• The Journal of the Korea Contents Association
• /
• v.21 no.2
• /
• pp.499-506
• /
• 2021

Hackers' cyber attack techniques are becoming more sophisticated and diversified, with a form of attack that has never been seen before. In terms of information security vulnerability standard code (CVE), about 90,000 new codes were registered from 2015 to 2020. This indicates that security threats are increasing rapidly. When new security vulnerabilities occur, damage should be minimized by preparing countermeasures for them, but in many cases, companies are insufficient to cover the security management level and response system with a limited security IT budget. The reason is that it takes about a month for analysts to discover vulnerabilities through manual analysis, prepare countermeasures through security equipment, and patch security vulnerabilities. In the case of the public sector, the National Cyber Safety Center distributes and manages security operation policies in a batch. However, it is not easy to accept the security policy according to the characteristics of the manufacturer, and it takes about 3 weeks or more to verify the traffic for each section. In addition, when abnormal traffic inflow occurs, countermeasures such as detection and detection of infringement attacks through vulnerability analysis must be prepared, but there are limitations in response due to the absence of specialized security experts. In this paper, we proposed a method of using the security policy information sharing site "snort.org" to prepare effective countermeasures against new security vulnerability attacks.

• Proceedings of the Korea Water Resources Association Conference
• /
• 2017.05a
• /
• pp.1-1
• /
• 2017

녹조현상은 부영양화된 호수나 유속이 느린 하천에서 부유성의 조류(식물 플랑크톤)가 대량 증식하여 수면에 집적하게 되고 물의 색을 현저하게 녹색으로 변화시킴으로써 발생된다. 최근에는 이러한 녹조 현상이 광역화, 독성화, 장기화의 특성을 띠며 빈번히 발생되고 있다. 녹조현상은 독소를 발생시키는 남조류에 의해 수생식물에 악영향을 주는 것으로 알려져 있다. 예를 들면 독소에 의한 가축에의 영향, 생태계 파괴로 인한 생태학적인 문제, 산소결핍으로 인한 물고기 및 각종 수중생물 폐사 등의 심각한 문제를 야기한다. 또한 조류는 식수에서 맛과 냄새를 유발할 뿐 아니라 Microcystin-LR과 같은 유해한 독소를 배출하여 공중 보건을 위협한다. 이에 식수원으로 사용되는 하천의 조류 번식에 따른 대응방안 마련이 절실히 요구된다. 유입되는 조류로 부터의 정수처리 설비의 처리 부하를 줄이기 위해서는 취수시스템과 연계한 고속 전처리 조류 제거 시스템을 개발이 필요하다. 기존의 전기응집부상공정(Electro-Coagulation and Flotation, ECF)은 화학 약품(응집제) 투여량이 적은 이점이 있지만 비교적 긴 전기 분해 시간이 필요하여 기존 정수처리 시스템과 연계성에 있어 한계가 있다. 이에 본 연구는 전기 분해 시간을 줄여 유입된 조류를 수 초 내에 응집하여 1분 이내에 조류를 분리하는 초고속 조류 전처리 기술을 개발하였다. 개발된 기술의 현장적용 및 실험 결과, 응집과정이 없이도 Chlo-a는 약 45 %의 제거 효율을 나타났다. 또한 응집제의 투입 및 전극에 의한 부상시스템에 의해 Chlo-a가 약 80 %로 제거되는 것으로 나타나 빈번하게 발생되는 조류로부터 안정적인 물 공급을 위한 전처리 공정으로 활용이 가능할 것으로 판단된다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.93-101
• /
• 2008

Side channel attacks are well known as one of the most powerful physical attacks against low-power cryptographic devices and do not take into account of the target's theoretical security. As an important succeeding factor in side channel attacks (specifically in DPAs), exact time-axis alignment methods are used to overcome misalignments caused by trigger jittering, noise and even some countermeasures intentionally applied to defend against side channel attacks such as random clock generation. However, the currently existing alignment methods consider only on the position of signals on time-axis, which is ineffective for certain countermeasures based on time-axis misalignments. This paper proposes a new signal alignment method based on interpolation and decimation techniques. Our proposal can align the size as well as the signals' position on time-axis. The validity of our proposed method is then evaluated experimentally with a smart card chip, and the results demonstrated that the proposed method is more efficient than the existing alignment methods.

