• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.1
• /
• pp.98-106
• /
• 2012

CSD(Container Security Device) is a security device with sensors that can detect the abnormal behavior such as illegal opening of a container door. Since the CSD provides security and safety of the container, CSD should not only provide security services such as confidentiality and integrity but also cloning detection. If we can not detect the cloned CSD, an adversary can use the cloned CSD for many illegal purposes. In this paper, we propose a policy based cloned CSD detection mechanism. To evaluate proposed clone detection mechanism, we have implemented the proposed scheme and evaluated the results.

• Journal of Navigation and Port Research
• /
• v.33 no.10
• /
• pp.735-742
• /
• 2009

Information security is an essential factor that enables terminal to be operated. However, despite of this importance of information security, there has hardly been any research related to this topic. And moreover, current level of information security performance in container terminals has not been analyzed so far. The objective of this study is to evaluate current level of information security in container terminals. Through survey from the four leading container terminal operators in Korea, The results firstly showed that average of information security level of major container terminals was 71.7%. And from the results of data analysis, it revealed that the weak point of information security in Korean container terminals was security management, and in detail, lack of expertise of support group.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.213-225
• /
• 2022

Containerization, a lightweight virtualization technology, enables agile deployments of enterprise-scale microservices in modern cloud environments. However, containerization also opens a new window for adversaries who aim to disrupt the cloud environments. Since microservices are composed of multiple containers connected through a virtual network, a single compromised container can carry out network-level attacks to hijack its neighboring containers. While existing solutions protect containers against such attacks by using network access controls, they still have severe limitations in terms of performance. More specifically, they significantly degrade network performance when processing packet payloads for L7 access controls (e.g., HTTP). To address this problem, we present BPFast, an eBPF/XDP-based payload inspection system for containers. BPFast inspects headers and payloads of packets at a kernel-level without any user-level components. We evaluate a prototype of BPFast on a Kubernetes environment. Our results show that BPFast outperforms state-of-the-art solutions by up to 7x in network latency and throughput.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2023.11a
• /
• pp.64-65
• /
• 2023

The purpose of this study was to assess the current status of cyber security at the Busan Port container terminal and derive strengthening factors through exploratory research. In recent years, the maritime industry has actively adopted Fourth Industrial Revolution technologies, resulting in changes in the form of ports, such as automated and smart terminals. While these changes have brought positive improvements in port efficiency, they have also increased the potential for cyber security incidents and threats, including information leakage through cargo handling equipment and ransomware attacks leading to terminal operations disruption. Especially in the case of ports, cyber security threats can have not only local effects within the port but also physical damage and implications for national security. However, despite the growing cyber security threats within ports, research related to domestic port cyber security remains limited. Therefore, this study aimed to identify factors for enhancing cyber security in ports and derive future enhancement strategies. The study conducted an analysis focusing on the Busan Port container terminal, which is one of the leading ports in South Korea actively adopting Fourth Industrial Revolution technologies, and conducted a survey of stakeholders in the Busan Port container terminal. Subsequently, exploratory factor analysis was used to derive strengthening factors. This study holds significance in providing directions for enhancing cyber security in domestic container ports in the future.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.8
• /
• pp.1642-1646
• /
• 2011

In this paper, A Design of 2.45GHz and GPS antenna Integrated Board using Container security Device(ConTracer) for container cargo transportation is proposed and experimentally evaluate. Integrated antenna board include 2.4GHz chip and Ceramic GPS antenna is also consider the impact of RF interference based on simulation for applied to steel container. After a careful comparison and analysis a part of the container door for its best performance, We conduct tests to characterize. The proposed integrated antenna board is suitable for container cargo transportation application in steel container field.

• The Journal of Korean Institute of Next Generation Computing
• /
• v.15 no.1
• /
• pp.86-98
• /
• 2019

Recently, the trend of building container-based PaaS (Platform-as-a-Service) is expanding. Container-based platform technology has been a core technology for realizing a PaaS. Containers have lower operating overhead than virtual machines, so hundreds or thousands of containers can be run on a single physical machine. However, recording and monitoring the storage logs for a large number of containers running in cloud computing environment occurs significant overhead. This work has identified two problems that occur when detecting a file system change event of a container running in a cloud computing environment. This work also proposes a system for container file system event detection in the environment by solving the problem. In the performance evaluation, this work performed three experiments on the performance of the proposed system. It has been experimentally proved that the proposed monitoring system has only a very small effect on the CPU, memory read and write, and disk read and write speeds of the container.

• Journal of KIISE:Computing Practices and Letters
• /
• v.16 no.1
• /
• pp.50-54
• /
• 2010

A Container Security Device (CSD) which is different existing RFID Tag strengthens the physical security as mounted inside the container and the information security as encrypts doubly a data. CSD must use the resources efficiently in order to operate with the battery. Therefore, it needs low-power mechanism which repeats the sleep period and channel scan period. However, by adjusting these periods, the trade-off occurs between energy efficiency and network connectivity. In this paper, we implement low-power CSD and resolve this problem by adjusting beacon period and channel scan time. As a result, We guarantee the network connectivity 95% or more and maximum life up to 16 days using common AA batteries.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2021.11a
• /
• pp.122-124
• /
• 2021

최근 4차 산업혁명의 기술이 발전하며 인공지능과 클라우드 컴퓨팅의 융합에 대한 연구가 활발하게 진행되고 있으며 클라우드 컴퓨팅에 컨테이너 기술을 접목한 새로운 컴퓨팅 환경이 주목받고 있다. 그러나 현재 사용되고 있는 컨테이너 기반의 가상화 기술은 컨테이너 실행에 필요한 파일과 설정 값을 포함하고 있는 컨테이너 이미지를 통해 배포하는 방식을 사용하고 다수의 컨테이너가 하나의 커널을 공유하기 때문에 취약한 패키지를 사용하는 컨테이너 이미지가 다수의 사용자와 공유 되어 시스템 보안이 매우 취약하다 이에 본 논문에서는 자연어처리 기법을 활용한 취약점 분석 시스템을 통해 컨테이너를 실행에 필요한 파일과 설정 값을 포함하고 있는 컨테이너 이미지에서 취약점을 분석하는 시스템을 제안한다.

• The Monthly Technology and Standards
• /
• s.56
• /
• pp.22-23
• /
• 2006

• Pallet News
• /
• s.65
• /
• pp.29-41
• /
• 2012

본 원고는 지난 12월 16일 KPCA 회의실에서 있었던 '국제물류보안의 최근 동향' 이라는 주제 발표로 씨니어물류포럼 자문위원인 이재욱 ISO TC8/SC11 의장 겸 인하대 명예교수가 발표한 자료입니다.