• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.8
• /
• pp.1071-1076
• /
• 2020

The importance of network separation is due to the use of the Internet with existing business PCs, resulting in an internal information leakage event, and an environment configured to allow servers to access the Internet, which causes service failures with malicious code. In order to overcome this problem, it is necessary to use network virtualization to separate networks and network interconnection systems. Therefore, in this study, the construction area was constructed into the network area for the Internet and the server farm area for the virtualization system, and then classified and constructed into the security system area and the data link system area between networks. In order to prove the excellence of the proposed method, a network separation construction study using network virtualization was conducted based on the basis of VM Density's conservative estimates of program loads and LOBs.

• Journal of the Korea Society of Computer and Information
• /
• v.29 no.6
• /
• pp.39-51
• /
• 2024

This paper proposes a novel approach to enhance the security of container-based systems by analyzing system calls to dynamically detect race conditions without modifying the kernel. Container escape attacks allow attackers to break out of a container's isolation and access other systems, utilizing vulnerabilities such as race conditions that can occur in parallel computing environments. To effectively detect and defend against such attacks, this study utilizes eBPF to observe system call patterns during attack attempts and employs a AdaBoost model to detect them. For this purpose, system calls invoked during the attacks such as Dirty COW and Dirty Cred from popular applications such as MongoDB, PostgreSQL, and Redis, were used as training data. The experimental results show that this method achieved a precision of 99.55%, a recall of 99.68%, and an F1-score of 99.62%, with the system overhead of 8%.

• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.10
• /
• pp.311-318
• /
• 2016

IoT(Internet of Things areas) rich information based on the user easy access to service creation must be one of the power system of specificity due following: The IoT spread obstacle to the act be, and 'Smart Grid information of this is not easy under power plants approach the Directive on the protection measures, particularly when stringent security policies IoT technologies applied to Advanced Metering Infrastructure sector has been desired. This is a situation that occurs is limited to the application and use of IoT technologies in the power system. Power Information Network is whilst closed network operating is has a smart grid infrastructure, smart grid in an open two-way communication for review and although information security vulnerabilities increased risk of accidents increases as according to comprehensive security policies and technologies are required and can. In this paper, the IoT platform architecture design of information systems as part of the power of research and development IoT-based energy information platform aims. And to establish a standard framework for a connection to one 'Sensor-Gateway-Network-platform sensors Service' to provide power based on the IoT services and solutions. Framework is divided into "sensor-gateway" platform to link information modeling and gateways that can accommodate the interlocking standards and handling protocols variety of sensors Based on this real-time data collection, analysis and delivery platform that performs the role of the relevant and to secure technology.

• The Journal of Society for e-Business Studies
• /
• v.13 no.1
• /
• pp.21-32
• /
• 2008

RFID systems provide technologies of automatic object identification through wireless communications in invisible ranges and adaptability against various circumstances. These advantages make RFID systems to be applied in various fields of industries and individual life. However, it is difficult to use tags with distinction as tags are increasingly used in life because a tag usually stores only one object identifier in common RFID applications. In addition, RFID systems often make serious violation of privacy caused by various attacks because of their weakness of radio frequency communication. Therefore, information sharing methods among applications are necessary for expansive development of RFID systems. In this paper, we propose efficient RFID scheme. At first, we design a new RFID tag structure which supports many object identifiers of different applications in a tag and allows those applications to access them simultaneously. Secondly, we propose an authentication protocol to support the proposed tag structure. The proposed protocol is designed by considering of robustness against various attacks in low cost RFID systems. Especially, the proposed protocol is focused on efficiency of authentication procedure by considering security levels of applications. In the proposed protocol, each application goes through one of different authentication procedures according to their security levels. Finally, we prove efficiency of th proposed scheme compared with the other schemes through experiments and evaluation.

• The KIPS Transactions:PartC
• /
• v.16C no.2
• /
• pp.151-164
• /
• 2009

The importance of sensor networks as a base of ubiquitous computing realization is being highlighted, and espicially the security is recognized as an important research isuue, because of their characteristics.Several efforts are underway to provide security services in sensor networks, but most of them are preventive approaches based on cryptography. However, sensor nodes are extremely vulnerable to capture or key compromise. To ensure the security of the network, it is critical to develop security Intrusion Detection System (IDS) that can survive malicious attacks from "insiders" who have access to keying materials or the full control of some nodes, taking their charateristics into consideration. In this perper, we design a distributed and adaptive IDS architecture on sensor networks, respecting both of energy efficiency and IDS efficiency. Utilizing a modified HEED algorithm, a clustering algorithm, distributed IDS nodes (dIDS) are selected according to node's residual energy and degree. Then the monitoring results of dIDSswith detection codes are transferred to dIDSs in next round, in order to perform consecutive and integrated IDS process and urgent report are sent through high priority messages. With the simulation we show that the superiorities of our architecture in the the efficiency, overhead, and detection capability view, in comparison with a recent existent research, adaptive IDS.

