• Proceedings of the Korean Society of Computer Information Conference
• /
• 2011.06a
• /
• pp.139-142
• /
• 2011

해외 기술 유출 사고로 인하여 한국 경제에 약 수조원의 피해가 발생하였다. 기업의 기술 유출과 사고 책임 소재를 증명하기 위한 e-Discovery시스템과 기업CERT/CC에 연구가 필요하다. 본 논문에서는 e-Discovery의 개념과 관련법안 및 권고안, 포렌식 수사절차에 대해 연구하고, 국내 e-Discovery 사고 사례와 해외 e-Discovery 사고 사례를 연구한다. e-Discovery가 도입되면 기업 CERT/CC에서 필요한 e-Discovery 시스템을 설계한다. e-Discovery 시스템의 접근과 인증을 위한 사용자인증과 기기 인증에 대한 기술과 암호화 기술을 연구한다. 본 논문 연구를 통하여 e-Discovery 제도의 도입과 포렌식 기술 발전에 기초자료로 활용될 것이다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.6
• /
• pp.2527-2545
• /
• 2016

Measuring the similarity of given samples is a key problem of recognition, clustering, retrieval and related applications. A number of works, e.g. kernel method and metric learning, have been contributed to this problem. The challenge of similarity learning is to find a similarity robust to intra-class variance and simultaneously selective to inter-class characteristic. We observed that, the similarity measure can be improved if the data distribution and hidden semantic information are exploited in a more sophisticated way. In this paper, we propose a similarity learning approach for retrieval and recognition. The approach, termed as LDA-FEK, derives free energy kernel (FEK) from Latent Dirichlet Allocation (LDA). First, it trains LDA and constructs kernel using the parameters and variables of the trained model. Then, the unknown kernel parameters are learned by a discriminative learning approach. The main contributions of the proposed method are twofold: (1) the method is computationally efficient and scalable since the parameters in kernel are determined in a staged way; (2) the method exploits data distribution and semantic level hidden information by means of LDA. To evaluate the performance of LDA-FEK, we apply it for image retrieval over two data sets and for text categorization on four popular data sets. The results show the competitive performance of our method.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.4
• /
• pp.1424-1440
• /
• 2015

It is a challenging problem to search the intended images from a large number of candidates. Content based image retrieval (CBIR) is the most promising way to tackle this problem, where the most important topic is to measure the similarity of images so as to cover the variance of shape, color, pose, illumination etc. While previous works made significant progresses, their adaption ability to dataset is not fully explored. In this paper, we propose a similarity learning method on the basis of probabilistic generative model, i.e., probabilistic latent semantic analysis (PLSA). It first derives Fisher kernel, a function over the parameters and variables, based on PLSA. Then, the parameters are determined through simultaneously maximizing the log likelihood function of PLSA and the retrieval performance over the training dataset. The main advantages of this work are twofold: (1) deriving similarity measure based on PLSA which fully exploits the data distribution and Bayes inference; (2) learning model parameters by maximizing the fitting of model to data and the retrieval performance simultaneously. The proposed method (PLSA-FK) is empirically evaluated over three datasets, and the results exhibit promising performance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.249-258
• /
• 2012

Cyber attacks expose sensitive information and cause fatal damage in both the public and the private sectors. Therefore, MKE (Ministry of Knowledge Economy) Cyber Security Center was founded on July 25, 2008, to perform three major roles. First, it detects and analyzes cyber attacks for the both sectors. Second, its ISAC (Information Sharing & Analysis Center) service analyzes and evaluates the vulnerability of the communication and network infrastructure to security threats, including control systems. Third, it provides CERT/CC (Computer Emergency Response Team Coordination Center) service to prevent and to respond to computer security incidents. This study focuses on the MKE Cyber Security Center's service analysis, which is playing an increasingly larger role in the both sectors. Based on this analysis, after grasping the response services activity and pointing out the problems, this study suggests improvements to the MKE Cyber Security Center.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.6
• /
• pp.1320-1326
• /
• 2011

National institutions on the importance of information security is being recognized, information security laws are being discussed in Congress 3.4 DDoS incident and Nonghyup hacking, etc. However, National Assembly Secretariat when the results of the Information Security Consulting has been assessed very low 61.2 points, evaluation of hardware and software in secure areas were vulnerable. This paper, the legislative support agencies National Assembly and National Assembly Secretariat on the network and computer systems, and managerial, technical and physical security elements are analyzed for the status. And network should have the legislative support agencies and system for the physical network separation, DDoS attack response, Virus attack response, hacking attacks response, and Cyber Emergency Response Team/Coordination Center for Cyber infringing design and research through the confidentiality, integrity, availability, access control, authentication and security analysis is based on the evaluation criteria. Through this study, the legislative support agencies to strengthen the security of data and security laws enacted to provide the basis for.

