• Journal of Advanced Navigation Technology
• /
• v.16 no.1
• /
• pp.41-53
• /
• 2012

The technologies used by the malicious codes have been being advanced and complicated through a merge of the existing techniques, while the damages by the malicious codes are moving from individuals and industries to organizations and countries. In this situation, the security experts are corresponding with the static analysis and the dynamic analysis such as signature searching and reverse engineering, respectively. However, they have had a hard time to respond against the obfuscated intelligent new zero day malicious codes. Therefore, it is required to prepare a process for a preliminary investigation and consequent detailed investigation on the infection sequence and the hiding mechanism to neutralize the malicious code. In this paper, we studied the formalization of the process against the infection sequence and the file hiding techniques with an empirical application to the Rustock malicious code that is most notorious as a spammer. Using the result, it is expected to promptly respond to newly released malicious codes.

• Journal of KIISE:Software and Applications
• /
• v.41 no.8
• /
• pp.569-579
• /
• 2014

In a tactical-edge environment, where multiple weapon resources are coordinated together via services, it is essential to make an efficient binding between an abstract service and a resource that are needed to execute composite services for accomplishing a given mission. However, the tactical network that is used in military operation has low bandwidth and a high rate of packet loss. Therefore, communication overhead between services must be minimized to execute composite services in a stable manner in the tactical network. In addition, a tactical-edge environment changes dynamically, and it affects the connectivity and bandwidth of the tactical network. To deal with these characteristics of the tactical network we propose two service-resource reallocation methods which minimize the communication overhead between service gateways and effectively manage neutralization of gateways during distributed service coordination. We compared the effectiveness of these two - methods in terms of total communication overhead between service gateways and resource-allocation similarity between the initial resource allocation and the reallocation result.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.2 s.46
• /
• pp.171-180
• /
• 2007

The financial crime that used morale anger Phishing, Pharming, Vishing, SMiSing etc. will gain during recent cyber crimes. We are study systematically whether or not leakage of information and infringement can how easily occur to Phishing, Vishing, SMiSing using a social engineering technique and VoIP at these papers through experiment. A hacker makes Phishing, Vishing site, and test an information infringement process of a user through PiSing mail and a virus, a nasty code, Vishing, a SMiSing character, disarmament of Keylogger prevention S/W etc. as establish server. Information by Phishing, Vishing, SMiSing is infringed with leakage in the experiment results, and confirm, and test certified certificate and White List and a certified authentication mark, plug-in program installation etc. to prevention, and security becomes, and demonstrate. Technical experiment and prevention regarding Phishing of this paper and Vishing attack reduce the damage of information infringement, and be education for Ubiquitous information security will contribute in technical development.

• Journal of Convergence Society for SMB
• /
• v.5 no.2
• /
• pp.1-6
• /
• 2015

Small and medium-sized companies lack countermeasures to secure the safety of a information system. In this circumstance, they have difficulties regarding the damage to their images and legal losses, when the information is leaked. This paper examines the information leakage of the system and hacking methods including APT attacks. Especially, APT attack, Advanced Persistent Threats, means that a hacker sneaks into a target and has a latency period of time and skims all the information related to the target, and acts in the backstage and neutralize the security services without leaving traces. Because he attacks the target covering up his traces not to reveal them, the victim remains unnoticed, which increases the damage. This study examines attack methods and the process of them and seeks a countermeasure.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.3
• /
• pp.35-41
• /
• 2015

In order to solve the problems that fingerprinting technologies and image identification technologies for digital music and videos identification scanned have not yet been enough to identify scanned cartoon books, the copyright project granted from the Korea Copyright Commission(Project title: Identification and Copy Protection Technology of Scanned Text/Comic Books) secured basic solutions for scanned cartoon books. The first result of the research project in 2013 was focused on the identification technology applied to abnormally scanned cartoon books. As subsequent research for the project, studies in the year of 2014 has been to provide solutions to identify cartoon books which abnormally scanned and occurred with transformations and distortions and solutions to protect the system from trials to devitalize functions of the identification system through various attacks. This paper is to propose a model for a system for identifying abnormally scanned cartoon books as a way of enhancing the identification rates for identifying abnormal bookscans and transformation attacks.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.9 no.6
• /
• pp.689-694
• /
• 2014

DDoS attacks on MANET makes disable any node which support network function, cause critical results as a stopping of entire network service or separation to some parts. Packet aggregation, which gather some pieces of short length into a certain length of data, improves transmission performances on MANETs. In this paper, some effects on transmission performance of packet aggregation transmission be caused by DDoS Attacks are measured and analyzed in point of end-to-end level. MANET simulator, based on NS-2, is used for measurement end-to-end performances. MOS, connection rate, delay and packet loss rate is used as performance parameters. VoIP traffic is used for object service measurement. Finally, it is suggested that number of packet aggregation is more then 4 for keeping the transmission quality over MANETs under DDoS attacks.

