• Journal of Software Engineering Society
• /
• v.28 no.1
• /
• pp.7-12
• /
• 2019

Recently, as the weight of software in the weapon system increases, the quality of the software becomes a very important factor. In order to improve the quality of the weapon system software, DAPA(Defense Acquisition Program Administration) has institutionalized software reliability in Weapon System Software Development and Management Manual. The manual presents specific methods and procedures to improve the weapon system software quality. In order to meet the required reliability test standards specified in the manual, it is necessary to continuously detect and correct defects throughout the entire development period. However, it is difficult to build proper reliability test environment due to the cost of software reliability tools, setting up secured and separated network environment, and etc. Therefore, in this study, we propose an efficient environment construction method for software reliability test of defense industry field in restricted development environment and limited resources.

• Journal of Convergence for Information Technology
• /
• v.7 no.2
• /
• pp.1-9
• /
• 2017

Recently, the DDoS attack using the amplifier method makes it difficult to distinguish the normal traffic from the normal server and it is difficult to detect even the attack detection. Since the SSDP protocol is a common protocol widely used in IoT devices, it is used as a DDoS amplification attack. In this paper, we analyze the reflector attack of SSDP which is one of the DDoS and suggest a technical proposal to detect and defend against the attack by managing the Mac address of each device. Also, we propose a control structure to protect the reflection attack of SSDP in Home IoT. The efficiency of the proposed system has been verified by performing an experimental attack on the virtual environment.

• Journal of IKEEE
• /
• v.23 no.2
• /
• pp.508-516
• /
• 2019

Smart home with various IoT devices provides convenient and efficient services. However, security is important because sensitive information such as private video and audio can be collected and processed, as well as shared over the Internet. To manage such smart home IoT devices, we use blockchain technology that provides data integrity and secure management. In this paper, we utilize a PoS(Proof of Stake) method that verifies the block through the accumulated stake in the network rather than the computation power, out of the PoW(Proof of Work) block chain, in which the computation for the existing verification must be continuously performed. Among them, we propose a blockchain based system with DPoS(Delegated Proof of Stake) method to actively solve the scalability part, for security that is suitable for smart home IoT environment. We implement the proposed system with DPoS based EOSIO to show realization, and we show performance improvement in terms of transaction processing speed.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37C no.11
• /
• pp.1011-1019
• /
• 2012

This paper presents a novel hybrid authentication scheme in the next-generation Tactical Mobile Communication Systems(TMCS) with wireless MSAP mesh networks. The existing centralized and distributed authentication methods for security between MSAPs may have their pros and cons. The centralized authentication method induces overhead from frequent MSAP association which leads to long authentication delay. On the other hand, the distributed authentication method requires initial sharing of the authentication information. Therefore, a more efficient authentication scheme is needed to protect the network from malicious MSAPs and also maximize efficiency of the network security. The proposed scheme provides a hybrid method of efficiently managing the authentication keys in the wireless MSAP mesh network to reduce the induced authentication message exchange overhead. Also, as the authentication method between MSAP and TMFT is different, a method of utilizing the ACR for handling the EAP packets is proposed. In overall, the proposed scheme provides efficient mutual authentication between MSAPs especially for tactical environments and is analyzed through performance evaluation to prove its superiority.

• Journal of Internet Computing and Services
• /
• v.21 no.1
• /
• pp.169-178
• /
• 2020

The reductions of troops/human resources, and improvement in combat power have made Korean Department of Defense actively adapt 4th Industrial Revolution technology (Artificial Intelligence, Big Data). The defense information system has been developed in various ways according to the task and the uniqueness of each military. In order to take full advantage of the 4th Industrial Revolution technology, it is necessary to improve the closed defense datamanagement system.However, the establishment and usage of data standards in all information systems for the utilization of defense big data and artificial intelligence has limitations due to security issues, business characteristics of each military, anddifficulty in standardizing large-scale systems. Based on the interworking requirements of each system, data sharing is limited through direct linkage through interoperability agreement between systems. In order to implement smart defense using the 4th Industrial Revolution technology, it is urgent to prepare a system that can share defense data and make good use of it. To technically support the defense, it is critical to develop Multi Repository Meta-Data Management (MRMM) that supports systematic standard management of defense data that manages enterprise standard and standard mapping for each system and promotes data interoperability through linkage between standards which obeys the Defense Interoperability Management Development Guidelines. We introduced MRMM, and implemented by using vocabulary similarity using machine learning and statistical approach. Based on MRMM, We expect to simplify the standardization integration of all military databases using artificial intelligence and bigdata. This will lead to huge reduction of defense budget while increasing combat power for implementing smart defense.

