• Proceedings of the CALSEC Conference
• /
• 1999.11a
• /
• pp.232-238
• /
• 1999

ㆍ B2B 전자 비즈니스 유형 : - EDI 와 ERP의 연계 -비즈니스 파트너를 위한 Online 상점 또는 도매점 ㆍ B2B 전자 비즈니스의 보안 위협 요소 : -내부직원, 고객, 비즈니스 파트너, 외부인 ㆍB2B 전자비즈니스 기반 기술 구조: -Application 레벨에서의 통합 (중략)

• Journal of the Society of Disaster Information
• /
• v.11 no.1
• /
• pp.97-106
• /
• 2015

Currently, South Korea is exposed to various attacks of North Korea such as traditional, nuclear, and ABC weapons. Now it is hard to make an accurate estimate the damage may have been occurred to citizens due to those attacks. It is only possible to assume the rough outline. As a countermeasure to such military threats of North Korea, government-aided evacuation facilities services are going along across the board concerning the object, installation range, budget, and drawing standards. Whereas, in case of public evacuation facilities, there is no special regulation or principle in designation. Since various facilities are regarded as applicable, any protection against military threats can't be anticipated. In this study, military threats provoked by North Korea are figured out, thus the problem of plan and design that public evacuation facilities have are pointed out. This study suggest the result and proposal.

• Convergence Security Journal
• /
• v.17 no.5
• /
• pp.35-40
• /
• 2017

The control system can have such threats as information leakage and falsification through various routes due to communications network fusion with public network. As the issues about security and the infringe cases by new attack methods are diversified recently, with the security system that makes information data database by simply blocking and checking it is difficult to cope with new types of threats. It is also difficult to respond security threats by insiders who have security access authority with the existing security equipment. To respond the threats by insiders, it is necessary to collect and analyze Event Log occurring in the internal system realtime. Therefore, this study could find out whether there is correlation of the elements among Event Logs through correlation analysis based on Event Logs that occur real time in the control system, and based on the analysis result, the study is expected to contribute to studies in this field.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.27 no.1
• /
• pp.87-96
• /
• 2023

As the number of security vulnerabilities increases yearly, security threats continue to occur, and the vulnerability risk is also important. We devise a security threat score calculation reflecting trends to determine the risk of security vulnerabilities. The three stages considered key elements such as attack type, supplier, vulnerability trend, and current attack methods and techniques. First, it reflects the results of checking the relevance of the attack type, supplier, and CVE. Secondly, it considers the characteristics of the topic group and CVE identified through the LDA algorithm by the Jaccard similarity technique. Third, the latest version of the MITER ATT&CK framework attack method, technology trend, and relevance between CVE are considered. We used the data within overseas sites provide reliable security information to review the usability of the proposed final formula CTRS. The scoring formula makes it possible to fast patch and respond to related information by identifying vulnerabilities with high relevance and risk only with some particular phrase.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.7
• /
• pp.1047-1059
• /
• 2022

With the development of cloud computing technology, container technology that provides services based on a virtual environment is also developing. Container orchestration technology is a key element for cloud services, and it has become an important core technology for building, deploying, and testing large-scale containers with automation. Originally designed by Google and now managed by the Linux Foundation, Kubernetes is one of the container orchestrations and has become the de facto standard. However, despite the increasing use of Kubernetes in container orchestration, the number of incidents due to security vulnerabilities is also increasing. Therefore, in this paper, we study the vulnerabilities of Kubernetes and propose a security policy that can consider security from the initial development or design stage through threat analysis. In particular, we intend to present a specific security guide by classifying security threats by applying STRIDE threat modeling.

• The Journal of the Convergence on Culture Technology
• /
• v.9 no.3
• /
• pp.257-262
• /
• 2023

Recently there are increasing number of claims that it is necessary to build a countermeasure in case of aggressive threats by small drones. During Russia-Ukraine war ignited by Russian invasion on February 2022, attacking drones have been being used widely to damage other country's national major facilities. On December 2022, 5 drones sent by North Korea made a flight around Seoul, South Korea about 7 hours, but it was not successful to search and track them. Furthermore, none of these were destroyed and shot down. Counter-drone system is essential system to search and identify unintended small drones and disable them. This paper is for proposing required functions for building a counter-drone system for national major facilities. We conducted focus group interviews with relevant government officials and analyzed their suggestions on how to augment protection capabilities to defend against small drone attacks.

• Journal of the Korea Convergence Society
• /
• v.5 no.1
• /
• pp.29-34
• /
• 2014

It appeared with the development of IT skills to help the social network SNS(Social Network Service) on the online form. Many people around the world and in the business environment changes is the emergence of social networks are bringing. And the rapid development of the idea, but are insignificant for the security threats that are used by many people in many companies, and social network services. In addition, although it is true that this connection is increased from the number of mobile machines to the development of M2M, that is not recognized for that vulnerability. To evaluate and identify vulnerabilities against security threats and countermeasures for the SNS access the social network on the M2M After looking for privacy and in the present.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.17 no.4
• /
• pp.43-48
• /
• 2017

Today our society is approaching new intelligence information society, which has been caused by the Fourth Industrial Revolution along with the development of information and communication technology(ICT). And this has just opened a new era of Internet of Things(IoT) that connects between human and objects and between objects through network, allowing transmission and reception of information beyond the limits of space. However, many crises occurred in the existing communication environment may threaten the security of Internet of Things, by violating the three components of information security. In this paper, this study aims to analyze security technology to achieve advanced security by dividing IoT security technology for coping with security vulnerability found in different components into three groups.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.18 no.4
• /
• pp.437-444
• /
• 2008

This paper deals with the biometric template protection in the biometric system which has been widely used for personal authentication. First, we consider the structure of the biometric system and the function of its sub-systems and define the biometric template and identification(ID) information. And then, we describe the biometric template attack points of a biometric system and attack examples and provide their countermeasures. From this, we classify the vulnerability which can be protected by encryption and hashing techniques. For more detail investigation of these at real operating situations, we analyze them and suggest several protection methods for the typical application scheme of biometric systems such as local model, download model, attached model, and center model. Finally, we also handle the privacy problem which is most controversy issue related to the biometric systems and suggest some guidances of safeguarding procedures on establishing privacy sympathy biometric systems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.5
• /
• pp.79-92
• /
• 2006

Computer virus is one of the most common information security problems in the information age. This study investigates the difference of users' perception of security elements between large companies and small-and-medium companies on the subject of computer virus. Based on t-test, no significant difference is found in users' perception on security threat and security risk While users satisfy with the level of security policy, there is a significant difference on the level of security policy recognition between the two sizes of companies. Moreover, there are significant differences on information assets, security vulnerability and security effectiveness, which implies difference in the users' perception on importance of assets, exposure to threats and computer virus prevention efforts between large and small-and-medium companies.