• Journal of Internet of Things and Convergence
• /
• v.7 no.3
• /
• pp.1-8
• /
• 2021

With the rapid increase in the use of IoT and mobile devices, cyber criminals targeting IoT devices are also on the rise. Among IoT devices, when using a wireless access point (AP), problems such as packets being exposed to the outside due to their own security vulnerabilities or easily infected with malicious codes such as bots, causing DDoS attack traffic, are being discovered. Therefore, in this study, in order to actively respond to cyber attacks targeting IoT devices that are rapidly increasing in recent years, we proposed a method to collect traces of intrusion incidents artifacts from IoT devices, and to improve the validity of intrusion analysis data. Specifically, we presented a method to acquire and analyze digital forensics artifacts in the compromised system after identifying the causes of vulnerabilities by reproducing the behavior of the sample IoT malware. Accordingly, it is expected that it will be possible to establish a system that can efficiently detect intrusion incidents on targeting large-scale IoT devices.

• Journal of Information Technology and Architecture
• /
• v.10 no.4
• /
• pp.451-466
• /
• 2013

기업들은 정보기술 리스크(IT Risk)에 대하여 어떻게 대처하고 있을까? 금융기관이나 공공기관은 태생적으로 이미 위험관리를 적극적으로 수행하고 있다. 정보기술에 대한 위험관리도 지난 10년동안 전산망 마비, 해킹 사고, 디도스 공격, 고객정보 유출 등을 겪으면서 적극적으로 대응해 왔다. 특히 2011년 농협사태는 IT 성과보다는 IT 보안을 훨씬 중요하게 보는 계기가 되었다. IT 보안 인력과 예산이 대폭 강화되고 망분리 사업이 추진되는 것이 대표적인 사례이다. 하지만 그동안 IT 위험관리는 특정 기술에 대한 사전 대응 및 사후 대응 강화에 집중되었다. 현재 IT 위험관리는 단편적 관리에서 종합적 관리로 전환되고 있다. 최근에 많은 기업들이 전사 차원의 정보기술 리스크 거버넌스(IT Risk Governance) 체계를 구축하고 있거나 구축하는 계획을 갖고 있다. 하지만 아직도 IT보안은 전사적으로 통합되지 못하였으며, IT 위험관리 프로세스는 조직에 내재화 되지 못 하였고, IT 성과관리와 연계성은 고려하지 못하고 있다. 본 논문에서는 IT 관리와 기술을 효과적으로 연계하기 위하여, 그리고 IT 성과와 IT 위험을 균형되게 관리하기 위하여 엔터프라이즈아키텍처(EA: Enterprise Architecture) 활용을 제안하고자 한다.

• Review of KIISC
• /
• v.25 no.4
• /
• pp.6-10
• /
• 2015

기업에 의해 수집되어 관리되고 있는 개인정보가 유출되는 사고가 빈번하게 발생하고 있어서 기업의 개인정보보호 대응능력을 강화하기 위한 관리체계의 도입이 요구되고 있다[1,2]. 국제표준화위원회/전기위원회 합동위원회 1의 정보보호 기술연구반 아이덴터티 관리 및 프라이버시 작업반 (ISO/IEC JTC 1/SC 27/WG 5)에서는 기업을 위한 개인정보보호 원칙을 제시하고, 개인정보보호 위험 평가 지침을 제시하며 개인정보보호를 위한 각종 통제를 제시하기 위한 국제 표준화 작업을 수행하고 있다[18]. 정보보호관리체계 작업반(WG 1)에서는 2013년부터 정보보호관리 요구사항을 다룬 ISO/IEC 27001[6]을 이용해 여러 섹터에 적용되는 정보보호관리체계 구축을 위한 요구사항에 대한 국제표준화를 추진하고 있다. 본 논문에서는 작업반 1과 작업반 5에서 수행되고 있는 개인정보보호 관련 국제 표준화 활동의 동향을 살펴보고, 개인정보보호 관리체계 구축을 위한 국제 표준의 배열을 제시한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2021.11a
• /
• pp.1391-1393
• /
• 2021

본 시스템은 항만지역에서 지속적으로 발생하는 안전사고에 대응하기 위하여 사물인터넷 기술을 적용한 스마트 웨어러블 기기를 활용하여 근로자의 추락, 협착, 충돌 등 사고 정보를 실시간 수집하고 GIS기반의 모니터링 서비스를 통해서 위급 상황 발생 시 능동적이고 즉각적인 구조 활동 지원 및 골든타임 확보와 지속적 분석을 수행하여 귀중한 인명사고 구조체계를 개선하는데 목적이 있다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2000.10c
• /
• pp.352-354
• /
• 2000

인터넷에서 해커 등 침입자를 추적하기 위한 방안들이 연구되고 있으나 아직 실용적인 연구성과가 거의 드문 실정이다. 지금까지는 침해사고대응팀(CERT)간의 협력과 상호 정보교류를 통한 대응체계를 통하여 이루어지고 있으나 실제 역추적으로서는 효과적인 방법이 아니며, 에이전트를 이용한 분석방법(AIAA)와 같은 경우도 에이전트의 수동적인 이동이 전제되어야 하는 것이다. 최근 해킹공격에 대한 적극적인 대응 방안으로 역공격 등의 적극적인 방법들이 고려되고 자신의 시스템에 대한 보호방법의 하나로서 받아들여지고 있는 경향이 있으므로 이러한 역공격 방법을 추적시스템에 접목하여 개량된 AIAA 모델로서 침입자 역추적방법을 설계하고 구현하였다. 여기에는 침입자 역공격 모듈과 침입자 미행모듈, AIAA 파견모듈등을 구현하여 자동적인 침입자 추적을 실현하였다.