• Journal of Convergence Society for SMB
• /
• v.5 no.2
• /
• pp.1-6
• /
• 2015

Small and medium-sized companies lack countermeasures to secure the safety of a information system. In this circumstance, they have difficulties regarding the damage to their images and legal losses, when the information is leaked. This paper examines the information leakage of the system and hacking methods including APT attacks. Especially, APT attack, Advanced Persistent Threats, means that a hacker sneaks into a target and has a latency period of time and skims all the information related to the target, and acts in the backstage and neutralize the security services without leaving traces. Because he attacks the target covering up his traces not to reveal them, the victim remains unnoticed, which increases the damage. This study examines attack methods and the process of them and seeks a countermeasure.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.3
• /
• pp.69-77
• /
• 2008

In the recent years, power attacks were widely investigated, and so various countermeasures have been proposed. In the case of block ciphers, masking methods that blind the intermediate results in the algorithm computations(encryption, decryption, and key-schedule) are well-known. Applications of masking methods are able to vary in different block ciphers, therefore suitable masking methods about each ciphers have been researched. Existed methods of ARIA have many revisions of mask value. And because existed masking methods pay no regard for key schedule, secret information can be exposed. In the case of ARIA, this problem is more serious than different block ciphers. Therefore we proposes an efficient masking scheme of ARIA including the key-schedule. Our method reduces time-complexity of ARIA encryption, and solve table-size problem of the general ARIA masking scheme from 256*8 byte to 256*6 byte.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.11B
• /
• pp.1297-1304
• /
• 2011

SIP(Session Initiation Protocol) has some security vulnerability because it works on the Internet. Therefore, the proxy server can be affected by the flooding attack such as DoS and service interruption. However, traditional schemes to corresponding Denial of Service attacks have some limitation. These schemes have high complexity and cannot protect to the variety of Denial of Service attack. In this paper, we newly define the normal user who makes a normal session observed by verifier module. Our method provides continuous service to the normal users in the various situations of Denial of Service attack as constructing a whitelist using normal user information. Various types of attack/normal traffic are modeled by using OPNET simulator to verify our scheme. The simulation results show that our proposed scheme can prevent DoS attack and achieve a low false rate and fast searching time.

• Convergence Security Journal
• /
• v.18 no.2
• /
• pp.133-139
• /
• 2018

The 5 Game changer means the concepts of the army's operation against the enemy's asymmetric threats so that minimize damage to the public and leads to victory in war in the shortest time. A study of network architecture of Dronebot operation is a key study to carry out integrated operation with integrated C4I system by organically linking several drones battle groups through ICT. The NBC reconnaissance drones can be used instead of vehicles and humans to detect NBC materials and share situations quickly. However, there is still a lack of research on the swarm flight of the NBC reconnaissance drones and the weaknesses of cyber electronic warfare. In this study, we present weaknesses and countermeasures of CBRNs in swarm flight operations and provide a basis for future research.

• The Journal of Society for e-Business Studies
• /
• v.16 no.2
• /
• pp.129-142
• /
• 2011

Traditionally research in Service Oriented Architecture(SOA) security has focused primarily on exploiting standards and solutions separately. There exists no unified methodology for SOA security to manage risks at the enterprise level. It needs to analyze preliminarily security threats and to manage enterprise risks by identifying vulnerabilities of SOA. In this paper, we propose a metric-based vulnerability assessment method using dynamic properties of services in SOA. The method is to assess vulnerability at the architecture level as well as the service level by measuring run-time dependency between services. The run-time dependency between services is an important characteristic to understand which services are affected by a vulnerable service. All services which directly or indirectly depend on the vulnerable service are exposed to the risk. Thus run-time dependency is a good indicator of vulnerability of SOA.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.3
• /
• pp.65-72
• /
• 2020

With the development of information technology and the growth of the scale of system and network, cyber threats and crimes continue to increase. To cope with these threats, cybersecurity training based on actual attacks and defenses is required. However, cybersecurity training requires expert analysis and attack performance, which is inefficient in terms of cost and time. In this paper, we propose a cyber attack simulator that automatically executes attack techniques. This simulator generates attack scenarios by combining attack techniques modeled to be implemented and executes the attack by sequentially executing the derived scenarios. In order to verify the effectiveness of the proposed attack simulator, we experimented by setting an example attack goal and scenarios in a real environment. The attack simulator successfully performed five attack techniques to gain administrator privileges.

• Journal of Advanced Navigation Technology
• /
• v.19 no.5
• /
• pp.363-369
• /
• 2015

This paper describes deployment of a sea based sensor platform for the detection of a submarine launched ballistic missile (SLBM). Recently, North Korea successfully conducted the underwater launching test of the SLBM, which will seriously threaten the global security. To defend these threats successfully, a sensor platform of the ballistic missile defense (BMD) should be deployed in the area of high detection probability of the missile. The maximum detection range characteristics of the typical radar sensor system, however, depend on the radar cross section (RCS) and flight trajectories of the target. In this point of view, this work analyzed the flight trajectories based on the tactics and calculated the RCS of the SLBM. In addition, sea based sensor platform position is proposed from the analysis of the detection time.