• Journal of Digital Convergence
• /
• v.10 no.9
• /
• pp.1-13
• /
• 2012

This study aims to analyze actual conditions of the present national defense information network operation, the structure and management of the system, communication lines, security equipments for the lines, the management of network and software, stored data and transferred data and even general vulnerable factors of our army tactical C4I system. Out of them, by carrying out an extensive analysis of the army tactical C4I system, likely to be the core of future information warfare, this study suggested plans adaptive to better information security, based on the vulnerable factors provided. Firstly, by suggesting various information security factor technologies, such as VPN (virtual private network), IPDS (intrusion prevention & detection system) and firewall system against virus and malicious software as well as security operation systems and validation programs, this study provided plans to improve the network, hardware (computer security), communication lines (communication security). Secondly, to prepare against hacking warfare which has been a social issue recently, this study suggested plans to establish countermeasures to increase the efficiency of the army tactical C4I system by investigating possible threats through an analysis of hacking techniques. Thirdly, to establish a more rational and efficient national defense information security system, this study provided a foundation by suggesting several priority factors, such as information security-related institutions and regulations and organization alignment and supplementation. On the basis of the results above, this study came to the following conclusion. To establish a successful information security system, it is essential to compose and operate an efficient 'Integrated Security System' that can detect and promptly cope with intrusion behaviors in real time through various different-type security systems and sustain the component information properly by analyzing intrusion-related information.

• KIISE Transactions on Computing Practices
• /
• v.24 no.2
• /
• pp.82-87
• /
• 2018

In the field of access control, policy conflicts must be solved and various related solutions are being researched and developed. In order to resolve the policy conflict problem, it is necessary to first identify the cause of the conflict, and as a minimum condition, it is necessary to detect the contextual elements of the policy that have influenced the policy evaluation decision. Although the XACML policy language specification provides a way to define this, the policy creator currently has limitations in not clearly describing the causes of conflicts in every contextual elements. In addition, in order to identify the causes of the policy conflict, it is necessary to acquire additional information such as other policy combination algorithms, in addition to these contextual factors. In this paper, we propose an effective method to identify contextual factors, as well as to locate additional information that cause policy conflicts.

• KIISE Transactions on Computing Practices
• /
• v.23 no.7
• /
• pp.397-407
• /
• 2017

Wireless networks make the users' work more convenient and efficient, but such networks can impair the availability of network resources and can cause leakage of important corporate information when there are security threats. In particular, damage has increased because of security attacks that take advantage of the vulnerabilities created by a wireless AP (Access Point). Public organizations and companies have gradually selected the WIPS (Wireless Intrusion Prevention System) to block wireless security threats and protect the internal network. However, it is very costly for other organizations and companies to introduce the WIPS solution. This paper proposes implementing a WIPS Sensor by using Raspberry Pi to reduce these costs and to block the various wireless LAN security threats. This implementation would protect corporate information and provide consistent services at a relatively reasonable price.

• Food Industry And Nutrition
• /
• v.11 no.3
• /
• pp.6-11
• /
• 2006

바이러스성 식중독은 장염을 일으키는 원인 병원체 중 노로바이러스에 의해 흔히 발생하며 이외에도 아스트로바이러스나 로타바이러스에 의한 집단 설사 사례가 국내에서 보고된 바 있다. 노로바이러스는 식중독과 관련하여 특히 오염된 식수와 굴 등 어패류의 생식을 통한 감염 사례가 많이 보고되어 있으나 사람 간 전파도 흔히 일어나는 전염력이 매우 높은 바이러스이다. 국내에서는 1999년 이후 보고가 되고 있으며 최근 집단 급식과 관련된 대형 식중독 사례들이 보고되면서 학교급식이 사회적인 이슈로 대두되고 있다. 2000년 이후 질병관리본부는 바이러스성 설사의 국내 발생현황을 파악하기 위하여 전국의 17개 시도보건환경 연구원과 노로바이러스를 포함한 4종의 바이러스성 장염원인 병원체에 대한 전국적인 실험실 감시체계를 운영한 결과 바이러스성 병원체가 확인된 사례의 약 18%에서 노로바이러스가 검출되었고, 집단설사 사례에서는 대부분 노로바이러스가 원인병원체로 확인되었다. 또한 노로바이러스의 조기 검출을 위해 질병관리본부는 2004년 중 노로바이러스 유전자 검출 kit를 자체적으로 제작하여 이를 전국의 시도 보건환경연구원을 연계한 감시체계에서 적극 활용함으로써 노로바이러스 집단설사사례의 조기 검출이 가능하게 되었고 지역내 노로바이러스 검출율을 높이는데 기여하였다. 국립보건연구원은 2003년과 2006년에 발생한 대규모 노로바이러스 식중독 사례 이외에도 산발적으로 지속적으로 발생하는 사례들을 조기에 탐지하고 국내에서 검출되는 설사바이러스 유전형 분포양상과 새로운 유전자형이나 변이주를 조기에 검출하고자 전국적인 노로바이러스 실험실 감시망을 강화하여 운영하고 있으며, 집단설사 발생시 각 사례의 연관성을 신속하게 분석할 수 있는 실시간 분자역학적 유전자 분석체계를 단계적으로 도입하고 있다. 실험실 감시체계 운영과 함께 집단 식중독 유발 병원체의 효율적인 관리를 위해 질병관리본부는 노로바이러스를 포함한 설사 유발 병원체를 신고대상 병원체로 지정(2006.06.12)하여 병원체 검출시 보고하도록 하고 관련 지침을 마련하였다. 노로바이러스가 지정전염병 병원체로 추가로 지정됨에 따라 집단 사례 및 실험실 감시사업을 통해 검출되는 병원체에 대한 보고가 강화되고 전파 방지와 2차 감염 사례 감소에도 기여할 수 있을 것으로 사료되며 전국의 실험실 감시망을 연결하는 국가 차원의 노로바이러스 실시간 분자역학적 분석체계 도입을 통해 노로바이러스 2차 감염을 줄이고 대규모 집단발병 및 유행의 조기 차단 효과를 가져올 수 있을 것이다.

