• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.1
• /
• pp.147-153
• /
• 2015

Since the DoS(Denial of Service) attack is still an important vulnerable element in many web service sites, sites including public institution should try their best in constructing defensive systems. Recently, DDoS(Distributed Denial of Service) has been raised by prompting mass network traffic that uses NTP's monlist function or DoS attack has been made related to the DNS infrastructure which is impossible for direct defense. For instance, in June 2013, there has been an outbreak of an infringement accident where Computing and Information Agency was the target. There was a DNS application DoS attack which made the public institution's Information System impossible to run its normal services. Like this, since there is a high possibility in having an extensive damage due to the characteristics of DDoS in attacking unspecific information service and not being limited to a particular information system, efforts have to be made in order to minimize cyber threats. This thesis proposes a method for using TTL (Time To Live) value in IP header to detect DDoS attack with IP spoofing, which occurs when data is transmitted under the agreed regulation between the international and domestic information system.

• The Journal of Korean Association of Computer Education
• /
• v.10 no.3
• /
• pp.19-29
• /
• 2007

The informationization policies undertaken in concentration only on the national economic growth invited the unbalance between technology and social culture, displayed the serious reverse function phenomena, and these problems threatened the personal identity of individual in the cyber space. In this study, we developed an index model on the information and communication ethics where the national level of information and communication ethics can be examined. For this purpose, based on diverse previous research data, the areas of the ethical indicators in information and communication has been developed through the brain storming of the research staff. Through the consultation with experts, the feasibility and representation as index was heightened, and the weighted values to the each index was provided by the AHP method. The outcome of questionnaires from the information users and information providers (great portals) was also reflected in simple average method into the calculation of the weighted value to the each index element.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.6
• /
• pp.1493-1504
• /
• 2016

As cyber threats have been increased over the Internet, the invasions of personal information are constantly occurring. A malicious user can access the Web site as a normal user using leaked personal information and does illegal activities. This paper proposes an effective method which authenticates a genuine user with real-time. The method use the user's profile which is a record of user's behavior created by Membership Analysis(MA) and Markov Chain Model(MCM). In addition to, user's profile is augmented by a Time Weight(TW) which reflects the user's tendency. This method can detect a malicious user who camouflage normal user. Even if it is a genuine user, it can be determined as an abnomal user if the user acts beyond the record profile. The result of experiment showed a high accuracy, 96%, for the correct user.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.309-316
• /
• 2004

The industrial structure with Internet is changing from offline to online. By developing of network, E-commerce will be big market. It is natural to increase of E-commerce and interest of people. but, it is supported by system and technics. First of all, we need customer authentication service method. In this paper, we described about Electronic shopping mall Security by three main categories. One is general security solution of I-commerce, Second is analyzing about various threats, vulnerability and countermeasures to that. Third is security consideration of directory service in I-commerce circumstance.

• Journal of Digital Convergence
• /
• v.9 no.3
• /
• pp.11-19
• /
• 2011

The spread of computer and network gets various social and economic activities done quickly and efficiently. As a result, it makes a crime using network easy and increases the vulnerability of a social system. As there is a crime as a social being, we need to give careful consideration to the crime occurring in virtual space. Accordingly, the purpose of this paper is to investigate the regulatory need of the Criminal Procedure concerning the network security issues as the new legal and regulatory space that begins to be realized from the late of 20th century because of the extent of social threat. Above all, we addresses whether the amendment of existing legal regulations is necessary, based on the special characteristics of the virtual space.

• Journal of Digital Convergence
• /
• v.11 no.10
• /
• pp.445-451
• /
• 2013

Cyber terrorism has lately aimed at major domestic financial institutions and broadcasters. A large number of PCs have been infected, so normal service is difficult. As a result, the monetary damage was reported to be very high. It is important to recognize the importance of big data. But security and privacy efforts for big data is at a relatively low level, therefore the marketing offort is very active. This study concerns the analysis of Big Data industry and Big data security threats that are intelligent and the changes in defense technology. Big data, security countermeasures for the future are also presented.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.26 no.3
• /
• pp.281-301
• /
• 2023

The shipboard combat system is a key system for naval combat that supports a command and control process cycle consisting of Detect - Control - Engage in real time to ensure ship viability and conduct combat missions. Modern combat systems were developed on the basis of Open Architecture(OA) to maximize acceptance of latest technology and interoperability between systems, and actively introduced the COTS(Commercial-of-the-shelf). However, as a result of that, vulnerabilities inherent in COTS SW and HW also occurred in the combat system. The importance of combat system cybersecurity is being emphasized but cybersecurity research reflecting the characteristics of the combat system is still lacking in Korea. Therefore, in this paper, we systematically identify combat system threats by applying Data Flow Diagram, Microsoft STRIDE threat modelling methodology. The threats were analyzed using the Attack Tree & Misuse case. Finally we derived the applicable security requirements which can be used at stages of planning and designing combat system and verified security requirements through NIST 800-53 security control items.

• Journal of Digital Contents Society
• /
• v.11 no.1
• /
• pp.79-89
• /
• 2010

The government and companies build a DDoS correspondence system hastily to protect assets from cyber threats. It has become more and more intelligent and advanced such as DDoS attack. However, when outbreaks of the social incidents such as 7.7 DDoS attack(2009.7.7) or cases of the direct damage occurred, information security systems(ISS) only become the issue in the short term. As usual, sustained investment about ISS is a negative recognition. Since the characteristic of ISS is hard to recognize the effectiveness of them before incidents occurs. Also, results of incidents occurred classify attack and detection. Detailed and objective measurement criterion to measure effectiveness and efficiency of ISS is not existed. Recently, it is progress that evaluation and certification about for the information security management system(ISMS). Since these works propose only a general guideline, it is difficult to utilize as a result of ISMS improvement for organization. Therefore, this paper proposes a framework to develop main criteria by a correspondence strategy and process. It is able to detailed and objective measurements.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.3
• /
• pp.920-925
• /
• 2010

A home network system is made up of home devices and wire and wireless network can not only be the subject of cyber attack from a variety factors of threatening, but also have security weakness in cases of hacking, vicious code, worm virus, DoS attack, tapping of communication network, and more. As a result, a variety of problems such as abuse of private life, and exposure and stealing of personal information arose. Therefore, the necessity for a security protocol to protect user asset and personal information within a home network is gradually increasing. Thus, this dissertation designs and suggests a home network security protocol using user authentication and approach-control technology to prevent the threat by unauthorized users towards personal information and user asset in advance by providing the gradual authority to corresponding devices based on authorized information, after authorizing the users with a Public Key Certificate.

• Journal of Convergence for Information Technology
• /
• v.8 no.6
• /
• pp.231-236
• /
• 2018

Recently, a wide variety of IoT environment is being created due to the rapid development of information and communication technology. And accordingly in a variety of network structures, a countless number of attack techniques and new types of vulnerabilities are producing a social disturbance. In May of 2018, Talos Intelligence, the Cisco threat intelligence team has newly discovered 'VPN-Filter', which constitutes a large-scale IoT-based botnet, is infecting consumer routers in over 54 countries around the world. In this paper, types of IoT-based botnets and the attack techniques utilizing botnet will be examined and the countermeasure technique through EXIF metadata removal method which is the cause of connection method of C & C Server will be proposed by examining the characteristics of attack vulnerabilities and attack scenarios of VPN-Filter.