• Title/Summary/Keyword: 인터넷 공격

Search Result 1,195, Processing Time 0.025 seconds

Analysis and Improvement Strategies for Korea's Cyber Security Systems Regulations and Policies

  • Park, Dong-Kyun;Cho, Sung-Je;Soung, Jea-Hyen
    • Korean Security Journal
    • /
    • no.18
    • /
    • pp.169-190
    • /
    • 2009
  • Today, the rapid advance of scientific technologies has brought about fundamental changes to the types and levels of terrorism while the war against the world more than one thousand small and big terrorists and crime organizations has already begun. A method highly likely to be employed by terrorist groups that are using 21st Century state of the art technology is cyber terrorism. In many instances, things that you could only imagine in reality could be made possible in the cyber space. An easy example would be to randomly alter a letter in the blood type of a terrorism subject in the health care data system, which could inflict harm to subjects and impact the overturning of the opponent's system or regime. The CIH Virus Crisis which occurred on April 26, 1999 had significant implications in various aspects. A virus program made of just a few lines by Taiwanese college students without any specific objective ended up spreading widely throughout the Internet, causing damage to 30,000 PCs in Korea and over 2 billion won in monetary damages in repairs and data recovery. Despite of such risks of cyber terrorism, a great number of Korean sites are employing loose security measures. In fact, there are many cases where a company with millions of subscribers has very slackened security systems. A nationwide preparation for cyber terrorism is called for. In this context, this research will analyze the current status of Korea's cyber security systems and its laws from a policy perspective, and move on to propose improvement strategies. This research suggests the following solutions. First, the National Cyber Security Management Act should be passed to have its effectiveness as the national cyber security management regulation. With the Act's establishment, a more efficient and proactive response to cyber security management will be made possible within a nationwide cyber security framework, and define its relationship with other related laws. The newly passed National Cyber Security Management Act will eliminate inefficiencies that are caused by functional redundancies dispersed across individual sectors in current legislation. Second, to ensure efficient nationwide cyber security management, national cyber security standards and models should be proposed; while at the same time a national cyber security management organizational structure should be established to implement national cyber security policies at each government-agencies and social-components. The National Cyber Security Center must serve as the comprehensive collection, analysis and processing point for national cyber crisis related information, oversee each government agency, and build collaborative relations with the private sector. Also, national and comprehensive response system in which both the private and public sectors participate should be set up, for advance detection and prevention of cyber crisis risks and for a consolidated and timely response using national resources in times of crisis.

  • PDF

Identifying Bridging Nodes and Their Essentiality in the Protein-Protein Interaction Networks (단백질 상호작용 네트워크에서 연결노드 추출과 그 중요도 측정)

  • Ahn, Myoung-Sang;Ko, Jeong-Hwan;Yoo, Jae-Soo;Cho, Wan-Sup
    • Journal of Korea Society of Industrial Information Systems
    • /
    • v.12 no.5
    • /
    • pp.1-13
    • /
    • 2007
  • In this research, we found out that bridging nodes have great effect on the robustness of protein-protein interaction networks. Until now, many researchers have focused on node's degree as node's essentiality. Hub nodes in the scale-free network are very essential in the network robustness. Some researchers have tried to relate node's essentiality with node's betweenness centrality. These approaches with betweenness centrality are reasonable but there is a positive relation between node's degree and betweenness centrality value. So, there are no differences between two approaches. We first define a bridging node as the node with low connectivity and high betweenness value, we then verify that such a bridging node is a primary factor in the network robustness. For a biological network database from Internet, we demonstrate that the removal of bridging nodes defragment an entire network severally and the importance of the bridging nodes in the network robustness.

