• Journal of Electrical Engineering and Technology
• /
• v.13 no.5
• /
• pp.2086-2098
• /
• 2018

Security plays a vital role and is the key challenge in Mobile Ad-hoc Networks (MANET). Infrastructure-less nature of MANET makes it arduous to envisage the genre of topology. Due to its inexhaustible access, information disseminated by roaming nodes to other nodes is susceptible to many hazardous attacks. Intrusion Detection and Prevention System (IDPS) is undoubtedly a defense structure to address threats in MANET. Many IDPS methods have been developed to ascertain the exceptional behavior in these networks. Key issue in such IDPS is lack of fast self-organized learning engine that facilitates comprehensive situation awareness for optimum decision making. Proposed "Intelligent Behavioral Hybridized Intrusion Detection and Prevention System (IBH_IDPS)" is built with computational intelligence to detect complex multistage attacks making the system robust and reliable. The System comprises of an Intelligent Client Agent and a Smart Server empowered with fuzzy inference rule-based service engine to ensure confidentiality and integrity of network. Distributed Intelligent Client Agents incorporated with centralized Smart Server makes it capable of analyzing and categorizing unethical incidents appropriately through unsupervised learning mechanism. Experimental analysis proves the proposed model is highly attack resistant, reliable and secure on devices and shows promising gains with assured delivery ratio, low end-to-end delay compared to existing approach.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.1
• /
• pp.110-132
• /
• 2019

To ensure reliable and secure communication in heterogeneous cellular network (HCN) with imperfect channel state information (CSI), we proposed a coordinated multipoint (CoMP) transmission scheme based on dual-threshold optimization, in which only base stations (BSs) with good channel conditions are selected for transmission. First, we present a candidate BSs formation policy to increase access efficiency, which provides a candidate region of serving BSs. Then, we design a CoMP networking strategy to select serving BSs from the set of candidate BSs, which degrades the influence of channel estimation errors and guarantees qualities of communication links. Finally, we analyze the performance of the proposed scheme, and present a dual-threshold optimization model to further support the performance. Numerical results are presented to verify our theoretical analysis, which draw a conclusion that the CoMP transmission scheme can ensure reliable and secure communication in dense HCNs with imperfect CSI.

• Korean Security Journal
• /
• no.29
• /
• pp.223-249
• /
• 2011

In modern society, citizens' quality of life aspects of safety and crime prevention activities are actively considering the incidence of crime prevention in advance. It also can be quite important elicit the interest of who community members through effective crime prevention strategies. For crime prevention policies and techniques over time as more scientific and advanced methods are made. Today, A typical crime prevention strategies is private security zones and Crime Prevention Through Environmental Design (CPTED) is a corresponding to the new strategy. CPTED is a diversification can be called a crime prevention approach that emphasizes the principle of natural surveillance, access control, territoriality, activity support, maintenance and management. The defensible space of the space area related to crime prevention setting the activities of private security and CPTED determine. Also, the reality of crime prevention and protection should be considered space. The emphasis on proactive prevention of crime in modern society for the prevention of crime how to approach differing perspectives and disparate aspects of private security and CPTED. Technical and professional areas that overlap to some extent in a homogeneous aspect. Ultimately, CPTED is a crime prevention through space and environmental approach for crime. In addition, Ultimate goal of convergence, crime prevention, with the same or higher is required to study for the area after looking for the characteristics and limitations of private security and CPTED.

• Journal of Digital Convergence
• /
• v.19 no.8
• /
• pp.11-20
• /
• 2021

Due to the Covid-19 Pandemic, the world is facing the most serious crisis since the Great Depression, and is facing a new paradigm of the Untact era. Korea has also announced various policies and legal systems, including the 'Korean version of the New Deal', but it is conflicting between the use of information and the protection of information. In this paper, we derive thresholds by analyzing policies, statutes and technologies in the public cloud. Based on this, we propose to introduce the "Building a Nationwide Public Virtual Machine" as a key task to secure the next-generation national growth engine so that all citizens can use digital services in a secure and reliable environment with equal access to information. Through this, all citizens can use various digital new technology services only with low-priced and low-specification terminals, and by establishing a dedicated center for information protection, we want to respond to rapidly increasing security threats. It also points out that the domestic cloud-related legal system only emphasizes the use of information while overlooking the importance of security, and suggests the right direction for the legal system to move forward.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.4
• /
• pp.845-850
• /
• 2011

In this paper, we proposed the digital contents distribution business model for the operation of integration between heterogeneous systems in order to use IPTV. Also, we designed and implemented the protection management system through this distribution business model. This proposed model maintains interoperability between the heterogeneous systems, creates rights protection document based on REL, and provides the new version of packaged digital contents to itself by packaging the digital contents. Overall, it ultimately offers an interoperable environment. Moreover, since we pre-defines the relations among REL data based on MPEG-21 standard, which creates the newly packaged digital contents, it is easy to edit data. We can expect to save expenses of digital contents distribution and rights protection technology. Additionally, we can further improve security by encapsulating the security technology of CAS and DRM system.

