• Convergence Security Journal
• /
• v.3 no.2
• /
• pp.85-97
• /
• 2003

At the end of last January, 2003, a domestic top-level domain name server (DNS) shut down the server and it caused the wired and wireless internet services to be completely paralyzed in the aftermath of a virus attack incurring a various range of losses nationwide. The main reason of this event is the lack of our awareness of cyber security. In particular, in the small-scale network, there are few security administrators and no operating devices to protect information as well. Under this circumstance, using ESM center to service real-time security supervision and correspondence for network, it can be one option. However, due to the economic efficiency, most of security systems have been being developed focusing on the large-scale network first. Therefore, ESM centers which inspect security state of network concentrate on IDC or large-scale network services. This dissertation studies economical ESM service by designing exclusive SnSA for small-scale network for widespread use. Firstly, network invasion feeler function N_SnSA and host invasion feeler function H_SnSA are embodied to collect more informations in the small-scale network. Secondarily, the existing vulnerability is studied to find the solutions linked with a low cost to a Public center such as Kyonggi Univ ESM center.

• Korean Security Journal
• /
• no.49
• /
• pp.133-154
• /
• 2016

The Seoul subway system has one of the highest transport shares in the city of Seoul. A high number of passengers means that a high level of crimes of all kinds occur on the city's subway system. As such, Seoul Metro, created the Subway Protective Guards System in 2009, in an effort to enhance safety on the subway. But this innovative new system did not resolve problems. In fact, many citizens came to question the effectiveness of the new system, as it did not yield tangible results. This study seeks to deduce the problems and activation strategy of the Subway Protective Guards System. An in-depth study was conducted by interviewing subway protective guards who were squad leaders with five or more years of relevant work experience. Semi-structured interview analysis was utilized to evaluate their responses. Specifically, their responses were deduced to identify the strengths and weaknesses internal to the system and the opportunities and threats posed by the environment external to the system. This study presents measures to improve the system based on the aforementioned analysis. Measures for improvement focused on the following areas: the adoption of an education system in response to terror; recruitment and the possibility of becoming a permanent employee; obtaining partial judicial powers; improvement of work environment; and intensifying the promotion of the system.

• Convergence Security Journal
• /
• v.17 no.3
• /
• pp.41-49
• /
• 2017

According to a research by global IT market research institute IDC, CSIM(Converged Security Information Management) market of Korea was estimated to be 1.7 trillion KRW in 2010, and it has grown approximately 32% every year since. IDC forcasts this size to grow to 12.8 trillion KRW by 2018. Moreover, this case study exemplifies growing importance of CSIM market worldwide. Traditional CSIM solution consists of various security solutions(e.g. firewall, network intrusion detection system, etc.) and devices(e.g. CCTV, Access Control System, etc.). With this traditional solution, the the data collected from these is used to create events, which are then used by the on-site agents to determine and handle the situation. Recent development of IoT industry, however, has come with massive growth of IoT devices, and as these can be used for security command and control, it is expected that the overall amount of event created from these devices will increase as well. While massive amount of events could help determine and handle more situations, this also creates burden of having to process excessive amount of events. Therefore, in this paper, we discuss potential events that can happen in CSIM system and classify them into 3 groups, and present a model that can categorize and process these events effectively to increase overall efficieny of CSIM system.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.4
• /
• pp.582-590
• /
• 2022

As security threats caused by cyber attacks continue, security control is mainly operated in the form of a service business with expertise for rapid detection and response. Accordingly, a number of studies have been conducted on the operation of security control services. However, due to the research on the resulting management, indicators, and measurements, the work process has not been studied in detail, causing confusion in the field, making it difficult to respond to security accidents. This paper presents ISMS-P-based service management methods and proposes an easy outsourcing service management method for client by checklisting each item derived from the mapping of 64 items of ISMS-P protection requirements through business relevance analysis. In addition, it is expected to help implement periodic security compliance and acquire and renew ISMS-P in the mid- to long-term, and to contribute to enhancing security awareness of related personnel.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2009.10a
• /
• pp.798-800
• /
• 2009

본 논문은 급증하는 항공 교통량을 처리하기 위해 국제민간항공기구(ICAO)를 중심으로 연구되고 있는 차세대 항공관제를 위한 시스템 중 비행자료처리시스템에서 효율적인 비행계획 상태 관리를 위한 방법론을 제안하고 있다. 본 논문에서 제안하는 비행계획 상태 관리는 입력되는 새로운 전문 및 관제사의 입력과 시간 타이머에 의한 이벤트를 구분하는 처리 구조이며, 두 가지를 병렬 처리하는 방식을 이용해서 정확하고 빠른 비행계획 상태 관리를 제공한다. 이는 향후 많은 항공 교통량을 처리하기 위한 차세대 항공관제 시스템에 적용되는 것을 그 목적으로 한다.

