• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.7
• /
• pp.613-621
• /
• 2019

Recently, with the development of the Internet of Things (IoT) and cloud computing technologies, security threats have increased as malicious codes infect IoT devices, and new malware spreads ransomware to cloud servers. In this study, we propose a threat-detection technique that checks obfuscated script patterns to compensate for the shortcomings of conventional signature-based and behavior-based detection methods. Proposed is a malicious code-detection technique that is based on malicious script-pattern analysis that can detect zero-day attacks while maintaining the existing detection rate by registering and checking derived distribution patterns after analyzing the types of malicious scripts distributed through websites. To verify the performance of the proposed technique, a prototype system was developed to collect a total of 390 malicious websites and experiment with 10 major malicious script-distribution patterns derived from analysis. The technique showed an average detection rate of about 86% of all items, while maintaining the existing detection speed based on the detection rule and also detecting zero-day attacks.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.6
• /
• pp.83-94
• /
• 2016

Recent cloud, big data, there is a problem for the architectural security vulnerability to the server platforms of various fields such as artificial intelligence occurs consistently, but using the virtualization technology. In addition, most secure virtualization technology is known to be dependent on the type is limited and the platform provider. This paper presents a method for mutual authentication for secure data between multiple instances of a shared virtualized environment. The proposed method was designing a security architecture in consideration of the mutual authentication between multiple independent instances, and enhance the safety of a security protocol for sharing data by applying a key chain techniques. Performance analysis results and the existing security architecture demonstrated that protect each virtualized instances of the session and the other way, a compliance effectiveness for each instance of the mutual authentication process.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.8
• /
• pp.1797-1804
• /
• 2015

Integrated log management system can help to predict the risk of security and contributes to improve the security level of the organization, and leads to prepare an appropriate security policy. In this paper, we have designed and implemented a Hadoop-based log analysis system by using distributed database model which can store large amount of data and reduce analysis time by automating log collecting procedure. In the proposed system, we use the HBase in order to store a large amount of data efficiently in the scale-out fashion and propose an easy data storing scheme for analysing data using a Hadoop-based normal expression, which results in improving data processing speed compared to the existing system.

• Journal of the Korea Convergence Society
• /
• v.11 no.3
• /
• pp.77-83
• /
• 2020

Recently, intelligent predictive surveillance system has emerged. It is a system that can probabilistically predict the future situation and event based on the existing data beyond the scope of the current object or object motion and situation recognition. Since such intelligent predictive monitoring system has a high possibility of handling personal information, security consideration is essential for protecting personal information. The existing video surveillance framework has limitations in terms of privacy. In this paper, we proposed a security framework for intelligent predictive surveillance system. In the proposed method, detailed components for each unit are specified by dividing them into terminals, transmission, monitoring, and monitoring layers. In particular, it supports active personal information protection in the video surveillance process by supporting detailed access control and de-identification.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.12
• /
• pp.1898-1903
• /
• 2021

Recently, the need to be wary of internal access such as internal access as well as external attackers' access to work has increased due to network expansion, cloud infrastructure expansion, and changes in working patterns due to COVID-19 situations. For this reason, a new network security model called Zero Trust is drawing attention. Zero Trust has a key principle that a trusted network does not exist, and in order to be allowed access, it must be authenticated first, and data resources can only be accessed by authenticated users and authenticated devices. In this paper, we will explain these zero trust and zero trust architectures and examine new security application strategies applicable to various companies using zero trust and the process of building a new security system based on the zero trust architecture model.

• KIPS Transactions on Computer and Communication Systems
• /
• v.12 no.6
• /
• pp.189-196
• /
• 2023

Today, in the era of the 4th industrial revolution based on the paradigm of hyper-connectivity, super-intelligence, and superconvergence, the remote work environment is becoming central based on technologies such as mobile, cloud, and big data. This remote work environment has been accelerated by the demand for non-face-to-face due to COVID-19. Since the remote work environment can perform various tasks by accessing services and resources anytime and anywhere, it has increased work efficiency, but has caused a problem of incapacitating the traditional boundary-based network security model by making the internal and external boundaries ambiguous. In this paper, we propse a method to improve the limitations of the traditional boundary-oriented security strategy by building a security model centered on core components and their relationships based on the zero trust idea that all actions that occur in the network beyond the concept of the boundary are not trusted.

