• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.9
• /
• pp.12-20
• /
• 2016

With the enhancements in existing major industries, cloud computing-based converging services have been created, as well as value-added industries. A variety of converging services are now provided, from personalized services up to industrial services. In Korea, they have become the driving force behind existing industries throughout the whole economy, but mainly in finance, mobile systems, social computing, and home services, based on cloud services. However, not only denial of service (DOS) and distributed DOS (DDOS) attacks have occurred, but also attack techniques targeting core data in storage servers. Even security threats that are hardly detected, such as multiple attacks on a certain target, APT, and backdoor penetration have also occurred. To supplement defenses against these, in this article, a protocol for authority management is designed to provide users with safe storage services. This protocol was studied in cases of integration between a cloud environment and big data-based technology, security threats, and their requirements. Also studied were amalgamation examples and their requirements in technology-based cloud environments and big data. With the protocol suggested, based on this, security was analyzed for attack techniques that occur in the existing cloud environment, as well as big data-based techniques, in order to find improvements in session key development of approximately 55%.

• Journal of Internet Computing and Services
• /
• v.22 no.3
• /
• pp.27-35
• /
• 2021

With the development of the Internet, various IT technologies such as IoT, Cloud, etc. have been developed, and various systems have been built in countries and companies. Because these systems generate and share vast amounts of data, they needed a variety of systems that could detect threats to protect the critical data contained in the system, which has been actively studied to date. Typical techniques include anomaly detection and misuse detection, and these techniques detect threats that are known or exhibit behavior different from normal. However, as IT technology advances, so do technologies that threaten systems, and these methods of detection. Advanced Persistent Threat (APT) attacks national or companies systems to steal important information and perform attacks such as system down. These threats apply previously unknown malware and attack technologies. Therefore, in this paper, we propose a hybrid intrusion detection system that combines anomaly detection and misuse detection to detect unknown threats. Two detection techniques have been applied to enable the detection of known and unknown threats, and by applying machine learning, more accurate threat detection is possible. In misuse detection, we applied Classification based on Association Rule(CBA) to generate rules for known threats, and in anomaly detection, we used One-Class SVM(OCSVM) to detect unknown threats. Experiments show that unknown threat detection accuracy is about 94%, and we confirm that unknown threats can be detected.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.7
• /
• pp.1-8
• /
• 2017

As the IT environment becomes more sophisticated, various threats and their associated serious risks are increasing. Threats such as DDoS attacks, malware, worms, and APT attacks can be a very serious risk to enterprises and must be efficiently managed in a timely manner. Therefore, the government has designated the important system as the main information communication infrastructure in consideration of the impact on the national security and the economic society according to the 'Information and Communication Infrastructure Protection Act', which, in particular, protects the main information communication infrastructure from cyber infringement. In addition, it conducts management supervision such as analysis and evaluation of vulnerability, establishment of protection measures, implementation of protection measures, and distribution of technology guides. Even now, security consulting is proceeding on the basis of 'Guidance for Evaluation of Technical Vulnerability Analysis of Major IT Infrastructure Facilities'. There are neglected inspection items in the applied items, and the vulnerability of APT attack, malicious code, and risk are present issues that are neglected. In order to eliminate the actual security risk, the security manager has arranged the inspection and ordered the special company. In other words, it is difficult to check against current hacking or vulnerability through current system vulnerability checking method. In this paper, we propose an efficient method for extracting diagnostic data regarding the necessity of upgrading system vulnerability check, a check item that does not reflect recent trends, a technical check case for latest intrusion technique, a related study on security threats and requirements. Based on this, we investigate the security vulnerability management system and vulnerability list of domestic and foreign countries, propose effective security vulnerability management system, and propose further study to improve overseas vulnerability diagnosis items so that they can be related to domestic vulnerability items.

• Journal of Physiology & Pathology in Korean Medicine
• /
• v.18 no.5
• /
• pp.1285-1290
• /
• 2004

From a view point of Hyungsang medicine a study is made on depressive syndromes through 'Donguibogam(東醫寶鑑)' ,'Clinical lectures by Mr. Jeesan(芝山先生 臨床學特講)' and other literature. Depressed energy(?) originally meant the disorder of vital energy in the circulation of nature with the lapse of time. In later, it has been changed to mean the disease of man, especially related to the mind. Depressive syndromes come from the stagnation of the Ki or the abnormal circulation(rising, falling, coming and going), which happens when man cannot adjust oneself to the circumstances due to the disharmony between internal and external conditions. Depressive syndrome easily attacks the following types of persons; Dam type person with excessive Ki and deficient Hyung(形), manly woman, womanly man, Bird type person who shows a great variety of emotion, Turtle type person declined to melancholy, Ki type person apt to be depressive, and Shin type person with upward gush of the fire. It also attacks the persons who have smudgy face with the scar between eyebrows, those whose pulses are mixture of two different kinds and those whose pulses extend on two ranges in Jeesan's diagram. Depressive syndromes recorded in 'Donguibogam' are globus hystericus, chest congestion, gastric discomfort, cough and asthma caused by depressed Ki, abdominal mass, edema, and tympanites. The most effective prescriptions for depressive syndromes are Eajintang(二陳湯), Guibitang(歸脾湯), Hyangsosan(香蘇散), and Gamisachiltang(加味四七湯).

