• Review of KIISC
• /
• v.30 no.2
• /
• pp.41-48
• /
• 2020

최근 자율주행 자동차의 발전은 자동차제조업체뿐만 아니라 ICT 기업도 참여하면서 매우 빠르게 발전하고 있다. 자율주행기술이 발달함에 따라 외부와의 통신을 통해 더욱 안전한 자율주행이 가능할 것이다. 하지만 외부와의 연결은 외부 IT 시스템의 위협이 차량 내부에 영향을 미치게 될 수 있고 이는 인명피해로 이어질 수 있다. 자율주행자동차의 통신은 실시간으로 다양한 메시지를 처리해야 하기 때문에 가용성이 매우 중요하다. 기존 IT 시스템에 존재하는 가용성을 위협하는 공격은 대표적으로 DoS 공격이 있다. 본 논문에서는 자율주행자동차 V2V 통신을 위해 사용되는 프로토콜을 살펴보고 발생할 수 있는 DoS 공격유형과 현재 연구되고 있는 대응기술에 대한 동향을 소개한다.

• Journal of Convergence for Information Technology
• /
• v.9 no.3
• /
• pp.1-7
• /
• 2019

There are various cyber attacks on business PCs. In order to reduce the threat of PC security, we are preventing the vulnerability from being diagnosed beforehand. However, this guideline is difficult to cope with because the domestic vulnerability guide does not update the diagnostic items. In this paper, we examine the cyber infringement cases of PCs and the diagnostic items of foreign technical vulnerabilities in order to cope with security threats. In addition, an improved guide is provided by comparing the differences in the diagnostic items of technical vulnerability from abroad and domestic. Through 41 proposed technical vulnerability improvement items, it was found that various security threats can be coped with. Currently, it is mainly able to respond to only known vulnerabilities, but we hope that applying this guideline will reduce unknown security threats.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.11a
• /
• pp.655-656
• /
• 2009

인터넷전화는 저렴한 가격과 다양한 서비스를 장점과 번호이동과 같은 정부 정책에 힘입어 급속한 성장을 이루고있다. SIP는 VoIP의 시그널링 프로토콜로서 다양한 부가서비스 제공을 위해 기존의 H.323을 대체하고 있을뿐만 아니라, IMS의 시그널링 제어 프로토콜로 채택되어 향후 SIP기반 응용서비스의 급속한 성장이 예상된다. 하지만 SIP기반 응용서비스는 기존의 IP 망에서 발생되는 보안 위협뿐만 아니라 SIP 특성에 기인한 신규 위협에 의한 피해 사례가 발생하고 있음에도 불구하고, 현재 보안 시스템으로는 이러한 위협에 효과적으로 대응하지 못하고 있다. 본 논문에서는 SIP기반 네트워크 보안 위협에 대해서 설명하고, 이러한 공격을 탐지 및 대응할 수 있는 SIP-Aware 침입방지시스템 설계 및 구조도를 설명한다.

• Convergence Security Journal
• /
• v.23 no.5
• /
• pp.173-179
• /
• 2023

The 4th Industrial Revolution technology has emerged as a solution to build a hyper-connected, super-intelligent network-oriented operational environment, overcoming the obstacles of reducing troops and defense budgets facing the current military. However, the overall risk management, including the increase in complexity of the latest inform ation technology and the verification of the impact with the existing information system, is insufficient, leading to serious threats to system integrity and availability, or negatively affecting interoperability between systems. It can be inhibited. In this paper, we suggest cyber threat response strategies for our military to prepare for cyber threats by examining information security risk management in the United States in order to protect military information assets from cyber threats that may arise due to the advancement of information technology.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.1
• /
• pp.69-79
• /
• 2013

