• Proceedings of the Korea Information Processing Society Conference
• /
• 2022.05a
• /
• pp.33-36
• /
• 2022

이벤트 로그(Event Log)는 윈도우 운영체제에서 시스템 로그를 기록하는 형식으로 시스템 운영에 대한 정보를 체계적으로 관리한다. 이벤트는 시스템 자체 또는 사용자의 특정 행위로 인해 발생할 수 있고, 그러한 이벤트 로그는 시스템의 시작과 종료뿐만 아니라 기업 보안 감사, 악성코드 탐지 등 행위의 근거로 사용될 수 있다. 본 논문에서는 PC 종료 관련 실험을 통해 이벤트 로그와 ID를 분석하였다. 분석 결과를 통해 PC의 정상 및 비정상 종료 여부를 판단하여, 현장 압수·수색 시 해당 저장매체에 대해 선별압수·매체압수의 해당 여부 식별이 가능하다. 본 연구는 현장수사관이 디지털증거 압수·수색 시 절차적 적법성과 증거능력 확보의 근거 활용에 기여할 수 있다.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.23 no.5
• /
• pp.21-27
• /
• 2023

As a means of helping ships navigate safely, navigational aids in operation in the maritime envirionment require periodic management, and due to the nature of the environment, it is difficult to visually check the exact state. As a result, the smart navigation aid system, which improves route safety and operational efficiency, utillizes expertise including sensors, communications, and information technology, unlike general route markings. The communication environment of the smart navigation aid system, which aims to ensure the safety of the navigators operating the ship and the safety of the ship, uses a wireless communication network in accordance with the marine environment. The ship collects the information necessary for the maritime environment on the land and operates. In this process, there is a need to consider the wireless communication security guideline. Basically, based on IHO S-100 a standard for facilitating data exchange and SECOM, which provides an interface for safe communication. This paper research a security system for safe communication in a maritime environment. The security system for the basic interface based on the document was presented, and there were some vulnerabillties to data exchange due to the wireless communication characteristics of the maritime environment, and the user authetication part was added considering the vulnerability that unauthorized users can access the service.

• Convergence Security Journal
• /
• v.20 no.2
• /
• pp.91-99
• /
• 2020

The purpose of this study is to present the application of Information and Communication Technology(ICT) during the 4th Industrial Revolution for the efficient implementation of government emergency preparedness policies. Brainstorming by experts categorized the government's emergency preparedness policies into 4 types and 12 detailed tasks. Classification results were used by AHP(Analytic Hierarchy Process) to analyze relative importance and priorities. The AHP survey found that strengthening crisis management responsiveness was the most important detailed task. Artificial Intelligence(AI), Internet of Things(IoT), Unmanned Autonomy System, Virtual Reality(VR), and Augmented Reality(AR) were presented as major information and communication technology(ICT) for the efficient execution of detailed tasks.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2017.11a
• /
• pp.582-585
• /
• 2017

본 논문에서는 구글 드라이브, 드롭박스 등 여러 회사에서 제공하고 있는 클라우드들을 하나의 플랫폼으로 통합하여 체계적이고 효율적으로 관리할 수 있는 시스템을 제안한다. 또한 해당 시스템을 통한 파일 업로드 및 다운로드를 진행할 경우, 파일을 여러 개의 패킷으로 분할하여 등록 된 클라우드에 각각 저장함으로써, 사용자의 데이터를 안전하게 보호할 수 있는 환경을 구축하고자 한다. 이를 위해 활용된 오픈 API와 독자적으로 구축한 파일 시스템에 대해 설명하고, 실제 구현한 소프트웨어가 정상적으로 작동하는지 실험을 통해 검증하고자 한다. 최근 클라우드 보안 문제가 대두되는 시점에서 제안한 시스템이 향후 데이터를 보호하기 위한 기술로 활용될 수 있기를 기대한다.

• Journal of Software Engineering Society
• /
• v.28 no.1
• /
• pp.7-12
• /
• 2019

Recently, as the weight of software in the weapon system increases, the quality of the software becomes a very important factor. In order to improve the quality of the weapon system software, DAPA(Defense Acquisition Program Administration) has institutionalized software reliability in Weapon System Software Development and Management Manual. The manual presents specific methods and procedures to improve the weapon system software quality. In order to meet the required reliability test standards specified in the manual, it is necessary to continuously detect and correct defects throughout the entire development period. However, it is difficult to build proper reliability test environment due to the cost of software reliability tools, setting up secured and separated network environment, and etc. Therefore, in this study, we propose an efficient environment construction method for software reliability test of defense industry field in restricted development environment and limited resources.

