• Proceedings of KOSOMES biannual meeting
• /
• 2008.05a
• /
• pp.33-42
• /
• 2008

The crimes and the vandalism committed by mental patients such as the burning of Syungremoon and Daegu's subway have become a social insecure factors. In the paper, the criminal status of mental patients is analyzed and the range of probabilities at sea investigated. The countermeasures to these crimes are proposed.

• Information and Communications Magazine
• /
• v.29 no.5
• /
• pp.42-49
• /
• 2012

인과네트워크는 변수 간의 인과관계를 통해 현상을 이해하고 설명하는 체계이다. 이 네트워크는 이학 및 공학, 의학, 사회과학 등 여러 학문 분야에서 원인 변수와 결과 변수 간의 관계를 나타내어, 발생 가능한 현상의 원인을 예측하고, 그 결과를 설명하는데 사용되고 있다. 이를 다이어그램 형태로 표현하면 변수 간의 인과관계를 쉽게 입증할수도 있다. 특정 재난은 다양한 변수가 인과관계로 서로 연관되어 있기 때문에 인과네트워크의 적용이 가능한 분야이다. 따라서 이 네트워크는 재난 변수 간의 인과관계를 규명하여 재난의 확산 반응을 분석하고, 대응 시스템을 설계하는데 도움을 줄 수 있다. 실제로 지진, 정전, 테러, 화재 등의 인과관계를 규명하기 위한 재난 확산 모형에 대한 연구가 활발히 이루어지고 있다. 2003년 대구에서 일어난 지하철 화재는 여러 변수가 복합적으로 작용하여 일어난 재난이다. 또한 재난에 대응하는 인간 행동 및 인지 요인이 중요한 변수로 작용하였다. 따라서 이를 반영한 재난 확산 모형을 적용하여 실제 재난 상황을 재구성해 보고자 한다. 본 논문에서는 인과네트워크의 정의와 인과네트워크를 표현하는 4개의 방법론을 선별하여 각각의 특성을 살펴본다. 또한 이를 재난 분야에 적용한 인과네트워크 기반의 재난 확산 모형에 대한 연구 동향을 살펴본다. 마지막으로 2003년 대구 지하철 화재를 사례로 하여 재난의 확산과 대응체계의 인과관계에 대해 연구하였다. 이 때 인간 행동과 인지 분석 결과를 토대로 심층적인 접근을 시도해 보았다. 이를 통해 재난의 인과관계와 근본적 대응방안의 가능성을 타진해 보았다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.05c
• /
• pp.2029-2032
• /
• 2003

이 연구는 국가 기간산업망인 전력. 철도, 가스, 항공 통의 SCADA(Supervisory Control And Data Acquisition) 시스템 보안을 목적으로 현재 운영중인 가스 SCADA에 대해 시스템, 네트워크, 관리방법에 대해 보안 취약성 평가분석 및 모의해킹을 실시하고 취약분야별 대응방안을 제시하였다. 또한 이들의 결과를 종합하여 Gap 분석을 실시함으로써 사이버 테러 린 해킹 등에 보다 안전한 시스템을 구축하기 위한 방안을 제시하였다.

• Korean Security Journal
• /
• no.24
• /
• pp.91-123
• /
• 2010

The threat factors available for occurrence given G20 Summit Meeting are expected leader terrorism, hostage terrorism, bomb terrorism, public facilities terrorism, and aircraft terrorism. As for the threat groups, which are expected in Korea, the North Korea, Islam extremist group, and the group such as NGO organization of being opposed to international meeting are regarded as having possibility of causing hazard. Thus, the purpose of this study is to suggest VIP Security-measure plans in the main site in preparation for G20 Summit Meeting. Accordingly, each country in the world is adopting 'the principle of Triple Ring' in common. Thus, it elicited a coping plan by 1st line(inner ring) 2nd line(middle ring) 3rd line(outer ring) based on this principle, and proposed even an opinion together that will need to be reflected in light of policy for the VIP security measures. In conclusion, as for the VIP Security-measure plans in the main site in preparation for G20 Summit Meeting, In the inner ring(safety sector), first, an intercepting measure needs to be devised for a spot of getting into and out of vehicles given the Straight Street. Second, the Walking Formation needs to be reinforced boldly in the exposed area. In the middle ring(security sector), first, the control plan needs to be devised by considering particularity of the main site. Second, there is necessity for adopting the efficient security badge operation plan that is included RFID function within security badge. In the outer ring(aid protective sector), first, there is necessity of preparing for several VIP terrorisms, of collecting information and intelligence, and of reinforcing the information collection system against terrorism under the cooperation with the overseas information agency. Second, the urgent measure training in time of emergency needs to be carried out toward security agent event manpower. Third, to maintain the certain pace in VIP motorcade, the efficient traffic control system needs to be operated. Finally, as for what will need to be reflected in light of policy for VIP security measures, first, there is necessity for allowing VIP residence to be efficiently dispersed to be distributed and controlled. Second, there is necessity for allowing impure element to misjudge or attack to be failed by utilizing diverse deception operations. Third, according to the reorganization in North Korea's Organization of the South Directed Operations, the powerful 'military-support measure' needs to be driven from this G20 Summit Meeting. For this, the necessity was proposed for further reinforcing the front back defense posture under the supervision of the Ministry of National Defense and for positively coping even with detecting and removing poison in preparation for CBR (chemical, biological, and radio-logical) terrorism.