• The Journal of Korean Institute of Electromagnetic Engineering and Science
• /
• v.27 no.9
• /
• pp.844-853
• /
• 2016

Generally, the compromising electromagnetic emanations are generated from LCD(Liquid Crystal Display) monitor which is typical output component of computer. Because display information transmitted to LCD monitor is included in these emanations, there are risks about information leakage of monitor by eavesdropping of leaked signal. So, analysis about possibility of information leakage is necessary because electromagnetic security through the electromagnetic emanations is being at issue. In this paper, the possibility of display information leakage are demonstrated by analyzing the electromagnetic emanations from desktop and laptop monitors. The characteristics of leaked signal from LCD monitor is verified by analyzing display mechanism and the electromagnetic emanations are measured in the long distance by eavesdropping experiment. Also, threat of information leakage is confirmed by recovering display information with several signal processing technique and comprising with target display.

• Journal of the Korean Society of Safety
• /
• v.31 no.6
• /
• pp.121-128
• /
• 2016

Social Media transformed the mass media based information traffic, and it has become a key resource for finding value in enterprises and public institutions. Particularly, in regards to disaster management, the necessity for public participation policy development through the use of social media is emphasized. National Disaster Management Research Institute developed the Social Big Board, which is a system that monitors social Big Data in real time for purposes of implementing social media disaster management. Social Big Board collects a daily average of 36 million tweets in Korean in real time and automatically filters disaster safety related tweets. The filtered tweets are then automatically categorized into 71 disaster safety types. This real time tweet monitoring system provides various information and insights based on the tweets, such as disaster issues, tweet frequency by region, original tweets, etc. The purpose of using this system is to take advantage of the potential benefits of social media in relations to disaster management. It is a first step towards disaster management that communicates with the people that allows us to hear the voice of the people concerning disaster issues and also understand their emotions at the same time. In this paper, Korean language text mining based Social Big Board will be briefly introduced, and disaster issue detection model, which is key algorithms, will be described. Disaster issues are divided into two categories: potential issues, which refers to abnormal signs prior to disaster events, and occurrence issues, which is a notification of disaster events. The detection models of these two categories are defined and the performance of the models are compared and evaluated.

• Journal of Digital Convergence
• /
• v.15 no.3
• /
• pp.175-180
• /
• 2017

In accordance with the development of IT industry worldwide, software industry has also grown tremendously, and it is exerting influence on the general society starting from daily life to financial organizations and public institutions. However, various security threats that can inflict serious threat to provided services in proportion to the growing software industry, have also greatly increased. In this thesis, we suggest a smart fuzzing system combined with black box and white box testing that can effectively detectxdistinguish software vulnerability which take up a large portion of the security incidents in application programs.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.3
• /
• pp.535-545
• /
• 2014

As the software industry has developed, the attacks making use of software vulnerability has become a big issue in society. In particular, because the attacks using the vulnerability of web browsers bypass Windows protection mechanism, web browsers can readily be attacked. To protect web browsers against security threat, research on fuzzing has constantly been conducted. However, most existing web browser fuzzing tools use a simple fuzzing technique which randomly mutates DOM tree. Therefore, this paper analyzed existing web browser fuzzing tools and the patterns of their already-known vulnerability to propose an event and command based fuzzing tool which can detect the latest web browser vulnerability more effectively. Three kinds of existing fuzzing tools were compared with the proposed tool. As a result, it was found that the event and command based fuzzing tool proposed was more effective.

• Journal of the Institute of Convergence Signal Processing
• /
• v.23 no.2
• /
• pp.91-96
• /
• 2022

At the current camera-based technology level, sensor-based basic life pattern recognition technology has to suffer inconvenience to obtain accurate data, and commercial band products are difficult to collect accurate data, and cannot take into account the motive, cause, and psychological effect of behavior. the current situation. In this paper, radar technology for life pattern recognition is a technology that measures the distance, speed, and angle with an object by transmitting a waveform designed to detect nearby people or objects in daily life and processing the reflected received signal. It was designed to supplement issues such as privacy protection in the existing image-based service by applying it. For the implementation of the proposed system, based on TI IWR1642 chip, RF chipset control for 60GHz band millimeter wave FMCW transmission/reception, module development for distance/speed/angle detection, and technology including signal processing software were implemented. It is expected that analysis of individual life patterns will be possible by calculating self-management and behavior sequences by extracting personalized life patterns through quantitative analysis of life patterns as meta-analysis of living information in security and safe guards application.

• Journal of the Korean Association of Geographic Information Studies
• /
• v.26 no.4
• /
• pp.67-79
• /
• 2023

Service environments through laptops, smart devices, and various IoT devices are developing very rapidly. Recent security measures in these Internet environments mainly consist of network application level solutions such as firewall(Intrusion Prevention Systems) and IDS (intrusion detection system). In addition, various security data have recently been used on-site, and issues regarding the management and destruction of such security data have been raised. Products such as DRM(Digital Rights Management) and DLP(Data Loss Prevention) are being used to manage these security data. However despite these security measures, data security measures taken out to be used in the field are operated to the extent that the data is encrypted, delivered, and stored in many environments, and measures for encryption key management or data destruction are insufficient. Based on these issues we aim to propose a SecureOS Module, an OS-based security module. With this module users can manage and operate security data through a consistent interface, addressing the problems mentioned above.