• The KIPS Transactions:PartC
• /
• v.9C no.6
• /
• pp.831-840
• /
• 2002

Due to the advance of computer and communication technology, intrusions or crimes using a computer have been increased rapidly while tremendous information has been provided to users conveniently Specially, for the security of a database which stores important information such as the private information of a customer or the secret information of a company, several basic suity methods of a database management system itself or conventional misuse detection methods have been used. However, a problem caused by abusing the authority of an internal user such as the drain of secret information is more serious than the breakdown of a system by an external intruder. Therefore, in order to maintain the sorority of a database effectively, an anomaly defection technique is necessary. This paper proposes a method that generates the normal behavior profile of a user from the database log of the user based on an association mining method. For this purpose, the Information of a database log is structured by a semantically organized pattern tree. Consequently, an online transaction of a user is compared with the profile of the user, so that any anomaly can be effectively detected.

• Journal of KIISE:Computing Practices and Letters
• /
• v.10 no.2
• /
• pp.146-155
• /
• 2004

Currently most of commercial operating systems contain a high-level audit feature to increase their own security level. Linux does not fall behind the other commercial operating systems in performance and stability, but Linux does not have a good audit feature. Linux is required to support a higher security feature than C2 level of the TCSEC in order to be used as a server operating system, which requires the kernel-level audit feature that provides the system call auditing feature and audit event. In this paper, we present LxBSM, which is a kernel module to provide the kernel-level audit features. The audit record format of LxBSM is compatible with that of Sunshield BSM. The LxBSM is implemented as a loadable kernel module, so it has the enhanced usability. It provides the rich audit records including the user-level audit events such as login/logout. It supports both the pipe and file interface for increasing the connectivity between LxBSM and intrusion detection systems (IDS). The performance of LxBSM is compared and evaluated with that of Linux kernel without the audit features. The response time was increased when the system calls were called to create the audit data, such as fork, execve, open, and close. However any other performance degradation was not observed.

• The Journal of the Convergence on Culture Technology
• /
• v.7 no.1
• /
• pp.397-405
• /
• 2021

With the recent phenomenon of the Intelligence Information Society, the cyber security paradigm has begun to change. In particular, the increase of the interconnectedness of the hyperlinked society has extended the scope of damage that can be caused by cyber threats to the real world. In addition to that, it can also be a risk to any given individual who could accompany a crisis that has to do with public safety or national security. Adolescents who are digital natives are more likely to be exposed to cyber threats, which is mainly due to the fact that they are significantly more involved in cyber activities and they also possess insufficient security comprehension and safety awareness. Therefore, it is necessary to strengthen cyber security capabilities of every young individual, so that they can effectively protect themselves against cyber threats and better manage their cyber activities. It examines the changes of the security paradigm and the necessity for cyber security education, which is in direct accordance to the characteristics of a connected society that further suggests directions and a basic system of cyber security education, through a detailed analysis of the current state of Domestic and Overseas Cyber Security Education. The purpose of this study was to define cybersecurity competencies that are necessary within an intelligent information society, and to propose a regular curriculum for strengthening cybersecurity competencies, through the comparison and meticulous analysis of both domestic and overseas educational systems that are pertinent to cybersecurity competencies. Accordingly, a cybersecurity competency system was constructed, by reflecting C3-Matrix, which is a cyber competency system model of digital citizens. The cybersecurity competency system consists of cyber ethics awareness, cyber ethics behavior, cyber security and cyber safety. In addition to this, based on the basic framework of the cybersecurity competency system, the relevant education that is currently being implemented in the United States, Australia, Japan and Korea were all compared and analyzed. From the insight gained through the analysis, the domestic curriculum was finally presented. The main objective of this new unified understanding, was to create a comprehensive and effective cyber security competency curriculum.

• Journal of IKEEE
• /
• v.22 no.4
• /
• pp.886-895
• /
• 2018

This paper describes a hardware design of the Secure Hash Algorithm-3 (SHA-3) hash functions that are the latest version of the SHA family of standards released by NIST, and an implementation of ARM Cortex-M0 interface for security SoC applications. To achieve an optimized design, the tradeoff between hardware complexity and performance was analyzed for five hardware architectures, and the datapath of round block was determined to be 1600-bit on the basis of the analysis results. In addition, the padder with a 64-bit interface to round block was implemented in hardware. A SoC prototype that integrates the SHA-3 hash processor, Cortex-M0 and AHB interface was implemented in Cyclone-V FPGA device, and the hardware/software co-verification was carried out. The SHA-3 hash processor uses 1,672 slices of Virtex-5 FPGA and has an estimated maximum clock frequency of 289 Mhz, achieving a throughput of 5.04 Gbps.