  • PDF

Game Theoretic Optimization of Investment Portfolio Considering the Performance of Information Security Countermeasure (정보보호 대책의 성능을 고려한 투자 포트폴리오의 게임 이론적 최적화)

  • Lee, Sang-Hoon;Kim, Tae-Sung
    • Journal of Intelligence and Information Systems
    • /
    • v.26 no.3
    • /
    • pp.37-50
    • /
    • 2020
  • Information security has become an important issue in the world. Various information and communication technologies, such as the Internet of Things, big data, cloud, and artificial intelligence, are developing, and the need for information security is increasing. Although the necessity of information security is expanding according to the development of information and communication technology, interest in information security investment is insufficient. In general, measuring the effect of information security investment is difficult, so appropriate investment is not being practice, and organizations are decreasing their information security investment. In addition, since the types and specification of information security measures are diverse, it is difficult to compare and evaluate the information security countermeasures objectively, and there is a lack of decision-making methods about information security investment. To develop the organization, policies and decisions related to information security are essential, and measuring the effect of information security investment is necessary. Therefore, this study proposes a method of constructing an investment portfolio for information security measures using game theory and derives an optimal defence probability. Using the two-person game model, the information security manager and the attacker are assumed to be the game players, and the information security countermeasures and information security threats are assumed as the strategy of the players, respectively. A zero-sum game that the sum of the players' payoffs is zero is assumed, and we derive a solution of a mixed strategy game in which a strategy is selected according to probability distribution among strategies. In the real world, there are various types of information security threats exist, so multiple information security measures should be considered to maintain the appropriate information security level of information systems. We assume that the defence ratio of the information security countermeasures is known, and we derive the optimal solution of the mixed strategy game using linear programming. The contributions of this study are as follows. First, we conduct analysis using real performance data of information security measures. Information security managers of organizations can use the methodology suggested in this study to make practical decisions when establishing investment portfolio for information security countermeasures. Second, the investment weight of information security countermeasures is derived. Since we derive the weight of each information security measure, not just whether or not information security measures have been invested, it is easy to construct an information security investment portfolio in a situation where investment decisions need to be made in consideration of a number of information security countermeasures. Finally, it is possible to find the optimal defence probability after constructing an investment portfolio of information security countermeasures. The information security managers of organizations can measure the specific investment effect by drawing out information security countermeasures that fit the organization's information security investment budget. Also, numerical examples are presented and computational results are analyzed. Based on the performance of various information security countermeasures: Firewall, IPS, and Antivirus, data related to information security measures are collected to construct a portfolio of information security countermeasures. The defence ratio of the information security countermeasures is created using a uniform distribution, and a coverage of performance is derived based on the report of each information security countermeasure. According to numerical examples that considered Firewall, IPS, and Antivirus as information security countermeasures, the investment weights of Firewall, IPS, and Antivirus are optimized to 60.74%, 39.26%, and 0%, respectively. The result shows that the defence probability of the organization is maximized to 83.87%. When the methodology and examples of this study are used in practice, information security managers can consider various types of information security measures, and the appropriate investment level of each measure can be reflected in the organization's budget.

Sleep and Suicidal Risk Factors in Korean High School Students (고등학생 청소년들의 수면과 자살위험요인)

  • Jeong, Ja-Hyun;Jang, Yong-E;Lee, Hae-Woo;Shim, Hyun-Bo;Choi, Jin-Sook
    • Sleep Medicine and Psychophysiology
    • /
    • v.20 no.1
    • /
    • pp.22-30
    • /
    • 2013
  • Objectives: Sleep problems has been consistently reported as a suicidal risk factor in adults and, recently, also in adolescents. In this study, dividing study subjects by the previous suicidal behaviors (suicidal vs non-suicidal), we compared the group differences of suicidal risk factors, and examined the possibility of sleep as a suicidal risk factor. Methods: Study subjects were 561 (271 boys and 290 girls) from a community sample of high school students. Suicidal Risk Behavior Checklist, Center for Epidemiological Study-Depression (CES-D), Symptom Checklist-90-Revision (SCL-90-R) Anxiety and Aggression subscale, Pittsburg Sleep Quality Index (PSQI) were done. Results: Forty six students (8.1%) reported previous actual self-harm behavior as a suicidal attempt, 181 students (32.4%) reported having suicidal thought only. Three hundred thirty four students (59.5%) reported no previous suicidal behavior (thought and attempt, both). Suicidal behavior group showed higher score on risk behaviors such as school violence, substance use and internet addiction. CES-D, SCL-90-R, PSQI showed significant group difference. Logistic regression analysis showed suicidal risk were significantly associated with depression, stress in suicidal risk factors and sleep latency, daytime dysfunction in PSQI. Analysis of variance (ANOVA) shows the most prolonged sleep latency and increased index of all PSQI components except sleep efficiency in suicidal attempt group. Conclusions: Sleep Problems had a strong association with the suicidal risk behavior in adolescents. Sleep problems, especially, prolonged sleep latency, daytime dysfunction might be important markers for suicidal behavior. Screening for sleep problems in adolescents are encouraged for the parents, school teachers, and related medical physicians.