• The Journal of the Korea Contents Association
• /
• v.21 no.1
• /
• pp.531-540
• /
• 2021

As cyber attacks and crimes increase exponentially and hacking attacks become more intelligent and advanced, hacking attack methods and routes are evolving unpredictably and in real time. In order to reinforce the enemy's responsiveness, this study aims to propose a method for developing an artificial intelligence-based security control platform by building a next-generation security system using artificial intelligence to respond by self-learning, monitoring abnormal signs and blocking attacks.The artificial intelligence-based security control platform should be developed as the basis for data collection, data analysis, next-generation security system operation, and security system management. Big data base and control system, data collection step through external threat information, data analysis step of pre-processing and formalizing the collected data to perform positive/false detection and abnormal behavior analysis through deep learning-based algorithm, and analyzed data Through the operation of a security system of prevention, control, response, analysis, and organic circulation structure, the next generation security system to increase the scope and speed of handling new threats and to reinforce the identification of normal and abnormal behaviors, and management of the security threat response system, Harmful IP management, detection policy management, security business legal system management. Through this, we are trying to find a way to comprehensively analyze vast amounts of data and to respond preemptively in a short time.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.13 no.1
• /
• pp.169-174
• /
• 2018

There are many CCTV cameras connected to the video surveillance and monitoring center for the safety of citizens, and it is difficult for a few monitoring agents to monitor many channels of videos. In this paper, we propose an intelligent video surveillance system utilizing a safety map to efficiently monitor many channels of CCTV camera videos. The safety map establishes the frequency of crime occurrence as a database, expresses the degree of crime risk and makes it possible for agents of the video surveillance center to pay attention when a woman enters the crime risk area. The proposed gender classification method is processed in the order of pedestrian detection, tracking and classification with deep training. The pedestrian detection and tracking uses Adaboost algorithm and probabilistic data association filter, respectively. In order to classify the gender of the pedestrian, relatively simple AlexNet is applied to determine gender. Experimental results show that the proposed gender classification method is more effective than the conventional algorithm. In addition, the results of implementation of intelligent video security system combined with safety map are introduced.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2015.05a
• /
• pp.710-711
• /
• 2015

최근 사이버 공격이사회, 국가적 위협으로 대두되고 있다. 최근 신종 악성코드에 의한 A.P.T 공격이 사회적으로 큰 혼란을 야기하고 있다. 이에 따라 기업 내에서 방화벽, IPS, VPN 등의 네트워크 보안 시스템의 통합 관리를 목적으로 하는 통합관제시스템(ESM)의 필요성이 제기되었다. 그러나 기존의 ESM의 방식은 외부에서 내부로 유입되는 트래픽만을 모니터링하는 네트워크 기반 공격 탐지기법을 사용하기 때문에, 외부 사이버 공격만을 차단할 수 있다는 한계점을 가지고 있다. 따라서 본 연구는 주요 IT 기반시설의 네트워크, 시스템, 응용 서비스 등으로부터 발생하는 데이터 및 보안 이벤트 간의 연관성을 분석하여 보안 지능을 향상시키는 빅데이터를 활용한 보안로그시스템을 제안한다. 본 연구에서 제안한 빅데이터를 활용한 보안로그시스템을 통해 분산 기반의 저장/처리 기술 적용하고자 한다.본 기술을 적용한 지능형 정보 분석 플랫폼 구성을 통해, 가용성과 확장성을 확보하여 통합적 보안 관제가 가능하도록 한다. 뿐만 아니라 기업 내로의 악성코드 유입, 감염(전파) 그리고 실시간 모니터링이 가능하여 고객 서비스 만족도가 향상되는 파급효과가 기대된다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.05c
• /
• pp.2089-2092
• /
• 2003

홈 네트워킹 기술을 이용하면 가정내의 각각의 기기를 연결하고, 인터넷에 동시에 접속할 수 있다. 뿐만 아니라 홈 네트워킹 기술로 연결된 가정 기기들은 상호운용이 가능하며 인터넷을 통해 외부에서도 가정내의 기기를 제어할 수 있다. 그러나 이러한 외부로부터의 제어 가능성으로 인하여 홈 네트워크에 대한 접근 및 제어에 대한 인증의 필요성이 대두되었을 뿐만 아니라 전자상거래의 증가 및 VPN을 이용한 자택근무의 증가로 인하여 홈 네트워크의 보안도 중요한 관리요소에 포함되었다. 본 논문에서는 흠 네트워크 보안 및 관리를 위한 홈 네트워크 관제 센터의 구조 및 설계에 대하여 기술한다. 기존의 흠 게이트웨이에 집중되었던 흠 네트워크 관리기능과 방화벽이나 사용자 인증 등의 보안 기능을 홈 네트워크 관제 센터로 이동함으로써 보안관리의 편리성 제공 및 홈 게이트웨이의 부하를 줄일 수 있을 뿐만 아니라 좀 더 완벽한 홈 네트워크 보안을 제공할 수 있다.

• Convergence Security Journal
• /
• v.15 no.5
• /
• pp.53-59
• /
• 2015

With radical development of information and communication Technology, Internet of Things(IoT) era - all the th ings around us are connected through internet so that it enables objects to exchange data with connected devices a nd is expected to offer new advanced services that goes beyond the value where each existing objects could have o ffered respectively - has come. Concerns regarding security threat are being raised in adopting IoT as the number of internet-connected appliances are rapidly increasing. So, we need to consider how to protect and control countles s objects. This paper covers the role and procedures of existing security control. Futhermore, it provides information about the direction of security control when it comes to IoT.