• The Journal of the Korea Contents Association
• /
• v.21 no.1
• /
• pp.531-540
• /
• 2021

As cyber attacks and crimes increase exponentially and hacking attacks become more intelligent and advanced, hacking attack methods and routes are evolving unpredictably and in real time. In order to reinforce the enemy's responsiveness, this study aims to propose a method for developing an artificial intelligence-based security control platform by building a next-generation security system using artificial intelligence to respond by self-learning, monitoring abnormal signs and blocking attacks.The artificial intelligence-based security control platform should be developed as the basis for data collection, data analysis, next-generation security system operation, and security system management. Big data base and control system, data collection step through external threat information, data analysis step of pre-processing and formalizing the collected data to perform positive/false detection and abnormal behavior analysis through deep learning-based algorithm, and analyzed data Through the operation of a security system of prevention, control, response, analysis, and organic circulation structure, the next generation security system to increase the scope and speed of handling new threats and to reinforce the identification of normal and abnormal behaviors, and management of the security threat response system, Harmful IP management, detection policy management, security business legal system management. Through this, we are trying to find a way to comprehensively analyze vast amounts of data and to respond preemptively in a short time.

• Information Systems Review
• /
• v.15 no.2
• /
• pp.1-19
• /
• 2013

Smart working sparked by iPhone3 opens a revolution in smart ways of working at any time, regardless of location and environment. Also, It provide real-time information processing and analysis, rapid decision-making and the productivity of businesses, including through the timely response and the opportunity to increase the efficiency. As a result, every company are developing mobile information systems. But company data is accessed from the outside, it has problems to solve like security, hacking and information leakage. Also, Mobile devices such as smart phones belonging to the privately-owned asset can't be always controlled to archive company security policy. In the meantime, public smart phones owned by company was always applied security policy. But it can't not apply to privately-owned smart phones. Thus, this paper is focused to archive company security policy, but also enable the individual's free to use of smart phones when we use mobile information systems. So, when we use smart phone as individual purpose, the normal operation of all smart phone functions. But, when we use smart phone as company purpose like mobile information systems, the smart phone functions are blocked like screen capture, Wi-Fi, camera to protect company data. In this study, we suggest the design and implementation of real time control and management of mobile device using MDM(Mobile Device Management) solution. As a result, we can archive company security policy and individual using of smart phone and it is the optimal solution in the BYOD(Bring Your Own Device) era.

• Annual Conference of KIPS
• /
• 2017.04a
• /
• pp.330-331
• /
• 2017

최근 클라우드 및 신경망 기반의 지능형 CCTV기술이 사회 안전 분야의 핵심 기술로 부상하면서 신학계에 관심이 커지고 있다. 이러한 동향을 반영하여 공공/사회 안전을 위한 실 환경 기반 지능형 영상 인식 기술의 지속적인 성능 업데이트 및 관리를 위한 온라인 학습 기반 인식 기술이 필요하다. 본 논문에서는 클라우드 기반 지능형 영상보안 온라인 인큐베이팅 플랫폼 기술 과제를 소개한다. 온라인 인식신경망 인큐베이팅이란, 원격 클라우드 환경을 이용하여 사용 중인 영상인식 신경망을 온라인 학습으로 실시간 업데이트하여 딥러닝 성능을 지속적으로 강화하는 기술이다. 본 논문에서는 클라우드 기반 지능형 영상보안 인큐베이팅 플랫폼 기술 과제를 소개한다.

• Convergence Security Journal
• /
• v.5 no.3
• /
• pp.33-41
• /
• 2005

Information can be leaked, changed, damaged and illegally used regardless of the intension of the information owner. Intrusion Detection Systems and Firewalls are used to protect the illegal accesses in the network. But these are the passive protection method, not the active protection method. They only react based on the predefined protection rules or only report to the administrator. In this paper, we develop the intrusion detection and protection system using Netfilter framework. The system makes the administrator's management easy and simple. Furthermore, it offers active protection mechanism against the intrusions.