• Journal of Convergence for Information Technology
• /
• v.7 no.2
• /
• pp.1-9
• /
• 2017

Recently, the DDoS attack using the amplifier method makes it difficult to distinguish the normal traffic from the normal server and it is difficult to detect even the attack detection. Since the SSDP protocol is a common protocol widely used in IoT devices, it is used as a DDoS amplification attack. In this paper, we analyze the reflector attack of SSDP which is one of the DDoS and suggest a technical proposal to detect and defend against the attack by managing the Mac address of each device. Also, we propose a control structure to protect the reflection attack of SSDP in Home IoT. The efficiency of the proposed system has been verified by performing an experimental attack on the virtual environment.

• Journal of IKEEE
• /
• v.23 no.2
• /
• pp.508-516
• /
• 2019

Smart home with various IoT devices provides convenient and efficient services. However, security is important because sensitive information such as private video and audio can be collected and processed, as well as shared over the Internet. To manage such smart home IoT devices, we use blockchain technology that provides data integrity and secure management. In this paper, we utilize a PoS(Proof of Stake) method that verifies the block through the accumulated stake in the network rather than the computation power, out of the PoW(Proof of Work) block chain, in which the computation for the existing verification must be continuously performed. Among them, we propose a blockchain based system with DPoS(Delegated Proof of Stake) method to actively solve the scalability part, for security that is suitable for smart home IoT environment. We implement the proposed system with DPoS based EOSIO to show realization, and we show performance improvement in terms of transaction processing speed.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37C no.11
• /
• pp.1011-1019
• /
• 2012

This paper presents a novel hybrid authentication scheme in the next-generation Tactical Mobile Communication Systems(TMCS) with wireless MSAP mesh networks. The existing centralized and distributed authentication methods for security between MSAPs may have their pros and cons. The centralized authentication method induces overhead from frequent MSAP association which leads to long authentication delay. On the other hand, the distributed authentication method requires initial sharing of the authentication information. Therefore, a more efficient authentication scheme is needed to protect the network from malicious MSAPs and also maximize efficiency of the network security. The proposed scheme provides a hybrid method of efficiently managing the authentication keys in the wireless MSAP mesh network to reduce the induced authentication message exchange overhead. Also, as the authentication method between MSAP and TMFT is different, a method of utilizing the ACR for handling the EAP packets is proposed. In overall, the proposed scheme provides efficient mutual authentication between MSAPs especially for tactical environments and is analyzed through performance evaluation to prove its superiority.

• Journal of Internet Computing and Services
• /
• v.21 no.1
• /
• pp.169-178
• /
• 2020

The reductions of troops/human resources, and improvement in combat power have made Korean Department of Defense actively adapt 4th Industrial Revolution technology (Artificial Intelligence, Big Data). The defense information system has been developed in various ways according to the task and the uniqueness of each military. In order to take full advantage of the 4th Industrial Revolution technology, it is necessary to improve the closed defense datamanagement system.However, the establishment and usage of data standards in all information systems for the utilization of defense big data and artificial intelligence has limitations due to security issues, business characteristics of each military, anddifficulty in standardizing large-scale systems. Based on the interworking requirements of each system, data sharing is limited through direct linkage through interoperability agreement between systems. In order to implement smart defense using the 4th Industrial Revolution technology, it is urgent to prepare a system that can share defense data and make good use of it. To technically support the defense, it is critical to develop Multi Repository Meta-Data Management (MRMM) that supports systematic standard management of defense data that manages enterprise standard and standard mapping for each system and promotes data interoperability through linkage between standards which obeys the Defense Interoperability Management Development Guidelines. We introduced MRMM, and implemented by using vocabulary similarity using machine learning and statistical approach. Based on MRMM, We expect to simplify the standardization integration of all military databases using artificial intelligence and bigdata. This will lead to huge reduction of defense budget while increasing combat power for implementing smart defense.

• Convergence Security Journal
• /
• v.20 no.3
• /
• pp.61-69
• /
• 2020

Since spear-phishing mail attacks focus on a particular target persistently to collect and take advantage of information, it can incur severe damage to the target as a part of the intelligent and new attacks such as APT attacks and social engineering attacks. The usual spam filtering services can have limits in countering spear-phishing mail attacks because of different targets, goals, and methods. In this paper, we analyze mail security services of several enterprises hosted by midium and small-sized enterprises with relatively security vulnerabilities in order to see whether their services can effectively respond spear-phishing mail attacks. According to the analysis result, we can say that most of mail security hosting services lack in responding spear-phishing mail attacks by providing functions for mainly managing mails including spam mail. The analysis result can be used as basic data to extract the effective and systematic countermeasure.