• Journal of Information Processing Systems
• /
• v.14 no.3
• /
• pp.740-750
• /
• 2018

There are a great number of Internet-connected devices and their information can be acquired through an Internet-wide scanning tool. By associating device information with publicly known security vulnerabilities, security experts are able to determine whether a particular device is vulnerable. Currently, the identification of the device information and its related vulnerabilities is manually carried out. It is necessary to automate the process to identify a huge number of Internet-connected devices in order to analyze more than one hundred thousand security vulnerabilities. In this paper, we propose a method of automatically generating device information in the Common Platform Enumeration (CPE) format from banner text to discover potentially weak devices having the Common Vulnerabilities Exposures (CVE) vulnerability. We demonstrated that our proposed method can distinguish as much adequate CPE information as possible in the service banner.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.19 no.2
• /
• pp.39-46
• /
• 2023

The rise in popularity of cloud services has brought about a heightened concern for security in the field of cloud computing. As a response, governments have implemented CSAP(Cloud Security Assurance Program) to ensure the security of these services. However, despite such measures, the emergence of various security vulnerabilities persists, resulting in incidents related to cloud security breaches. To address this, the utilization of Common Vulnerabilities and Exposures (CVE) has been proposed as a means to facilitate the sharing of vulnerability information across different domains. Nevertheless, the unique characteristics of cloud services present challenges in assigning CVE IDs to the diverse range of vulnerabilities within the cloud environment. In this study, we analyzed how CVE can be effectively employed to enhance cloud security. The assignment of a CVE ID is contingent upon the fulfillment of three rules in the Counting Decision and five rules in the Inclusion Decision. Notably, the third rule in the Inclusion Decision, INC3, clashes with the nature of cloud services, resulting in obstacles in assigning CVE IDs to various cloud vulnerabilities. To tackle this issue, we suggest the appointment of designated individuals who would be responsible for overseeing specific areas of cloud services, thereby enabling the issuance of CVE IDs. This proposed approach aims to overcome the challenges associated with the unique characteristics of cloud services and ensure the seamless sharing of vulnerability information. Information sharing regarding vulnerabilities is crucial in the field of security, and by incorporating cloud vulnerabilities into the CVE system, this method can contribute to enhancing the security of cloud services.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.17 no.4
• /
• pp.77-83
• /
• 2021

As Open Source Software(OSS) recently invigorates, many companies actively use the OSSes in their business software. With such OSS invigoration, our web application is developed in order to provide the safety in using the OSSes, and update the information on the new vulnerabilities and the patches at all times by crawling the web pages of the relevant OSS home pages and the managing organizations of the vulnerabilities. By providing the updated information, our application helps the OSS users and developers to be aware of such security issues, and gives them to work in the safer environment from security risks. In addition, our application can be used as a security platform to greatly contribute to preventing potential security incidents not only for companies but also for individual developers.

• The KIPS Transactions:PartC
• /
• v.13C no.4 s.107
• /
• pp.427-434
• /
• 2006

Broadband Convergence Network(BcN) is a critical infrastructure to provide wired-and-wireless high-quality multimedia services by converging communication and broadcasting systems, However, there exist possible danger to spread the damage of an intrusion incident within an individual network to the whole network due to the convergence and newly generated threats according to the advent of various services roaming vertically and horizontally. In order to cope with these new threats, we need to analyze the vulnerabilities of BcN in a system architecture aspect and classify them in a systematic way and to make the results to be utilized in preparing proper countermeasures, In this paper, we propose a new classification of vulnerabilities which has been extended from the ITU-T recommendation X.805, which defines the security related architectural elements. This new classification includes system elements to be protected for each service, possible attack strategies, resulting damage and its criticalness, and effective countermeasures. The new classification method is compared with the existing methods of CVE(Common Vulnerabilities and Exposures) and CERT/CC(Computer Emergency Response Team/Coordination Center), and the result of an application to one of typical services, VoIP(Voice over IP) and the development of vulnerability database and its management software tool are presented in the paper. The consequence of the research presented in the paper is expected to contribute to the integration of security knowledge and to the identification of newly required security techniques.

• Convergence Security Journal
• /
• v.1 no.1
• /
• pp.21-29
• /
• 2001

For multiple attacks through large networks e.g., internet, IDS had better be installed over several hosts and collect all the audit data from them with appropriate synthesis. We propose a new distributed intrusion detection system called SPIDER II which is the upgraded version of the previous standalone IDS - SPIDER I. As like the previous version, SPIDER II has been implemented on Linux Accel 6.1 in CNU C. After planting intrusion detection engines over several target hosts as active agents, the administration module of SPIDER II receives all the logs from agents and analyzes hem. For the world-wide standardization on IDS, SPIDER II is compatible with MITRE's CVE(Common Vulnerabilities and Exposures).

• Proceedings of the Korea Information Processing Society Conference
• /
• 2019.05a
• /
• pp.335-338
• /
• 2019

북한에서 운영하고 있는 오피스 프로그램인 서광사무처리 3.0은 ODF(Open Document Format) 파일 포맷을 입력으로 받아 문서를 처리한다. ODF는 여러 개의 XML(Extensible Markup Language) 파일로 구성되어 있고, 하위 노드들을 통해서 파일 구조를 정의한다. 이러한 서광사무처리 3.0의 ODF 파일 구조를 하위 프로그램별 입력받는 파일 확장자에 따라 공통 영역과 가변 영역으로 비교하고, CVE(Common Vulnerabilities and Exposures)를 통해 ODF와 XML 주요 취약점을 분석한다.