industrial control process and is applied in infrastructure such as water, power, and gas. Recently, cyber attacks such as Brutal Kangaroo, Emotional Simian, and Stuxnet 3.0 have been continuously increasing in ICS, and these security risks cause damage of human life and massive financial losses. Attacks on the control layer among the attack methods for ICS can malfunction devices of the field device layer by manipulating control commands. Therefore, in this paper, we propose a mechanism that apply the SDN between the control layer and the field device layer in the industrial control system and to determine whether the control command is legitimate or not and we show simulation results on a simply composed control system.

• Journal of Digital Convergence
• /
• v.10 no.6
• /
• pp.1-6
• /
• 2012

In modern society, the amount of information has been significantly increased according to the development of IT convergence technology. That leads to develop information obtaining and searching technologies from lots of data. However, they don't seem to have been actually effective for users' health care and promotion not only for limitations of Web-based information and but for lack of personalization. Health information support services have been generally developed in a format of inputting data on bio-information acquired into the computer for the existing network-based transmission. In this paper, a life habits disease system that uses the existing medical data and Framingham risk factor(FRS) performs neural network is proposed. Based on the proposed system, it is possible to provide the fundamental data and guideline to doctors for recognizing the life habits disease diagnosis of patients and that represents increases in the welfare of patients.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.3
• /
• pp.81-88
• /
• 2020

The Renewable Portfolio Standard(RPS) which is in operated by country for many years is eco-friendly energy business. Although a variety of institute are accessing the RPS, it consists of a centralized system. Also, it shows opacity of data access in user's point of view. And each institutes is possessing their own data collected by themselves. Therefore decentralization and integrated control is demanded. Also, when institutes are attacked, the interruption of RPS can be existed. For resolving this issue, this study proposes the RPS using blockchain. Using the consortium method of blockchain, every institutes has possessing same data inserting REC data in block data, it is resolvable that transparency and security issue as transaction through verification of certain block. Furthermore, in case of one institute is paused by external attack, the role can be replaced by other institutes. This study tried the processing of putting data through ethereum network, therefore it presents the possibility of introducing the blockchain method in RPS.

• Journal of Digital Contents Society
• /
• v.18 no.6
• /
• pp.1009-1015
• /
• 2017

Recently, video surveillance is becoming more and more common as many camera are installed due to crime, terrorism, traffic and security. And systems that control cameras are becoming increasingly general. Video input from the installed camera is monitored by the multiscreen at the central control center, it is essential to simultaneously monitor multiscreen in real-time to quickly respond to situations or dangers. However, monitoring of multiscreen in a mobile environment such as a smart phone is not applied to hardware specifications or network bandwidth problems. For resolving these problems, in this paper, we propose a system that can monitor multiscreen in real-time in mobile-phone environment. We reconstruct the desired multiscreen through transcoding, it is possible to monitor continuously video streaming of multiple cameras, and to have the advantage of being mobile in mobile-phone environment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.4
• /
• pp.995-1012
• /
• 2016

In Internet of Things (IoT) environments, devices or sensors everywhere can automatically collect data without the individual awareness, further combine and share data using ubiquitous network, and thus the development of IoT raises new challenges in respect of personal data protection and privacy. This study aims to identify main issues related to data protection in the IoT and propose adequate measures. We analyzed the types of personal data controllers and processors in IoT and figured out the issues regarding the processing of personal data and the rights to privacy of data subject. Accordingly, we suggested the institutional ways (e.g., establishment of user-friendly notice and flexible consent system, re-identification risk monitoring system, data protection in cross-border transfer, and user education) to improve the situation of personal data protection in IoT and finally proposed the improvement tasks to carry out first based on the degree of urgency and importance.