• The KIPS Transactions:PartC
• /
• v.12C no.7 s.103
• /
• pp.999-1006
• /
• 2005

The Secure OS is an operating system which adds security functions to the existing operating system, in order to secure a system from sorority problems originated from inherent frailty of applications or operating systems. With the existing Secure Oses for it is difficult to set an effective security policy securing personal resources in a multi-user environment system. To solve this problem in this paper we present two Techniques to secure user data efficiently in the RBAC-based Secure OS for a multi-user environment. Firstly we utilizes object's owner information in addition to object's filename. Secondly we make use of meta symbol('$\ast$'), which is able to describe multiple access targets. In addition this paper gives some examples to show advantages from these techniques. And these features are implemented in an solaris-based Secure OS called Secusys.

• Journal of the Korea Convergence Society
• /
• v.9 no.7
• /
• pp.9-16
• /
• 2018

The purpose of this study is to prevent the malicious user from breaking the door-lock due to physical impact. If it matches the analog displacement value set in the door-lock system, it protects the body and property by transmitting damage information in real time to the manager smart phone. The research suggests a system that transmits damage information in real time to registered users when door-lock is damaged by physical impact. Then compare the impact information sensed by the door lock with the data of the sensitivity control unit. In the web server of the proposed system, after impact information transmitted from Door-Lock is stored in the DB, if the impact information is larger than the shock detection transmission reference value stored in the DB, it is transmitted to the administrator in real time by SMS module so that illegal access information.

• Journal of Advanced Marine Engineering and Technology
• /
• v.40 no.10
• /
• pp.906-915
• /
• 2016

In this study, a network monitoring system, including a secure 460-Network and a 460-Gateway, is designed and developed according with the requirements of the IEC (International Electro-Technical Commission) 61162-460 network standard for the safety and security of networks on board ships. At present, internal or external unauthorized access to or malicious attack on a ship's on board systems are possible threats to the safe operation of a ship's network. To secure the ship's network, a 460-Network was designed and implemented by using a 460-Switch, 460-Nodes, and a 460-Gateway that contains firewalls and a DMZ (Demilitarized Zone) with various application servers. In addition, a 460-firewall was used to block all traffic from unauthorized networks. 460-NMS (Network Monitoring System) is a network-monitoring software application that was developed by using an simple network management protocol (SNMP) SharpNet library with the .Net 4.5 framework and a backhand SQLite database management system, which is used to manage network information. 460-NMS receives network information from a 460-Switch by utilizing SNMP, SNMP Trap, and Syslog. 460-NMS monitors the 460-Network load, traffic flow, current network status, network failure, and unknown devices connected to the network. It notifies the network administrator via alarms, notifications, or warnings in case any network problem occurs. Once developed, 460-NMS was tested both in a laboratory environment and for a real ship network that had been installed by the manufacturer and was confirmed to comply with the IEC 61162-460 requirements. Network safety and security issues onboard ships could be solved by designing a secure 460-Network along with a 460-Gateway and by constantly monitoring the 460-Network according to the requirements of the IEC 61162-460 network standard.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.5
• /
• pp.931-939
• /
• 2014

The Web or Mobile channel of previous Web access authentication system for a payment only provides the authentication of remote users, and does not provide the authentication between a user and a bank/financial institution. Therefore, this paper proposes the Transaction Certificate Mode(TCM) for a payment which can preserve the mutual authentication between a user and a bank/financial institution for Web-based payment systems. The proposed system has designed for wireless network instead of Secure Electronic Transaction (SET) designed for wired electronic transaction. In addition, this system with TCM is able to support an account-based transaction for wireless networks instead of a disadvantage of SET such as a card-based transaction for wired networks. Therefore, customers can check their balances without logging on their bank's web site again due to mutual authentication between a customer and his bank/financial institution.

• Convergence Security Journal
• /
• v.19 no.1
• /
• pp.97-101
• /
• 2019

If the operating system's core file contains an Intel PT, the debugger can not only check the program state at the time of the crash, but can also reconfigure the control flow that caused the crash. We can also extend the execution trace scope to the entire system to debug kernel panics and other system hangs. The second-generation PT, the WinIPT library, includes an Intel PT driver with additional code to run process and core-specific traces through the IOCTL and registry mechanisms provided by Windows 10 (RS5). In other words, the PT trace information, which was limited access only by the first generation PT, can be executed by process and core by the IOCTL and registry mechanism provided by the operating system in the second generation PT. In this paper, we compare and describe methods for collecting, storing, decoding and detecting malicious codes of data packets in a window environment using 1/2 generation PT.