• Convergence Security Journal
• /
• v.22 no.1
• /
• pp.71-79
• /
• 2022

The smart grid system has emerged to maximize energy efficiency through real-time information exchange between power providers and consumers by combining information technology and power supply systems. The authentication schemes using blockchain in a smart grid system have been proposed, which utilize an edge server's architecture to collect and store electric power-related information and process data between a central cloud server and smart grid-IoT devices. Although authentication schemes are being proposed to enhance security in the smart grid environment, many vulnerabilities are still reported. This paper presents a new mutual authentication scheme to guarantee users' privacy and anonymity in a smart grid based on edge computing using blockchain. In the proposed scheme, we use the smart contract for the key management's efficiency, such as updating and discarding key materials. Finally, we prove that the proposed scheme not only securely establishes a session key between the smart grid-IoT device of the user and the edge server but also guarantees anonymity.

• Convergence Security Journal
• /
• v.23 no.4
• /
• pp.23-32
• /
• 2023

Container-based virtualization has attracted many attentions as an alternative to virtual machine technology because it can be used more lightly by sharing the host operating system instead of individual guest operating systems. However, this advantage may owe some vulnerabilities. In particular, excessive resource use of some containers can affect other containers, which is known as the noisy neighbor problem, so that the important property of isolation may not be guaranteed. The noisy neighbor problem can threat the availability of containers, so we need to consider the noisy neighbor problem as a security problem. In this paper, we investigate vulnerabilities on guarantee of isolation incurred by the noisy neighbor problem in container-based virtualization. For this we first analyze the structure of container-based virtualization environments. Then we present vulnerabilities in 3 functional layers and general directions for solutions with limitations.

• Journal of Satellite, Information and Communications
• /
• v.11 no.2
• /
• pp.1-7
• /
• 2016

In this paper, we propose contents authoring, management, and distribution technologies where the contents registered in secure storage through a content acquisition and authoring tool can be used as a common experience in smartphones, smart pads, and PCs. Currently, many people are producing and consuming various types of contents in bulk, and it is expected that real-time contents and old contents coexist as IoT(Internet of Things) technology is commonly deployed in the future. Therefore, we need to develop a differentiated service that can compete with global services in contents authoring and collaboration systems to create new markets. Accordingly, we implemented an authoring service platform to occupy cloud markets with high quality contents produced through collaboration.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2016.04a
• /
• pp.949-952
• /
• 2016

클라우드 기반 IoT 환경에서 광범위하게 설치된 디바이스는 보안성 강화 또는 기능 수정을 위해 소프트웨어를 원격에서 갱신할 필요가 있다. 디바이스는 하드웨어 자원과 네트워크 성능이 한정적이기 때문에 갱신 과정에서 발생하는 네트워크 트래픽을 줄여야하며 서비스가 중지되는 시간을 줄이기 위해 갱신 소요시간을 단축시켜야 한다. 이를 해결하기 위해 본 논문에서는 갱신 과정에서 가상화 기술을 이용하여 이미지를 계층화 하고, 캐싱하는 방식을 이용한 소프트웨어 갱신 프레임워크를 제안한다. 이미지 계층화는 소프트웨어와 종속 파일을 담은 이미지 파일의 수정, 변경, 추가된 부분을 새로운 계층으로 생성하고 관리하는 것을 일컫는다. 캐싱은 갱신 과정에서 서버에서 전송한 이미지를 게이트웨이에 저장하고 다른 디바이스가 갱신을 요청하면 저장된 이미지를 서버를 거치지 않고 전송하는 것을 말한다. 이를 적용하여 새로운 계층만 전송하고, 중복된 데이터의 전송을 줄여 네트워크 트래픽 발생량을 줄이고, 설치 파일의 용량을 줄여 갱신 소요시간을 줄인다. 본 논문에서 제안하는 프레임워크는 트래픽 발생량과 갱신 소요시간이 기존 방식에 비해 감소한다.