• Journal of the Korea Convergence Society
• /
• v.7 no.4
• /
• pp.33-38
• /
• 2016

DDoS attack has been continuously utilized that caused the excessively large amount of traffic that network bandwidth or server was unable to deal with paralyzing the service. Most of the people regard NTP as the biggest cause of DDoS. However, according to recently executed DDoS attack, there have been many SSDP attack in the use of amplified technique. According to characteristics of SSDP, there is no connection for making a forgery of source IP address and amplified resources feasible. Therefore, it is frequently used for attack. Especially, as it is mostly used as a protocol for causing DDoS attack on IoT devices that constitute smart home including a wireless router, media server, webcam, smart TV, and network printer. Hereupon, it is anticipated for servers of attacks to gradually increase. This might cause a serious threat to major information of human lives, major government bodies, and company system as well as on IoT devices. This study is intended to identify DDoS attack techniques in the use of weakness of SSDP protocol occurring in IoT devices and attacking scenario and counter-measures on them.

• The Journal of the Korea Contents Association
• /
• v.9 no.12
• /
• pp.600-612
• /
• 2009

Special banks primarily using Internet have different properties in transactions with customers, risk management, capital strength, and branch networks with general banks. The success and failure factors of Internet banks have been explained only by the economies of scale, and learning and experience effects of Internet banks based on the perspective of organizational ecologies. In this study, the success factors of Internet banks are investigated based on strategic choice by organizations and resource-based view of the firms instead of organizational ecology perspective. To this end, 31 major Internet banks operating in overseas market have been classified by the size and profitability of banks, and three strategic groups have been derived. three representative company cases were analyzed. critical success factors of Internet banks were derived, and considerable points when operating Internet banks were discussed.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.8 no.12
• /
• pp.1875-1882
• /
• 2013

Micro-array technology contributes numerous achievements such as ordering of gene network and integration of genomic. This technology is well established as means for investigating patterns of gene expression. DNA micro-arrays utilize Affymetric chips where a large quantity of DNA sequences may be synthesized. There are two general type of conventional DNA array spotter: contact and piezoelectric. The contact technology used spotting pin technology to make contact with the glass slide surface. This may caused damage or scratches to the surface matrix where protein will be contaminated and may not bind specifically. Piezoelectric technology available at this present time on the other hand requires the analyzer to print the result that can only be done within the laboratory despite of mass production. Therefore, in this paper, high-throughput technology is developed for providing greater consistency in feature spot without touching the glass slide surface.

• Convergence Security Journal
• /
• v.6 no.1
• /
• pp.1-11
• /
• 2006

The exponential increase of malicious and criminal activities in cyber space is posing serious threat which could destabilize the foundation of modem information society. In particular, unexpected network paralysis or break-down created by the spread of malicious traffic could cause confusion and disorder in a nationwide scale, and unless effective countermeasures against such unexpected attacks are formulated in time, this could develop into a catastrophic condition. As a result, there has been vigorous effort and search to develop a functional state-level cyber-threat early-warning system however, the efforts have not yielded satisfying results or created plausible alternatives to date, due to the insufficiency of the existing system and technical difficulties. The existing cyber-threat forecasting and early-warning depend on the individual experience and ability of security manager whose decision is based on the limited security data collected from ESM (Enterprise Security Management) and TMS (Threat Management System). Consequently, this could result in a disastrous warning failure against a variety of unknown and unpredictable attacks. It is, therefore, the aim of this research to offer a conceptual design for "Knowledge-based Real-Time Cyber-Threat Early-Warning System" in order to counter increasinf threat of malicious and criminal activities in cyber suace, and promote further academic researches into developing a comprehensive real-time cyber-threat early-warning system to counter a variety of potential present and future cyber-attacks.

• Convergence Security Journal
• /
• v.11 no.4
• /
• pp.43-49
• /
• 2011

Web-based health information provides a lot of conveniences, however the security vulnerabilities that appear in the network environment without the risk of exposure in the use of information are growing. Web-based medical information security issues when accessing only the technology advances, without attempting to seek a safe methodology are to increase the threat element. So it is required. to take advantage of web-based information security measures as a web-based access control security mechanism-based design. This paper is based on software architecture, design, ideas and health information systems were designed based on access control security mechanism. The methodologies are to derive a new design procedure, to design architecture and algorithms that make the mechanism functio n. To accomplish this goal, web-based access control for multiple patient information architecture infrastructures is needed. For this software framework to derive features that make the mechanism was derived based on the structure. The proposed system utilizes medical information, medical information when designing an application user retrieves data in real time, while ensuring integration of encrypted information under the access control algorithms, ensuring the safety management system design.