• Convergence Security Journal
• /
• v.20 no.3
• /
• pp.61-69
• /
• 2020

Since spear-phishing mail attacks focus on a particular target persistently to collect and take advantage of information, it can incur severe damage to the target as a part of the intelligent and new attacks such as APT attacks and social engineering attacks. The usual spam filtering services can have limits in countering spear-phishing mail attacks because of different targets, goals, and methods. In this paper, we analyze mail security services of several enterprises hosted by midium and small-sized enterprises with relatively security vulnerabilities in order to see whether their services can effectively respond spear-phishing mail attacks. According to the analysis result, we can say that most of mail security hosting services lack in responding spear-phishing mail attacks by providing functions for mainly managing mails including spam mail. The analysis result can be used as basic data to extract the effective and systematic countermeasure.

• Journal of the Health Care and Life Science
• /
• v.8 no.2
• /
• pp.83-93
• /
• 2020

In this study, a practical model for health information management education using the EMR education system at universities for nurturing health care information managers was studied. Currently, there is no practical training course for health care information management in the standards for evaluation and certification of health care information management education introduced to strengthen the job competency of health care information managers. Accordingly, the program was constructed so that the practice program suggested as an educational environment in the Health and Medical Information Management Education Evaluation and Certification Manual can be practiced in the EMR education system. In addition, a practical model that can be performed according to the on-site practice guidelines for health and medical information management for each program was studied. Using the health care information management education EMR system, master data management, patient registration, doctor prescription, medical cost calculation, health insurance claim management, form management, discharge registration, cancer registration, unrecorded management, health care data management, health care statistics, A practice model was studied so that practice on information protection/security management can be performed. It will be possible to play a role as a health care information management expert by raising the quality level of health care information management education through systematic and standardized health care information management practice courses at universities. Accordingly, it is necessary to cultivate health care information management experts who develop and manage medical services based on medical data analysis through practical training of health care information managers.

• Information Systems Review
• /
• v.25 no.3
• /
• pp.139-162
• /
• 2023

With the emergence of new digital technologies into a supply chain, it is essential for companies to incorporate these technologies in managing their supply chains. However, various challenges have been identified in digital supply chain management, especially when it comes to its assessment. There are no universally agreed measurements for the performance of digital supply chain management within the research community so far. This paper explores an option of using user experience as one of possible measurements. Therefore, three different focus-group discussions were held and later analyzed with a qualitative content analysis. The subscription-based video on demand service, Netflix was used as an example in those discussions. Due to the fact that Netflix provides a digital product as a streamline service, user experience is critical for the company. Especially, user experience with a recommender system and related privacy issues have become significant for a company to retain existing customers and attract new customers in many fields. Since the recommender system and related privacy issues are parts of a digital supply chain, user experience can be one of appropriate measurements for digital supply chain management. This study opens a new perspective for research on performance measurements of digital supply chain management.

• Archives of design research
• /
• v.11 no.1
• /
• pp.291-302
• /
• 1998

This paper covers the development process of multimedia evaluation system, especially focused on customer satisfactory factors while customers navigating net-based Interactive multimedia system. Customers usually experience new level of interaction cased by newly developed web-based technology In ordinary multimedia system. However, if it gives customers satisfactory experience is a matter of question. To find out the relationship between customer satisfaction and interactivity factors exposed by multimedia system, a model has been developed which describes the structure of web-based multimedia system and its relation to customer satisfactory factors. Five different experiments, including 'semantic differential', 'focus group interview', and 'expert review', has been conducted and four customer satisfactory factors were identified. Those are 'customery value', 'structural perfectness', 'visual perfectness', and 'contemporaneity'. With these factors and newly delveoped evaluation system, 7 different web-site has been evaluated and analyzed at the end of this report.

• The Journal of the Convergence on Culture Technology
• /
• v.7 no.1
• /
• pp.674-681
• /
• 2021

Cyber attacks targeting critical infrastructure are on the rise. Critical infrastructure is defined as core infrastructures within a country with a high degree of interdependence between the different structures; therefore, it is difficult to sufficiently protect it using outdated cybersecurity techniques. In particular, the distinction between the physical and logical risks of critical infrastructure is becoming ambiguous; therefore, risk management from a comprehensive perspective must be implemented. Accordingly, as a means of further actively protecting critical infrastructure, major countries have begun to apply their security and cybersecurity systems by design, as a more expanded concept is now being considered. This proactive security approach (CSbD, Cybersecurity by Design) includes not only securing the stability of software (SW) safety design and management, but also physical politics and device (HW) safety, precautionary and blocking measures, and overall resilience. It involves a comprehensive security system. Therefore, this study compares and analyzes security by design measures towards critical infrastructure that are leading the way in the US, Europe, and Singapore. It reflects the results of an analysis of optimal cybersecurity solutions for critical infrastructure. I would like to present a plan for applying by Design.