• Convergence Security Journal
• /
• v.7 no.3
• /
• pp.79-86
• /
• 2007

B2B e-business is an economic transaction formed between companies through various networks including internet. At present, e-business between companies partly applies information distribution between companies, but many enterprises expect that a corporate basic system will be gradually changed into XML basis if web service is earnestly materialized, so they are competing with each other in developing XML DBMS. Existing XML DBMS studies used XML DTD in order to represent the structure of XML document. Such XML DTD defines the expression of a simple type, so there are many difficulties in defining the structure of XML document. To cope with this, in this paper, the author will develop database schema generator utilizing relational database generally used in storing contents of data, on the basis of XML schema selected as a standard of W3C. Also, to store XML data, the author proposed the automatic conversion method of relational database schema that used XML schema.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.9 no.4
• /
• pp.798-803
• /
• 2005

This paper describes a design of AES(Advanced Encryption Standard)-based CCMP core for IEEE 802.1li wireless LAN security. To maximize its performance, two AES cores ate used, one is for counter mode for data confidentiality and the other is for CBC(Cipher Block Chaining) mode for authentication and data integrity. The S-box that requires the largest hardware in AES core is implemented using composite field arithmetic, and the gate count is reduced by about $20\%$ compared with conventional LUT(Lookup Table)-based design. The CCMP core designed in Verilog-HDL has 13,360 gates, and the estimated throughput is about 168 Mbps at 54-MHz clock frequency. The functionality of the CCMP core is verified by Excalibur SoC implementation.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.6A
• /
• pp.640-647
• /
• 2006

This paper describes a design of AES-based CCMP(Counter mode with CBC-MAC Protocol) core for IEEE 802.11i wireless LAN security. To maximize the performance of CCMP core, two AES cores are used, one is the counter mode for data confidentiality and the other is the CBC node for authentication and data integrity. The S-box that requires the largest hardware in ARS core is implemented using composite field arithmetic, and the gate count is reduced by about 27% compared with conventional LUT(Lookup Table)-based design. The CCMP core was verified using Excalibur SoC kit, and a MPW chip is fabricated using a 0.35-um CMOS standard cell technology. The test results show that all the function of the fabricated chip works correctly. The CCMP processor has 17,000 gates, and the estimated throughput is about 353-Mbps at 116-MHz@3.3V, satisfying 54-Mbps data rate of the IEEE 802.11a and 802.11g specifications.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.1
• /
• pp.367-370
• /
• 2005

This paper describes a design of AES(Advanced Encryption Standard)-based CCMP core for IEEE 802.11i wireless LAN security. To maximize its performance, two AES cores are used, one is for counter mode for data confidentiality and the other is for CBC(Cipher Block Chaining)mode for authentication and data integrity. The S-box that requires the largest hardware in AES core is implemented using composite field arithmetic, and the gate count is reduced by about 25% compared with conventional LUT(Lookup Table)-based design. The CCMP core designed in Verilog-HDL has 15,450 gates, and the estimated throughput is about 128 Mbps at 50-MHz clock frequency). The functionality of the CCMP core is verified by Excalibur SoC implementation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1143-1156
• /
• 2013

Power control system like SCADA(Supervisory Control And Data Acquisition) is gathering information using RS232C and low-speed analog communication network. In general, these methods are known as secure because of the secure characteristics from the analog based communication network and serial communication. In this study, first we build DNP communication environment using commercial power control simulator and find some vulnerabilities by testing from the viewpoint of confidentiality, integrity and availability. Consequently, we see the necessity of a valid method for authentication and data encryption when gathering information, even though that is known as secure so far. Discussion of needs of DNP authentication and data encryption is started about several years ago, but there is still nowhere applied that on real environment because the current methods can not fully meet the security requirements of the real environment. This paper suggests a solution to the vulnerabilities, and propose some considerations for enhancing power control system's security level by applying DNP authentication and data encryption.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.14 no.6
• /
• pp.133-140
• /
• 2015

C-ITS is a system that uses bidirectional communication between two vehicles or infrastructures to control traffic more conveniently, and safely. If C-ITS security is not properly prepared, it can cause traffic congestions and fatal traffic accidents, and therefore can affect greatly on the driver's life. This paper proposes the prevention and response mechanisms based on the cyber attack scenarios that can be used to attack C-ITS.