Analysis of Posting Preferences and Prediction of Update Probability on Blogs (블로그에서 포스팅 성향 분석과 갱신 가능성 예측)

  • Lee, Bum-Suk;Hwang, Byung-Yeon
    • Journal of KIISE:Databases
    • /
    • v.37 no.5
    • /
    • pp.258-266
    • /
    • 2010
  • In this paper, we introduce a novel method to predict next update of blogs. The number of RSS feeds registered on meta-blogs is on the order of several million. Checking for updates is very time consuming and imposes a heavy burden on network resources. Since blog search engine has limited resources, there is a fix number of blogs that it can visit on a day. Nevertheless we need to maximize chances of getting new data, and the proposed method which predicts update probability on blogs could bring better chances for it. Also this work is important to avoid distributed denial-of-service attack for the owners of blogs. Furthermore, for the internet as whole this work is important, too, because our approach could minimize traffic. In this study, we assumed that there is a specific pattern to when a blogger is actively posting, in terms of days of the week and, more specifically, hours of the day. We analyzed 15,119 blogs to determine a blogger's posting preference. This paper proposes a method to predict the update probability based on a blogger's posting history and preferred days of the week. We applied proposed method to 12,115 blogs to check the precision of our predictions. The evaluation shows that the model has a precision of 0.5 for over 93.06% of the blogs examined.

Information Hiding Technique in Smart Phone for the Implementation of GIS Web-Map Service (GIS 웹 맵 서비스 구현을 위한 스마트 폰에서의 정보은닉 기법)

  • Kim, Jin-Ho;Seo, Yong-Su;Kwon, Ki-Ryong
    • Journal of Korea Multimedia Society
    • /
    • v.13 no.5
    • /
    • pp.710-721
    • /
    • 2010
  • Recently, for the advancement of embedded technology about mobile device, a new kind of service, mash-up is appeared. It is service or application combining multimedia content making tool or device and web-GIS(geographic information system) service in the mobile environment. This service can be ease to use for casual user and can apply in various ways. So, It is served in web 2.0 environment actively. But, in the mashup service, because generated multimedia contents linked with web map are new type of multimedia contents which include user's migration routes in the space such as GPS coordinates. Thus, there are no protection ways for intellectual property created by GIS web-map service users and user's privacy. In this paper, we proposed a location and user information hiding scheme for GIS web-map service. This scheme embeds location and user information into a picture that is taken by camera module on the mobile phone. It is not only protecting way for user's privacy but is also tracing way against illegal photographer who is peeping person through hidden camera. And than, we also realized proposed scheme on the mobile smart phone. For minimizing margin of error about location coordinate value against contents manipulating attacks, GPS information is embedded into chrominance signal of contents considering weight of each digit about binary type of GPS coordinate value. And for tracing illegal photographer, user information such as serial number of mobile phone, phone number and photographing date is embedded into frequency spectrum of contents luminance signal. In the experimental results, we confirmed that the error of extracted information against various image processing attacks is within reliable tolerance. And after file format translation attack, we extracted embedded information from the attacked contents without no damage. Using similarity between extracted one and original templete, we also extracted whole information from damaged chrominance signal of contents by various image processing attacks.

A Scheme for Secure Storage and Retrieval of (ID, Password) Pairs Using Smart Cards as Secure and Portable Storages (안전한 휴대 저장장치로서의 스마트카드를 활용한 (ID, 패스워드) 쌍들의 안전한 저장 및 검색 기법)

  • Park, Jun-Cheol
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.39B no.6
    • /
    • pp.333-340
    • /
    • 2014
  • Despite the security weakness of reusing passwords, many Internet users are likely to use a single ID and password on various sites to avoid the inconvenience of remembering multiple credentials. This paper proposes a scheme for securely storing, retrieving, and updating randomly chosen (ID, password) pairs by using smart cards as secure and portable storages. The scheme makes a user free from remembering her (ID, password) pairs for Internet accesses. By splitting and scattering the (ID, password) pairs of a user across the user's smart card memory and a remote server's storage, it can protect the logon credentials even from the theft or loss of the smart card. Also, a user, if deemed necessary, can issue and let the server to delete all information belonging to the user. Hence even an attacker who cracked the smart card memory would not be able to obtain any (ID, password) pair of the victim thereafter. The scheme requires a user to input a site information and pass-phrase to her smart card to obtain the logon credentials, but it should be an acceptable overhead considering the benefits of not remembering the freely chosen (ID, password) pairs at all.

