• 한국항해학회지
• /
• 제24권1호
• /
• pp.47-56
• /
• 2000

As a shipboard dependency for the safety and reliability becomes very important, the need for solid systems providing non-stop workload has been increased. This system is heartbeat that transmits shipboard state, audit and control information to the land. So, this paper describes a ship's LAN configuration method for the safety and reliability. In order to achieve these requirements, network, server and disk fault tolerance techniques are surveyed, and dual network configuration model, cluster server configuration method are presented and tested based on the survey.

• 인터넷정보학회논문지
• /
• 제11권6호
• /
• pp.73-86
• /
• 2010

최근 웹 공격 기술의 발달로 인하여 기존 웹 로그 분석에 통한 공격 탐지 기술뿐만 아니라 웹 방화벽 로그, 웹 IDS 및 시스템 이벤트 로그 등과 같이 다수의 웹 관련 감사 자료를 이용하여 웹 시스템에 대한 공격 이벤트를 분석하고 비정상 행위를 탐지할 필요가 있다. 따라서 본 연구에서는 웹 서버에서 생성되는 IIS 웹 로그 정보와 웹 방화벽 및 웹 IDS 시스템에서 생성되는 이벤트 로그 정보 등을 이용하여 일차적으로 통합 로그를 생성하고 이를 이용하여 웹 공격을 탐지할 수 있는 시스템을 설계 및 구현하였다. 본 연구에서 제안한 시스템은 다중 웹 세션에 대한 분석 과정을 수행하고 웹 시스템 공격과 관련된 연관성을 분석하여 대용량의 웹 로그 및 웹 IDS/방화벽 정보를 대상으로 효율적 공격 탐지 기능을 제공하도록 하였다. 본 연구에서 제시한 시스템을 사용할 경우 능동적이고 효율적인 웹 로그 공격 이벤트 분석 및 웹 공격을 탐지할 수 있는 장점이 있다.

• 정보보호학회논문지
• /
• 제34권1호
• /
• pp.41-52
• /
• 2024

IPsec VPN에 대한 보안 감사는 구현 결함이나 설정 오류로 인한 취약점을 점검하고 사고 발생에 대한 조사 등을 위해 매우 중요하다. 하지만 IPsec VPN은 기밀성, 무결성, 인증 등을 보장하기 위해 네트워크 콘텐츠가 암호화 되어 있어 보안 감사에 큰 어려움이 있다. 이를 해결하기 위해 중간자 공격 방식을 이용한 분석 기법들이 이전 연구들에서 제안되었다. 중간자 공격 기법을 적용하기 위해서는 상호 인증을 위한 사전 공유키를 알고 있어야 하며, 네트워크에 직접 참여해야 한다. 이는 보안 감사를 위해 일시적으로 네트워크 단절을 유발하며, 감사 이전에 수집된 데이터에 대한 분석이 불가능하다. 본 논문에서는 네트워크 연속성을 보장하며, 특정 IPsec VPN 연결 방식과 인증 방식에 한정되지 않는 새로운 분석 기법을 제안한다. 따라서, 제안하는 분석 기법은 IPsec VPN 보안 감사를 위해 실제적으로 활용될 것으로 기대된다.

• 대한안전경영과학회지
• /
• 제24권2호
• /
• pp.67-76
• /
• 2022

Power generation construction projects involving large amounts of capital can affect the survival of a company along with huge economic losses in the event of a business failure. In general, private companies are organizations with challenging risk taking tendencies while public companies have a risk averse tendency to avoid risk, so these differences in organizational tendencies make it difficult to respond to risk. In particular, public companies are more likely to fail than private companies because they choose the contradiction of risk picking to enter overseas markets with high uncertainty despite their tendency to risk averse due to the nature of the organization. Therefore, these organizations need risk management techniques that reflect a risk-averse strategy. Accordingly, this paper analyzes the risk management research papers of the existing overseas development EPC business in order to find the risk management techniques related to the organizational tendencies of public companies and proposes "establishing a performance audit system for risk management of the organizational tendencies of public companies" as a way to extract the risk factors through the examples of overseas development projects of public companies and to manage the organizational tendencies of public companies that affect them.