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.267-279
• /
• 2017

This study emulated unscheduled phishing e-mails over a long period of time by imitating the manner in which external hackers attacked a group of employees in a company. We then measured and analyzed the recipient's ability to identify and respond to phishing e-mails as training progressed. In addition, we analyzed the changes in participants' response behavior when changing the external control condition between the training. As a result of the analysis, it was confirmed that the training duration had a positive (+) relationship with the employees' ability to identify phishing e-mails and the infection rate, and more employees read emails and infected with phishing attacks using social issues and seasonal events. It was also confirmed that reinforcement of internal control policy on infected persons affects positively (+) on the phishing attack response behavior of employees. Based on these results, we would like to suggest the right training method for each organization to enhance the ability of employees to cope with phishing attacks.

• The Journal of the Convergence on Culture Technology
• /
• v.9 no.3
• /
• pp.707-714
• /
• 2023

The Internet of Things, which is the key factor of the 4th industrial revolution, are apt to apply to many systems. The existing security mechanism cannot be realized with limited resources such as low capacity of devices and sensors. In order to apply IoT system, a new structure and ultra-lightweight encryption is required. In this paper, we analyzed security issues that can operate in Internet-based smart home networks, and to solve the critical issues against these attacks, technologies for device protection between heterogeneous devices. Security requirements are required to protect from attacks. Therefore, we analyzed the demands and requirements for its application by analyzing the security architecture and features in smart home network.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.18 no.6
• /
• pp.1369-1374
• /
• 2014

In case of APT attacks, the update server is being used as a means of dissemination, the update program is running malicious code or data in applications such as anti-virus signature is vulnerable to manipulation, SW Update threat identification and prevention measures are urgently required. This paper presents a natiional and international SW update structure, update process exploits and response measures to examine, Through the extraction/analysis of a domestic famous SW update log, we are willing to select the necessary component of the normal program update to identify a white list.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.6
• /
• pp.1263-1269
• /
• 2014

Since the cyber defense has been dependent on commercial products and protection systems, in aspect of the recent trends, our cyber defence ecosystem can be more vulnerable. In case of general defense weapon companies, they have to be observed by the government such as certain proprietary technologies and products for the protection from the enemy. On the contrary, most cyber weapon companies have not been managed like that. For this reason, cyber attack can reach to the inside of our military through the security hole of commercial products. In this paper, we enhanced a military cyber protection ecosystems out of enemy attacks and analyze the hypothetical scenarios to evaluate and verify the vulnerability, and finally more securable ecosystem of military protection system is presented politically and technically.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.10a
• /
• pp.346-349
• /
• 2014

Currently, the growing cyber threat continues, the damage caused by the evolution of malicious code incidents become more bigger. Such advanced attacks as APT using 'zero-day vulnerability' bring easy way to steal sensitive data or personal information. However it has a lot of limitation that the traditional ways of defense like 'access control' with blocking of application ports or signature base detection mechanism. This study is suggesting a way of controlling application activities focusing on keeping integrity of applications, authorization to running programs and changes of files of operating system by hardening of legitimate resources and programs based on 'white-listing' technology which analysis applications' behavior and its usage.

• Korean Journal of Psychosomatic Medicine
• /
• v.6 no.2
• /
• pp.104-119
• /
• 1998

This study was conducted to determine the important factors in the illness behavior of panic disorder patients. And then, find the best ways to lead the patients who have recurrent panic attacks to the adequate therapeutic situations. We studied 53 patients diagnosed as panic disorder according to DSM-IV among the outpatients who had been followed up at Bong Seng Memorial Hospital for 6 Ms, from May 1997 to October 1997. To evaluate the illness behaviors, we designed a checklist including socio-demographic data, degree of subjective distress from medical and psychiatric treatment, panic symptoms, life events, places of help-seeking, Anxiety Sensitivity Index. Using the checklist, we had semistructured interviews with the panic disorder patients to elucidate their help-seeking behaviors from first panic attack to diagnosing as panic disorder. The results were as follows ; 1) After first panic attack, the patients initially sought help at 1) Emergency room 40%, 2) Rest &/or Personal emergency care 35%, 3) Pharmacy 10%, 4) Outpatient care at hospital 10%, 5) Oriental medicine 5%. 2) Considering the panic symptoms, derealization, paresthesia and the severity of panic symptoms were the most important factors affecting the patient's help-seeking behaviors who had experienced the first panic attack. 3) Most of all the patients (80%) were apt to visit the hospitals within 15 days after experiencing about 3 panic attacks. 4) Before diagnosed as panic disorder, the patients had visited 3-5 health care centers during about 1 year. 5) Primary care physicaians(for example, emergency care physicians, family doctors and internists) had the most important roles in treating or guiding the patients to the adequate therapeutic situations. From the above results, the authors propose that non-psychiatric physicians have to know the panic disorder or attacks exactly. When patients complaint sudden onset physical symptoms e.g. palpitation, dyspnea, dizziness or the cognitive symptoms like the fear of death or insanity, physicians should consider the possibility of panic attack and encourage the patients to be evaluated for psychiatric illness.