• Proceedings of the Korean Information Science Society Conference
• /
• 2001.04a
• /
• pp.793-795
• /
• 2001

IPSec은 IETF에 의해 IP 레이어 보안을 위한 개방형 구조로 설계된 것으로 인터넷에서의 정보보호를 대표한다. 그리고 ISKMP는 인터넷에서 요구되는 정보보호를 설정하기 위한 인증, 키 관리 및 보안협상등을 담당하는 프로토콜로써 IPSec으로 보다 체계화된 인터넷 정보보호를 제공하기 위해 포함되어야 하는 IKE에서 사용하는 프로토콜이다. 이러한 IPSec을 이용한 보안 시스템을 개발하기 위해서는 시스템에서 사용하고 있는 프로토콜들에 대한 평가 방법도 같이 제시되어야 하나, 기존의 프로토콜 분석 도구들은 IPSec에서 제공하고 있는 프로토콜들을 분석하지 못할 뿐만 아니라 개발단계에서의 구현 평가를 하지 못한다. 본 논문에서는 IPSec을 구현하는데 필요한 AH 및 ESP 프로토콜과 ISAKMP 프로토콜을 실시간으로 분석하고, 이들 프로토콜들이 얼마나 잘 구현되었는지를 평가할 수 있는 프로토콜 분석 도구를 설계하고 구현하였다.

• Annual Conference of KIPS
• /
• 2011.11a
• /
• pp.988-991
• /
• 2011

본 논문은 자동차에 대한 데이터의 보안성을 위한 시스템을 위한 것으로, 자동차의 데이터를 실시간으로 읽어드려, 이를 인터넷 상에 위치한 Web 서비스를 통하여 DB에 SOAP를 이용하여 서버에 저장하는 시스템이다. 통합된 시스템이 만들어지면, 현재 자동차의 상태정보를 읽어드려, 자동차의 상황정보를 보안이 강화된 통신을 통해 사용자에게 신뢰성이 높은 정보를 안전하게 제공할 수 있을 것이다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.5
• /
• pp.1163-1172
• /
• 2015

In this paper, an MQTT based protocol is designed and implemented for control, management and monitoring of HVAC in a cloud platform in real time. The MQTT protocol is a two-way messaging protocol, and has the generality, flexibility, light weighted, quickness with reliability and security. In the implemented system, performance and reliability of the communication protocol is considered for data acquisition and control between the CCU and the cloud server. Control and monitoring for the cloud server is performed in real time in conjunction with CCU and the MQTT server.

• The Journal of Society for e-Business Studies
• /
• v.20 no.4
• /
• pp.151-175
• /
• 2015

Although three types of the information security measures (technical, physical and managerial ones) are all together critical to maintaining information security in the organizations and should be implemented at the same time, this study aims at providing theoretical basis of establishing and implementing effective managerial security measures. The rationale behind this research objective is that it is very important to effectively perform the managerial security measures to achieve the target performance level of the technical and the physical security measures because main agents of practicing the information security measures in the organizations are staff members even though the technical and the physical ones are well constructed and implemented. In particular, this study intends to develop and propose the theoretical model applicable to providing the way of improving organizational members' intention to use information security technologies since the very intention to use them is essential to effectively establishing and promoting managerial security measures. In order to achieve the objective of this study, the factors critical to influencing upon the intention to use information security technologies are derived through systematically reviewing related theories and previous studies, and then the research model and hypotheses are proposed by logically reasoning the casual relationship among the these factors. Also, the empirical analyses are performed by conducting the survey of the organization members of domestic large companies and analyzing the structural equation model by PLS (Partial Least Squares) method. The significant results of this study can contribute to expanding the research area of managerial information security and can be applied to suggesting the practical guidelines for effectively establishing and implementing the managerial security measures in various organizations.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.8A
• /
• pp.804-813
• /
• 2006

In wireless Internet environment that demand of wireless Internet service increase steadily, wireless PKI(Public Key Infrastructure) service is appearing on stage as necessary essential base technology for information protection service offer, In this paper, we propose the method for verification to reduce the communication overload using VID to CSMP made with a goal of the performance guarantee for security and use in a real time and examine the existent certificate verification methods. The performance of security and the use in a real time is guaranteed by managing the note of authentification by the person who verifies and reducing the amount of the data transmission using VID.

• Convergence Security Journal
• /
• v.22 no.1
• /
• pp.71-79
• /
• 2022

The smart grid system has emerged to maximize energy efficiency through real-time information exchange between power providers and consumers by combining information technology and power supply systems. The authentication schemes using blockchain in a smart grid system have been proposed, which utilize an edge server's architecture to collect and store electric power-related information and process data between a central cloud server and smart grid-IoT devices. Although authentication schemes are being proposed to enhance security in the smart grid environment, many vulnerabilities are still reported. This paper presents a new mutual authentication scheme to guarantee users' privacy and anonymity in a smart grid based on edge computing using blockchain. In the proposed scheme, we use the smart contract for the key management's efficiency, such as updating and discarding key materials. Finally, we prove that the proposed scheme not only securely establishes a session key between the smart grid-IoT device of the user and the edge server but also guarantees anonymity.