• 대한원격탐사학회:학술대회논문집
• /
• 대한원격탐사학회 2005년도 Proceedings of ISRS 2005
• /
• pp.301-304
• /
• 2005

For detecting an intrusion based on the anomaly of a user's activities, previous works are concentrated on statistical techniques or frequent episode mining in order to analyze an audit data. But, since they mainly analyze the average behaviour of user's activities, some anomalies can be detected inaccurately. Therefore, we propose an anomaly detection method that utilizes an associative classification for modelling intrusion detection. Finally, we proof that a prediction model built from associative classification method yields better accuracy than a prediction model built from a traditional methods by experimental results.

• 한국철도학회:학술대회논문집
• /
• 한국철도학회 2003년도 추계학술대회 논문집(II)
• /
• pp.223-228
• /
• 2003

Risk Management does not mean accepting a risk but having a good grasp of, eliminating and controling the exact causes of known hazards. Good safety management plan or system for the safety of any systems need to include the procedures about standing safety goals, related technical information, time schedule, audit programs, etc at least. In this paper the summeries on general risk assessment techniques and the examples of risk assessment system and railway risk management strategies used in UK, Australia and Canada are introduced, and applicable establishment procedures for domestic railway industries are proposed.

• 한국지능시스템학회논문지
• /
• 제11권7호
• /
• pp.633-640
• /
• 2001

In this paper we examine the machine learning issues raised by the domain of the Intrusion Detection Systems(IDS), which have difficulty successfully classifying intruders. There systems also require a significant amount of computational overhead making it difficult to create robust real-time IDS. Machine learning techniques can reduce the human effort required to build these systems and can improve their performance. Genetic algorithms are used to improve the performance of search problems, while data mining has been used for data analysis. Data Mining is the exploration and analysis of large quantities of data to discover meaningful patterns and rules. Among the tasks for data mining, we concentrate the classification task. Since classification is the basic element of human way of thinking, it is a well-studied problem in a wide variety of application. In this paper, we propose a classifier system based on genetic algorithm, and the proposed system is evaluated by applying it to IDS problem related to classification task in data mining. We report our experiments in using these method on KDD audit data.

• 유통과학연구
• /
• 제12권3호
• /
• pp.33-41
• /
• 2014

Purpose - The purpose of this study was to predict the selection of independent auditors in the companies listed on the Tehran Stock Exchange (TSE) using a combination of PSO algorithm and CART. This study involves applied research. Design, approach and methodology - The population consisted of all the companies listed on TSE during the period 2005-2010, and the sample included 576 data specimens from 95 companies during six consecutive years. The independent variables in the study were the financial ratios of the sample companies, which were analyzed using two data mining techniques, namely, PSO algorithm and CART. Results - The results of this study showed that among the analyzed variables, total assets, current assets, audit fee, working capital, current ratio, debt ratio, solvency ratio, turnover, and capital were predictors of independent auditor selection. Conclusion - The current study is practically the first to focus on this topic in the specific context of Iran. In this regard, the study may be valuable for application in developing countries.

• 한국정보통신학회:학술대회논문집
• /
• 한국정보통신학회 2013년도 춘계학술대회
• /
• pp.275-278
• /
• 2013

Log는 시스템을 사용하는 모든 자료에 남는 시스템 파일이다. 지금 IT에 이슈화 되고 있는 농협사태, Nate On 정보 유출, 언론기관 서버마비 등 해킹에 의한 범죄가 많이 일어나고 있다. 이에 로그를 전문적으로 분석하는 소프트웨어를 통해 일어나고 있는 해킹 사태에 대해 전문분석이 필요하다. 본 연구는 지능적으로 일어나는 APT 공격에 대해 로그분석으로 패턴을 분석해 이상 Log 발생 시 역추적 하여 사전에 예방하는 기술에 대해 기술한다.

• 산경연구논집
• /
• 제6권3호
• /
• pp.5-8
• /
• 2015

Purpose - This article's aim is to examine how the utilization of existing and future decision-support systems will lead to a change in the auditing process. Research design, data, and methodology - An information system is a special decision-support system that combines information obtained from various sources and communicates among them to help in assessing appropriate complex financial decisions. This paper analyzes techniques such as data and text mining as components of decision-support systems to be used in the auditing process. Results - We present views about how existing decision-support systems will lead to a change in audits. Auditors, who currently collect significant data manually, will in the future move towards management through complex decision-support systems. Conclusions - Although some internal audit functions are integrated into systems of continuous monitoring, the use of such systems remains limited. Thus, instead of multiple decision-support systems, a unified decision-support system can be deployed for this that includes sensors integrated within a company in different contexts (e.g., production, sales, and accounting) that continually monitors violations of controls, unusual patterns, and unusual transactions.