• The Journal of the Korea institute of electronic communication sciences
• /
• v.8 no.6
• /
• pp.863-871
• /
• 2013

Recently application of open protocols and external network linkage to the national critical infrastructure has been growing with the development of information and communication technologies. This trend could mean that the national critical infrastructure is exposed to cyber attacks and can be seriously jeopardized when it gets remotely operated or controlled by viruses, crackers, or cyber terrorists. In this paper virtual Honeynet model which can reduce installation and operation resource problems of Honeynet system is proposed. It maintains the merits of Honeynet system and adapts the virtualization technology. Also, virtual Honeynet model that can minimize operating cost is proposed with data analysis and collecting technique based on the verification of attack intention and focus-oriented analysis technique. With the proposed model, new type of attack detection system based on virtual Honeynet, that is Cybertrap, is designed and implemented with the host and data collecting technique based on the verification of attack intention and the network attack pattern visualization technique. To test proposed system we establish test-bed and evaluate the functionality and performance through series of experiments.

• Journal of the Korea Convergence Society
• /
• v.12 no.4
• /
• pp.95-103
• /
• 2021

This study was aimed to investigate the education needs for prevention and control of infectious diseases by lifecycle based on age group and to provide the fundamental data to develop the educational programs. A research was conducted with 328 adults over 19 years old for a month of February 2021 through online and mobile survey by Gallup Korea. Research contents include the general characteristics, personal hygiene practices related to infection, perceived risks related to infection, importance and level of knowledge on infectious diseases, and education needs for prevention and control of infectious diseases. For the research data analysis, PASW Statistics Ver 20.0 was used as a statistical program. Ranks from analysis upon conversion as the formula of Borich needs to sum up with importance and knowledge level showed first (Borich 3.11) with treatments for infectious diseases; second (Borich 2.15) with process in case of suspicion and diagnosis of infectious diseases; third (Borich 1.75) with transmission routes of infectious diseases; fourth (Borich 1.73) with preventive ways of infectious diseases; fifth (Borich 1.50) with diagnostic and test methods of infectious diseases; sixth (Borich 1.45) with characteristics of infectious diseases; and seventh (Borich1.38) with main symptoms of infectious diseases. It is anticipated that development of educational programs applying education needs for prevention and control of infectious diseases in this research can contribute to enhance the physical health, mental health, and psychological well-being of the subjects.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.6
• /
• pp.1467-1482
• /
• 2017

Recently, Interests on The Fourth Industrial Revolution has been increased. In the manufacturing sector, the introduction of Smart Factory, which automates and intelligent all stages of manufacturing based on Cyber Physical System (CPS) technology, is spreading. The complexity and uncertainty of smart factories are likely to cause unexpected problems, which can lead to manufacturing process interruptions, malfunctions, and leakage of important information to the enterprise. It is emphasized that there is a need to perform systematic management by analyzing the threats to the Smart Factory. Therefore, this paper systematically identifies the threats using the STRIDE threat modeling technique using the data flow diagram of the overall production process procedure of Smart Factory. Then, using the Attack Tree, we analyze the risks and ultimately derive a checklist. The checklist provides quantitative data that can be used for future safety verification and security guideline production of Smart Factory.

• Journal of Software Assessment and Valuation
• /
• v.17 no.2
• /
• pp.91-99
• /
• 2021

In the current business environment where dependence on IT has increased rapidly, the risk from disasters or cyber-attacks is also increasing. Business continuity, the ability to continue to provide service in the event of a business disruption caused by a disaster, is essential. In other words, you need to have a plan in place to keep your core business functions uninterrupted with rapid recovery within a predetermined Recovery Time Objective (RTO) and Recovery Point Objective (RPO) time frame. In this paper, we propose a disaster recovery system construction method that can minimize RTO and RPO to ensure business continuity. The system configuration adopts Tier 7 disaster recovery model, synchronous storage replication, hot disaster recovery site, and operation management automation solution. This ensures continuity of core business with virtually no data loss and minimal RTO and RPO.

• Convergence Security Journal
• /
• v.23 no.3
• /
• pp.3-11
• /
• 2023

Zero Trust, characterized by the principle of "Never Trust, Always Verify," represents a novel security paradigm. The proliferation of remote work and the widespread use of cloud services have led to the establishment of Work From Anywhere (WFA) environments, where access to corporate systems is possible from any location. In such environments, the boundaries between internal and external networks have become increasingly ambiguous, rendering traditional perimeter security models inadequate to address the complex and diverse nature of cyber threats and attacks. This research paper introduces the implementation principles of Zero Trust and focuses on the Micro Segmentation approach, highlighting its relevance in mitigating the limitations of perimeter security. By leveraging the risk management framework provided by the National Institute of Standards and Technology (NIST), this paper proposes a comprehensive procedure for the adoption of Zero Trust. The aim is to empower organizations to enhance their security strategies.