• Journal of Korea Water Resources Association
• /
• v.55 no.spc1
• /
• pp.1261-1270
• /
• 2022

The purpose of this study is to collect and analyze information related to water leaks that cannot be easily accessed, and utilized by using the news search results that people can easily access. We applied a web crawling technique for extracting big data news on water leakage accidents in the water supply system and presented an algorithm in a procedural way to obtain accurate leak accident news. In addition, a data analysis technique suitable for water leakage accident information analysis was developed so that additional information such as the date and time of occurrence, cause of occurrence, location of occurrence, damaged facilities, damage effect. The primary goal of value extraction through big data-based leak analysis proposed in this study is to extract a meaningful value through comparison with the existing waterworks statistical results. In addition, the proposed method can be used to effectively respond to consumers or determine the service level of water supply networks. In other words, the presentation of such analysis results suggests the need to inform the public of information such as accidents a little more, and can be used in conjunction to prepare a radio wave and response system that can quickly respond in case of an accident.

• Korean Journal of Construction Engineering and Management
• /
• v.18 no.6
• /
• pp.57-64
• /
• 2017

Recently, the disaster situation has been diversified and compounded worldwide as well as in Korea. And the damage scale of each disasters have increased, and following economic loss is also increasing immensely. In Korea, especially the out break frequency of large-scale disasters has increased. Disasters caused by earthquakes are also very likely to occur. When a major accident such as Mauna resort collapse accident, Ferry sewol sinking accident occurred, systematic emergency medical care at the site at the time of disaster occurred in order to operate an emergency medical facility corresponding to the site, which is not systematic. The need for this service is urgent. If highly reliable emergency medical system function at appropriate times in the disaster site, secondary damage can be reduced and the whole situation would be back to normal shortly. Therefore, it is necessary to provide an emergency medical system capable of quickly and safely responding to disaster sites in relation to various damage scale. For the purpose, thorough analysis on mobile medical units of inside and outside the country was accomplished. As a result, Mobile Medical Unit of outside the country are trailer type, tent type, container type etc. At home, these types have been studied and will be proposed early next year as a temporary solution. Here we introduce suitable types for our country.

• Journal of Convergence for Information Technology
• /
• v.11 no.1
• /
• pp.118-127
• /
• 2021

In spite of various safety measures, coastal safety accidents continue to occur, so this study focused on using drones as countermeasures. Municipalities that already have coasts have begun operating unmanned multicopters for coastal safety management. In particular, by connecting an unmanned multi-copter to the currently applied smart city safety net system, it is possible to transmit real-time images of the scene in case of emergency in the coastal area to the local government safety information center. It is also expected to contribute significantly to strengthening safety management in coastal waters through a more rapid response to safety accidents. Therefore, in this paper, we propose the use of drones as an alternative to the limitations of the domestic coastal safety system by investigating the state of coastal safety accidents and analyzing the state of domestic coastal safety systems. In addition, it is expected to be a key breakthrough in the coastal area safety system by proposing a model linking the Korean K-Drone system.

• Fire Science and Engineering
• /
• v.30 no.6
• /
• pp.23-30
• /
• 2016

This study analyzed the characteristics of chemical accidents, including the accidents occurring each year according to status, type of accident, accident cause for chemical substance transporting accidents. The major aim of this study was to provide information on the chemical accidents that occurred involving chemical substance transporting accidents from 2013 to July - 2016. The total incidence of chemical transporting accidents was 77 cases; 74 cases occurred by the spill & leakage type. The main cause of the accidents analyzed was traffic accidents (41 cases). Forty-six accidents were related to hazardous chemical substances. Among the 46 hazardous chemical substances involved in transporting chemical accidents, 46% of the accident substances were hydrogen chloride. For the prevention and response to accidents occurring during the transportation of chemicals, it is necessary to complement the precautions for chemical accidents caused by transportation accidents and chemical spills and leaks of chemicals. In addition, when the chemical transport of an accident occurs, it is necessary to apply a chemical transport safety system for chemical transfer.

• Journal of Korean Society of societal Security
• /
• v.3 no.2
• /
• pp.27-32
• /
• 2010

Emergency preparedness plan (EPP) is the systematic management of activities that involve a material degree of risk of loss or other damage to the surroundings (people, property and environment), and the boundary of accident recovery plan (ARP). The main purpose of the program is to provide a safety management system to each facility in order to enable to prevent accident and to control accident immediately. The EPP includes not only typical safety-related documentations such as material safety data sheet (MSDS), standard operation procedure (SOP), emergency response plan(ERP). EPP is established basis of the preliminary safety analysis involving risk identification, assessment and prevention plans. The program is also helpful for government or related agencies to control a number of accidents in small-scale companies in the whole country.