Recently, many enterprises are suffering from advanced types of malware and their variants including intelligent malware that can evade the current security systems. This addresses the fact that current security systems have limits on protecting advanced and intelligent security threats. To enhance the overall level of security, first of all, it needs to increase detection ratio of each security solution within a security system. In addition, it is also necessary to implement internetworking between multiple security solutions to increase detection ratio and response speed. In this paper, we suggest a collaborative security response method to overcome the limitations of the previous Internet service security solutions. The proposed method can show an enhanced result to respond to intelligent security threats.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2022.05a
• /
• pp.208-211
• /
• 2022

최근 COVID-19 팬데믹 시대 도래로 ICT 기술 기반의 지능화된 사회실현에 대한 관심이 높아지고 있지만, 사이버 위협의 다변화로 그 범위와 피해 또한 확대되고 있다. 특히, 개인의 민감 데이터뿐만 아니라, 산업체와 공공기관의 사이버 위험성 및 노출은 심각한 문제가 발생할 수 있다. 본 논문에서는 이러한 정보보호 분야에서의 위협행위 등을 탐지, 분석, 대응할 수 있는 교육 프로그램 개발과 전문 인력양성을 위한 사이버 레인지의 국내·외 기술 동향을 살펴보고자 한다. 마지막으로, 더욱 지능화되고 발전하는 사이버 위협으로부터 이를 방지하고 대응하기 위한 사이버 레인지의 발전 방향을 논하고자 한다.

• Defense and Technology
• /
• no.1 s.239
• /
• pp.40-51
• /
• 1999

우리군은 현재의 북한 위협뿐만 아니라 미래의 불확실한 위협에도 동시에 대비해야 하는 이중적 과제를 안고 있다. 첨단 군사 과학기술의 발전과 최근 주변국의 군사혁신 추세를 감안할 때, 미래 안보환경에 신축적으로 대응할 수 있도록 핵심전력 위주의 군사력 건설을 통하여 '작지만 강한 군대'를 실현해야 한다

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.2
• /
• pp.153-163
• /
• 2011

Smartphone is a mobile device which can perform better than feature phone. Recently, growth in demand for advanced mobile devices boasting powerful performance, market share of smartphone is increasing rapidly in mobile device market, for example, iphone and android phone. Smartphone can provide many functionalities, e-mail, scheduler, word-processing, 3D-game, and etc, based on its powerful performance. Thus, various secret information is integrated in smartphone. To provide service, sometimes, smartphone transmits informations to outside via wireless network. Because smartphone is a mobile device, user can lose his/her smartphone, easily, and losing smartphone can cause serious security threats, because of integrated information in smartphone. Also data which is transmitted in wireless network can be protected for privacy. Thus, in present, it is very important to keep secure smartphone. In this paper, we analyze threats and vulnerabilities of smartphone based on its environments and describe countermeasures against threats and vulnerabilities.

• Convergence Security Journal
• /
• v.9 no.1
• /
• pp.39-44
• /
• 2009

To get legitimacy of a security investment, the analysis of ROI about the security investment is required. In this paper, we suggest a practical quantitative model with considering factors that do decision-making of optimized security investment difficult. This model makes use of the value of a residual risk to decide the best information security solution and considers a corelation of response techniques of the information security solution against each threat to do exact decision-making.

• Convergence Security Journal
• /
• v.22 no.2
• /
• pp.27-42
• /
• 2022

In the era of the Fourth Industrial Revolution, digital transformation to increase the effectiveness of industry is becoming more important to achieving the goal of industrial innovation. The digital new deal and smart defense are required for digital transformation and utilize artificial intelligence, big data analysis technology, and the Internet of Things. These changes can innovate the industrial fields of national defense, society, and health with new intelligent services by continuously expanding cyberspace. As a result, work productivity, efficiency, convenience, and industrial safety will be strengthened. However, the threat of cyber-attack will also continue to increase due to expansion of the new domain of digital transformation. This paper presents the risk scenarios of cyber-attack threats in the Fourth Industrial Revolution. Further, we propose a preemptive intrusion response model to bolster the complex security environment of the future, which is one of the fundamental alternatives to solving problems relating to cyber-attack. The proposed model can be used as prior research on cyber security strategy and technology development for preemptive response to cyber threats in the future society.