• 정보보호뉴스
• /
• s.125
• /
• pp.19-21
• /
• 2008

기업이나 기관의 네트워크, 시스템에 침해사고 발생 시 신속한 대응과 예방활동을 펼치는 조직을 CERT(Computer Emergency Response Team)라고 한다. 국내 기업들 가운데 정보보호의 중요성을 깨닫고, IT 자산 보호의 일환으로 적지 않은 기업이 정보보호팀을 운영하고 있지만, 정작 CERT라는 이름을 내걸고 보안활동을 펼치는 기업은 그리 많지 않다. 그런 의미에서 지난해 개최된 정보보호대상에서 우수상을 차지한 현대정보기술은 국내에서 CERT라는 이름을 가진 몇 안 되는 기업 중 하나다.

• Journal of Korea Multimedia Society
• /
• v.14 no.10
• /
• pp.1335-1347
• /
• 2011

The dissemination and use of mobile applications have been rapidly expanding these days. And in such a situation, the security of mobile applications has emerged as a new issue. Although the safety of general software such as desktop and enterprise software is systematically achieved from the development phase to the verification phase through secure coding, there have been not sufficient studies on the safety of mobile applications yet. This paper deals with deriving weakness enumeration specialized in mobile applications and implementing a tool that can automatically analyze the derived weakness. Deriving the weakness enumeration can be achieved based on CWE(Common Weakness Enumeration) and CERT(Computer Emergency Response Team) relating to the event-driven method that is generally used in developing mobile applications. The analysis tool uses the dynamic tests to check whether there are specified vulnerabilities in the source code of mobile applications. Moreover, the derived vulnerability could be used as a guidebook for programmers to develop mobile applications.

• Annual Conference of KIPS
• /
• 2012.11a
• /
• pp.1057-1059
• /
• 2012

스마트폰이 대중화되면서 안드로이드 애플리케이션의 보안문제가 대두되고 있다. PC환경의 소프트웨어는 개발단계에서부터 시큐어코딩을 통해 안전성을 확보하고 있으나 안드로이드 애플리케이션의 경우는 연구가 더 필요한 상황이다. 본 논문에서는 CWE(Common Weakness Enumeration)의 취약점 분류 체계와 CAPEC(Common Attack Pattern Enumeration and Classification)의 공격 패턴 분류 체계와 CERT(Computer Emergency Response Team)의 취약점 발생 예방을 위한 정책들을 통해 안드로이드 애플리케이션의 최신화된 취약점 목록을 도출하고 카테고리별로 분류하여 취약점을 효율적으로 분석하는 기법을 제안한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.5
• /
• pp.1554-1566
• /
• 2014

Cloud Computing allows application providers seamlessly scaling their services and enables users scaling their usage according to their needs. In this paper, using queuing game model, we present service scheduling schemes which are used in software as a service (SaaS). The object is maximizing the Cloud Computing platform's (CCP's) payoff via controlling the service requests whether to join or balk, and controlling the value of CCP's admission fee. Firstly, we treat the CCP as one virtual machine (VM) and analyze the optimal queue length with a fixed admission fee distribution. If the position number of a new service request is bigger than the optimal queue length, it balks. Otherwise, it joins in. Under this scheme, the CCP's payoff can be maximized. Secondly, we extend this achievement to the multiple VMs situation. A big difference between single VM and multiple VMs is that the latter one needs to decide which VM the service requests turn to for service. We use a corresponding algorithm solve it. Simulation results demonstrate the good performance of our schemes.

• The KIPS Transactions:PartC
• /
• v.13C no.4 s.107
• /
• pp.427-434
• /
• 2006

Broadband Convergence Network(BcN) is a critical infrastructure to provide wired-and-wireless high-quality multimedia services by converging communication and broadcasting systems, However, there exist possible danger to spread the damage of an intrusion incident within an individual network to the whole network due to the convergence and newly generated threats according to the advent of various services roaming vertically and horizontally. In order to cope with these new threats, we need to analyze the vulnerabilities of BcN in a system architecture aspect and classify them in a systematic way and to make the results to be utilized in preparing proper countermeasures, In this paper, we propose a new classification of vulnerabilities which has been extended from the ITU-T recommendation X.805, which defines the security related architectural elements. This new classification includes system elements to be protected for each service, possible attack strategies, resulting damage and its criticalness, and effective countermeasures. The new classification method is compared with the existing methods of CVE(Common Vulnerabilities and Exposures) and CERT/CC(Computer Emergency Response Team/Coordination Center), and the result of an application to one of typical services, VoIP(Voice over IP) and the development of vulnerability database and its management software tool are presented in the paper. The consequence of the research presented in the paper is expected to contribute to the integration of security knowledge and to the identification of newly required security techniques.