• Journal of the Korea Convergence Society
• /
• v.9 no.7
• /
• pp.55-62
• /
• 2018

Recently, as the threat of cyber crime increases, the importance of security control to cope with cyber attacks on the information systems in the first place such as real-time detection is increasing. In the name of security control center, cyber terror response center and infringement response center, institutional control personnel are making efforts to prevent cyber attacks. Especially, we are detecting infringement accident by using network security equipment or utilizing control system, but it's not enough to prevent infringement accident by just controlling based on device-driven simple patterns. Therefore, the security control system is continuously being upgraded, and the development and research on the detection method are being actively carried out by the prevention activity against the threat of infringement. In this paper, we have defined the method of detecting infringement of major component module in order to improve the problem of existing infringement detection method. Through the performance tests for each module, we propose measures for effective security control and study effective infringement threat detection method by upgrading the control system using Security Information Event Management (SIEM).

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.10a
• /
• pp.947-950
• /
• 2014

The recent APT attacks including cyber terror are caused by a high level of malicious codes and hacking techniques. This implies that essentially, advanced security management is required, from the perspective of 5A. The changes of IT environment are represented by Mobile, Cloud and BYOD. In this situation, the security model needs to be changed, too into the Airport model which emphasizes prevention, and connection, security and integration of functions from the existing Castle model. This study suggested an application method of the risk-based Airport model to the cyber security environment.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.51-55
• /
• 2004

Currently, internet is deeply rooted in everyday life and many things are performed using internet in real-world, increased internet user because convenience. But then, internet accident is on the increase rapidly. Therefore, it is necessary that testing system generate automatically various attack patterns and traffic. In this paper, we describe method of design and implementation about AGT(attack generation test suite : simulator) system which generate various attack patterns using multiple agents.

• Convergence Security Journal
• /
• v.11 no.6
• /
• pp.45-51
• /
• 2011

Certificate security oriented cyber certificate is important tool for the purpose of offering user-authentication service based on on-line system. In the paper, we analyzed management implement which could make the efficient use of certificate security oriented cyber terror response. This algorithm called SOL(Security Oriented Language) will make efficient use of the service about authentication consisting of the basis in the age of information through efficient management and partial use of each certificates. Especially, SOL could be used efficiently by grafting a small group of on-line system which is operated with particular purposes.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.18 no.10
• /
• pp.2323-2330
• /
• 2014

Most organizations are more depending on information system in advanced information society. According to this current, unrapid reaction to system failure can cause a fatal effect to a credibility of the organization. An excessively high level of dependence on information system at work makes itself as a primary target of cyber terror. The stability of university's information system is especially weaker than the enterprise's but policy support for securing availability is inadequate. In this paper, we consider the recovery system toward to disorder of university's school affairs information system theoretically and suggest high availability PC based academic administration system.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.4
• /
• pp.263-271
• /
• 2008

This study is about the criminal information system of police cooperation organization between European nations. The criminal information system of police cooperation organization between European nations is the organization created by the sign of the Europol convention in 26 July 1995 and the effectuation in 1 October 1998 for European nations' cooperative confrontation with frequent international terror, international organization crime, drug trafficking, illegal immigrant smuggling, and other critical crimes. From the beginning, this organization established the criminal information system for overcoming the working limits of previous international police organization. This system consists of information system, work file, and index system and enables every national unit or other law enforcement agents to collect, exchange, and utilize the information. Additionally, it try to keep in step with the rapidly change time, such as the integration with CMS, the establishment of correspondence system against cyber crime, and the introduction of biometric database. The criminal information system of the Europol gives important suggestions to the police cooperation organization between nations, besides prevention and suppression against the international crimes in Europe.