• Convergence Security Journal
• /
• v.21 no.2
• /
• pp.11-18
• /
• 2021

To protect tangible and intangible assets, most of the companies are conducting information protection monitoring by using various security equipment in the IT service network. As the security equipment that needs to be protected increases in the process of upgrading and expanding the service network, it is difficult to monitor the possible exposure to the attack for the entire service network. As a countermeasure to this, various studies have been conducted to detect external attacks and illegal communication of equipment, but studies on effective monitoring of the open service ports and construction of illegal communication monitoring system for large-scale service networks are insufficient. In this study, we propose a framework that can monitor information leakage and illegal communication attempts in a wide range of service networks without large-scale investment by analyzing 'Netflow statistical information' of backbone network equipment, which is the gateway to the entire data flow of the IT service network. By using machine learning algorithms to the Netfllow data, we could obtain the high classification accuracy of 94% in identifying whether the Telnet service port of operating equipment is open or not, and we could track the illegal communication of the damaged equipment by using the illegal communication history of the damaged equipment.

• International Journal of Computer Science & Network Security
• /
• v.22 no.1
• /
• pp.113-120
• /
• 2022

Information technologies in higher education are the basis for solving the tasks set by monitoring the quality of higher education. The directions of aplying information technologies which are used the most nowadays have been listed. The issues that should be addressed by monitoring the quality of higher education with the use of information technology have been listed. The functional basis for building a monitoring system is the cyclical stages: Observation; Orientation; Decision; Action. The monitoring system's considered cyclicity ensures that the concept of independent functioning of the monitoring system's subsystems is implemented.. It also ensures real-time task execution and information availability for all levels of the system's hierarchy of vertical and horizontal links, with the ability to restrict access. The educational branch uses information and computer technologies to monitor research results, which are realized in: scientific, reference, and educational output; electronic resources; state standards of education; analytical materials; materials for state reports; expert inferences on current issues of education and science; normative legal documents; state and sectoral programs; conference recommendations; informational, bibliographic, abstract, review publications; digests. The quality of Ukrainian scientists' scientific work is measured using a variety of bibliographic markers. The most common is the citation index. In order to carry out high-quality systematization of information and computer monitoring technologies, the classification has been carried out on the basis of certain features: (processual support for implementation by publishing, distributing and using the results of research work). The advantages and disadvantages of using web-based resources and services as information technology tools have been discussed. A set of indicators disclosed in the article evaluates the effectiveness of any means or method of observation and control over the object of monitoring. The use of information technology for monitoring and evaluating higher education is feasible and widespread in Ukrainian education, and it encourages the adoption of e-learning. The functional elements that stand out in the information-analytical monitoring system have been disclosed.

• Journal of the Korean Institute of Educational Facilities
• /
• v.13 no.3
• /
• pp.56-65
• /
• 2006

The multipurpose auditoriums in schools are the center of local community and the places of their life-long education. The multipurpose auditoriums are to be open and made available for use by local public as far as it does not interfere with the education of the schools. However, most of them are not open to public on the pretext of management problems while demands of local communities for the opening of the facility is rising. The role of the multipurpose auditorium as the place of physical training and its maximum availability to local community have be taken into account of from its design stage. The location of the auditorium itself has to be close to the main entrance of the school for easy access, its facilities located in one common area, their management and maintenance scheme adopted appropriately but legally, and then security and safety measurement have to be devised. Also, more studies are necessary to propose detail regulations for local sports facilities and to develop their interrelationship and network, in connection with sophistication of school facilities and BTL system.

• The Journal of the Korea Contents Association
• /
• v.9 no.8
• /
• pp.121-128
• /
• 2009

Iris recognition is a biometric technology which can identify a person using the iris pattern. Recently, iris information is used in many fields such as access control and information security. It is important for the iris recognition system to extract the feature which is invariant to changes in iris patterns. Those changes can be occurred by the influence of lights, changes in the size of the pupil. In this paper, we propose a novel method based on vector summation of gradient orientation vectors. Experimental results show that the proposed method reduces processing time with simple vector calculation, requires small feature space and has comparable performance to the well-known previous methods.

• International Commerce and Information Review
• /
• v.14 no.1
• /
• pp.273-299
• /
• 2012

Japan's customs ensure the safety of international trade and trade facilitation has been pursuing. To do this, AEO was introduced to this system and expanding the supply chain currently maintain security and improve customer convenience is necessary to continue to be pursued. In addition, the imposition of customs duties in accordance with changes in the environment to Tariff offenders and increased the amount of tax evasion, smuggling of narcotics, including amphetamines and response, the increase in access is required. In this paper, Japan's tariff and customs administration for the change in the future for Japan-related materials around the Treasury Department's analysis will attempt to draw implications for this.