• Journal of Internet Computing and Services
• /
• v.12 no.5
• /
• pp.47-61
• /
• 2011

Recently, the importance of digital forensic has been magnified because of the dramatic increase of cyber crimes and the increasing complexity of the investigation of target systems such as PCs, servers, and database systems. Moreover, some systems have to be investigated with live forensic techniques. However, even though live forensic techniques have been improved, they are still vulnerable to anti-forensic activities when the target systems are remotely accessible by criminals or their accomplices. To solve this problem, we first suggest a layer-based model and the anti-forensic scenarios which can actually be applicable to each layer. Our suggested model, the Anti-Forensic Activites layer-based model, has 5 layers - the physical layer, network layer, OS layer, database application layer and data layer. Each layer has possible anti-forensic scenarios with detailed commands. Second, we propose a fuzzy expert system for effectively detecting anti-forensic activities. Some anti-forensic activities are hardly distinguished from normal activities. So, we use fuzzy logic for handling ambiguous data. We make rule sets with extracted commands and their arguments from pre-defined scenarios and the fuzzy expert system learns the rule sets. With this system, we can detect anti-forensic activities in real time when performing live forensic.

• Proceedings of the CALSEC Conference
• /
• 1999.11a
• /
• pp.159-168
• /
• 1999

오늘날 우리 나라가 당면한 최우선 경제과제중 하나는 물류부문의 혁신을 통한 국가경쟁력 강화라고 할 수 있으며, 이를 위해 정부도 1993년 물류체계 개선을 위한 장기구상으로 ‘화물유통체계 개선 10개년 기본계획’을 수립하여 적극 추진 중에 있다. 그러나 이러한 노력에도 불구하고 PORT-MIS사용자를 상대로 한 설문조사에서는 선박입출항 업무 관련 서류의 40%, 항만시설 사용 업무와 관련된 서류의 31%, 하역업무 관련 서류의 10%만이 EDI를 활용하고 있었다. EDI 활용이 저조한 사유로는 전송시간이 많이 걸리며, EDI 소프트웨어가 작동되지 않으며, 수신확인이 되지 않기 때문이라 응답을 하였다. 이처럼 오늘날 항만물류산업이 겪고 있는 물류 데이타 흐름의 단절적 현상은 시간이 흐를수록 해결될 기미가 보이고 있지 않다. 따라서 본 논문에서는 우리 나라가 겪고 있는 물류관련 업무를 한번의 데이터 입력으로 해결할 수 있는 원스톱 서비스 시스템개발을 목표로 우선 PORT-MIS EDI 업무를 처리할 수 있는 시스템을 구축하였다. 이는 향후 화주, 운송사, 선사, 포워더, 창고업자, 하역회사, 철도청, 화물터미널, 컨테이너 터미널, 해양수산청, 관세청, 출입국관리사무소, 검역소 사이에 서로 교환되는 적하목록, Booking List, 컨테이너 Pick up정보, 위험물 정보, COPINO 정보를 비롯하여 대 관세청 신고 등 수출컨테이너 화물업무의 전반적인 영역으로까지 쉽게 확대할 수 있을 것이다. 본 연구결과 구축된 시스템은 원천정보를 중앙의 통합데이터베이스에 저장하여 이를 사용자의 요구에 의해 인터넷을 통해 전달하는 FTP와 웹 EDI 방식을 결합한 하이브리드 형태이다.인터넷으로 주문처리하고, 신속 안전한 배달을 기대한다. 더불어 고객은 현재 자신의 물건이 배달되는 경로를 알고싶어 한다. 웹을 통해 물건을 주문한 고객이 자신이 물건의 배달 상황을 웹에서 모니터링 한다면 기업은 고객으로 공간적인 제약으로 인한 불신을 불식시키는 신뢰감을 주게 된다. 이러한 고객서비스 향상과 물류비용 절감은 사이버 쇼핑몰이 전국 어디서나 우리의 안방에서 자연스럽게 점할 수 있는 상황을 만들 것이다.SP가 도입되어, 설계업무를 지원하기위한 기본적인 시스템 구조를 구상하게 된다. 이와 함께 IT Model을 구성하게 되는데, 객체지향적 접근 방법으로 Model을 생성하고 UML(Unified Modeling Language)을 Tool로 사용한다. 단계 4)는 Software Engineering 관점으로 접근한다. 이는 최종산물이라고 볼 수 있는 설계업무 지원 시스템을 Design하는 과정으로, 시스템에 사용될 데이터를 Design하는 과정과, 데이터를 기반으로 한 기능을 Design하는 과정으로 나눈다. 이를 통해 생성된 Model에 따라 최종적으로 Coding을 통하여 실제 시스템을 구축하게 된다.the making. program and policy decision making, The objectives of the study are to develop the methodology of modeling the socioeconomic evaluation, and build up the practical socioeconomic evaluation model of the HAN projects including scientific and technologica

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.22 no.3
• /
• pp.242-251
• /
• 2021

This study investigates the effects of availability and accessibility on an individual's risk of developing a gambling problem. A total of 24 off-track betting facilities located in 12 districts of Seoul were examined in an effort to identify any association between their presence and citizens' gambling habits. Study participants included 1,490 online recruits residing in Seoul who participated in gambling activities in the 12 months prior to the study. To examine the differences in addiction rates and gambling frequency, a survey of demographics, gambling addictions, and gambling frequency divided the participants into two groups: those who resided in a district where off-track betting facilities were available, and those who resided elsewhere. Analysis results indicate that gambling frequency and addiction rates were significantly higher among participants residing in a district where off-track betting terminals are available. Additional analysis was performed with participants who mainly gambled on horse racing, with results similar to the previous analysis-significantly higher rates of gambling addiction and frequency were observed among participants residing in close proximity to off-track betting facilities.