Secure File Transfer Method and Forensic Readiness by converting file format in Network Segmentation Environment (망분리 환경에서 파일형식 변환을 통한 안전한 파일 전송 및 포렌식 준비도 구축 연구)

  • Han, Jaehyeok;Yoon, Youngin;Hur, Gimin;Lee, Jaeyeon;Choi, Jeongin;Hong, SeokJun;Lee, Sangjin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.29 no.4
    • /
    • pp.859-866
    • /
    • 2019
  • Cybersecurity attack targeting a specific user is rising in number, even enterprises are trying to strengthen their cybersecurity. Network segmentation environment where public network and private network are separated could block information coming from the outside, however, it is unable to control outside information for business efficiency and productivity. Even if enterprises try to enhance security policies and introduce the network segmentation system and a solution incorporating CDR technology to remove unnecessary data contained in files, it is still exposed to security threats. Therefore, we suggest a system that uses file format conversion to transmit a secure file in the network separation environment. The secure file is converted into an image file from a document, as it reflects attack patterns of inserting malicious code into the document file. Additionally, this paper proposes a system in the environment which functions that a document file can keep information for incident response, considering forensic readiness.

A Sanitizer for Detecting Vulnerable Code Patterns in uC/OS-II Operating System-based Firmware for Programmable Logic Controllers (PLC용 uC/OS-II 운영체제 기반 펌웨어에서 발생 가능한 취약점 패턴 탐지 새니타이저)

  • Han, Seungjae;Lee, Keonyong;You, Guenha;Cho, Seong-je
    • Journal of Software Assessment and Valuation
    • /
    • v.16 no.1
    • /
    • pp.65-79
    • /
    • 2020
  • As Programmable Logic Controllers (PLCs), popular components in industrial control systems (ICS), are incorporated with the technologies such as micro-controllers, real-time operating systems, and communication capabilities. As the latest PLCs have been connected to the Internet, they are becoming a main target of cyber threats. This paper proposes two sanitizers that improve the security of uC/OS-II based firmware for a PLC. That is, we devise BU sanitizer for detecting out-of-bounds accesses to buffers and UaF sanitizer for fixing use-after-free bugs in the firmware. They can sanitize the binary firmware image generated in a desktop PC before downloading it to the PLC. The BU sanitizer can also detect the violation of control flow integrity using both call graph and symbols of functions in the firmware image. We have implemented the proposed two sanitizers as a prototype system on a PLC running uC/OS-II and demonstrated the effectiveness of them by performing experiments as well as comparing them with the existing sanitizers. These findings can be used to detect and mitigate unintended vulnerabilities during the firmware development phase.

Study on security method for scenario-based smartphone vulnerability (시나리오 기반의 스마트폰 취약점에 대한 보안방안 연구)

  • Lee, Jaeho;Son, Minwoo;Lee, Sang-Joon
    • Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
    • /
    • v.8 no.6
    • /
    • pp.835-844
    • /
    • 2018
  • Recently, as the number of smartphone users has been increasing worldwide, various services such as electronic payment, internet use, and financial settlement are being used as a smartphone. In addition, researches for home appliance control and automobile control using smartphone are conducted. As such, smartphone users can enjoy a more convenient life, but by hacking smartphones, tapping texts and conversations on smartphones, tracking location through spy apps, DDoS attacks using smartphones, and malicious apps When a message is received at a specific telephone number when using a micropayment, the corresponding text message is transmitted to a remote server, thereby increasing the risk of leakage of personal information and the like. Therefore, in this paper, we define the risk factors of the smartphone that are caused by the internal and external environmental, physical, contents (apps) of the smartphone through the smartphone that we use in real life, We propose a method to check vulnerability of smartphone security solution such as CC evaluation and the most effective response technique for each risk of smartphone by defining the technique.