• Review of KIISC
• /
• v.18 no.5
• /
• pp.1-20
• /
• 2008

편리한 금융거래 수단으로써 인터넷뱅킹을 포함한 전자금융 서비스가 생활화 되었으며 그 중요성 또한 갈수록 증가하고 있다. 이에 대한 부작용으로서 사용자의 실수나 금융기관, 쇼핑몰, 포털 등의 해킹을 통한 전자금융 접근매체의 유출, 비정상적인 지불결제나 인터넷뱅킹 이체 사고 등 침해사고 또한 함께 증가하고 있다. 금융권은 금융감독원을 중심으로 전자금융 종합보안 대책 수립(2005년) 및 전자금융거래법 시행(2007년) 등을 통해 고객 PC의 해킹방지를 위한 다양한 보안프로그램 제공 의무화, 보안등급에 따른 이체한도 차등화, 금융권 통합 OTP 인증체계 구축 등 전자금융 침해사고 예방을 위한 적극적인 노력을 기울여오고 있으나, 최근 들어 피싱/파밍 등 신종 사이버사기 기법이나 해외의 전문 해커에 의해 개발된 고도의 지능화된 해킹툴이 사용되어 보안프로그램을 무력화시킨 후 고객정보를 유출해가거나 일반 포털사이트, 웹하드, 웹메일 등의 해킹을 통해 인터넷 사이트에 등록된 고객의 인터넷뱅킹 접근 매체를 유출하여 인터넷뱅킹 침해 사고를 일으키는 등의 신종 침해사고를 완벽히 차단하지는 못하고 있어, 더욱 강력한 전자금융 침해사고 예방 통제 방안의 수립과 함께 침해사고 발생 시 원인 파악 및 범인 검거를 위한 역추적 시스템의 구축 등 기존 보안체계를 대폭 강화할 필요성이 발생하고 있다. 본 연구에서는 시중 은행의 인터넷뱅킹 침해사고 발생 현황 조사를 중심으로 최근 발생한 전자금융 침해사고의 추이분석, 침해사고 주요 원인과 기존 대응 체계의 현황, 한계점 등을 파악하였다. 그리고 전자금융 침해사고의 효과적인 예방 및 대응 강화 방안으로서 사용자 관점에서 공인인증서를 중심으로 한 전자금융 접근매체의 관리 강화 방안을 제안하였으며, 전자금융 서비스를 제공하는 금융 기관 관점에서 효과적인 전자금융거래 로깅 및 역추적 시스템의 구축 및 전체 금융기관과 감독기관 간의 유기적인 공조를 기반으로 한 침해사고 공동 대응체계의 구축 및 운영을 위한 시스템의 구성 방법, 운영 프로세스, 관련 법률의 검토 및 대응 방법 등을 제안하였다.

• Convergence Security Journal
• /
• v.20 no.1
• /
• pp.15-24
• /
• 2020

Cyber terror and cyberwarfare are no longer virtual, but real, and as an actual security situation, it is necessary to have new understanding through expanding the concept of war to neutralize not only the other country's military command system, but also the country's main functions such as telecommunications, energy, finance, and transport systems, and it also needs to establish the future development strategy of cyber terror response at the national level. Through analysis of cyberwarfare trends in each country and current status of cyberwarfare in Korea, it will systematically explore the demand of new policy based on laws and systems, including the strategies of cyber security technology development, industry promotion, and manpower training and existing information protection policies. through this, it effectively manages a sustainable national crisis, and it suggests to establish a future strategy for the medium and long term cyber security that can effectively and actively respond to cyberwarfare.

• Convergence Security Journal
• /
• v.17 no.2
• /
• pp.159-164
• /
• 2017

The international community recognizes North Korea's nuclear and missile provocation as a real threat. This is due to the analysis and evaluation that has developed nuclear electro magnetic pulse of domestic and overseas North Korea experts, intelligence agencies related to electro magnetic pulse. Electro magnetic pulse experts are concerned about North Korea's nuclear electro magnetic pulse in the following aspects. First, industrial, military, medical, and living facilities in modern society are constructed with electrical and electronic systems. So, All electrical and electronic appliances will become neutralization if North Korea's nuclear electro magnetic pulse was set off over the world(i.e. Korean Peninsula, United States etc). Second, North Korea will judge that possibility of criticism by the international community is low from the point of view of an attacker. Because nuclear electro magnetic pulse aim to destroy only the electronic equipment of the opposite nation and cause damage rather than taking life. Finally, nuclear electro magnetic pulse is more threatening than weapons like mass destruction because it does not need to hit targets accurately and can strike a wide area with nuclear weapon of the low technology levels. In this respect, we will analyze and evaluate nuclear and missile development and make a prospects about nuclear electro magnetic pulse developed by North Korea.

• The Journal of Korean Institute of Electromagnetic Engineering and Science
• /
• v.28 no.8
• /
• pp.619-627
• /
• 2017

MIMO(Multi-Input Multi-Output) radar is an emerging radar technology for its numerous advantages. However, in the electric warfare viewpoint, MIMO radar is a new developed radar technology for that existing parameter estimation cannot applied and a new radar parameter estimation based on the characteristics of MIMO radar is desired. In this paper, we propose a blind estimation scheme for the number of orthogonal waveforms of a uniform linear array(ULA) MIMO radar using minimum two electronic sensors.