• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.2
• /
• pp.580-599
• /
• 2021

Software-Defined Networking (SDN) has three key features: separation of control and forwarding, centralized control, and network programmability. While improving network management flexibility, SDN has many security issues. This paper systemizes the security threats of SDN using spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege (STRIDE) model to understand the current security status of SDN. First, we introduce the network architecture and data flow of SDN. Second, we analyze security threats of the six types given in the STRIDE model, aiming to reveal the vulnerability mechanisms and assess the attack surface. Then, we briefly describe the corresponding defense technologies. Finally, we summarize the work of this paper and discuss the trends of SDN security research.

• Journal of Digital Convergence
• /
• v.12 no.9
• /
• pp.159-168
• /
• 2014

With the advancement of internet and mobile communication devices, mobile banking such as internet banking, internet loan and smart phones related to the people's economic activities using mobile communication devices is becoming increasingly more popular. Various security systems to prevent such new crimes are being introduced and the security system market is anticipated to continuously increase substantially in the future. Accordingly, qualitative advancement of the security systems are also in continuous demand. Therefore, this thesis proposes the method and system for quality evaluation of the network access control system by proposing testing and evaluating method for the relevant system through surveying and analyzing the tend in the foundation technologies and standards in the area of network access control system, which is one of the security systems, in order to cope with the demands for the evaluation of the quality of the security system as the security system product market is anticipated to grow continuously.

• Journal of information and communication convergence engineering
• /
• v.8 no.5
• /
• pp.544-548
• /
• 2010

The Enterprise Security Management system is a centralized control system based on predefined security policies by organizations. In Korea, there is a Common Criteria security certification according to the strict standards for various features. As the needs of information security product are increasing, the ESM system should be evaluated with quality characteristics. In this paper, we propose evaluation items for functionality and performance of Enterprise Security Management system, and the best practices for evaluation.

• Journal of Navigation and Port Research
• /
• v.31 no.9
• /
• pp.779-784
• /
• 2007

This paper describes a new progressive embedded Internet Protocol(IP) camera available for real-time image transmission. It was applied for ship safety and security on seashore area. The functions of developed embedded system was more effective and excellent than conventional systems. Nowadays, each nation has established harbor security systems to jump up their ports to international port. Recently Incheon port has tried to change man security into center security system used by image security system. The security system of Incheon port has some advantages like effectivity of security system and reduction of manpower and cost, installed by image security system with CCTV cameras at the entrance gate and around the fence. Thus in this paper, we have designed and implemented a Personal Digital Assistants(PDA) based Image Surveillance System for Harbor Security using IP Camera under ubiquitous environment. This system has big advantages which are more effective in an emergency and low cost and small manpower than conventional systems.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.9
• /
• pp.2082-2090
• /
• 2013

As rehabilitation psychology analysis system which manages examination information becoming more popular, interoperability, portability and security are becoming major concerns of modern computing. We propose a security model on the type information based access control system for rehabilitation psychology analysis that can enhance both security and availability by separating the functions delivered from object-oriented databases to solve these problems. We apply the access control model specifically to enhancement of security system and also perform a test to verify the security and availability of our model.

• Journal of Institute of Control, Robotics and Systems
• /
• v.9 no.4
• /
• pp.310-319
• /
• 2003

As the importance and the need for network security are increased, many organizations use the various security systems. They enable to construct the consistent integrated security environment by sharing the network vulnerable information among IDS (Intrusion Detection System), firewall and vulnerable scanner. The multiple IDSes coordinate by sharing attacker's information for the effective detection of the intrusion is the effective method for improving the intrusion detection performance. The system which uses BBA (Blackboard Architecture) for the information sharing can be easily expanded by adding new agents and increasing the number of BB (Blackboard) levels. Moreover the subdivided levels of blackboard enhance the sensitivity of the intrusion detection. For the simulation, security models are constructed based on the DEVS (Discrete Event system Specification) formalism. The intrusion detection agent uses the ES (Expert System). The intrusion detection system detects the intrusions using the blackboard and the firewall responses to these detection information.

• Journal of the Korea Convergence Society
• /
• v.9 no.7
• /
• pp.55-62
• /
• 2018

Recently, as the threat of cyber crime increases, the importance of security control to cope with cyber attacks on the information systems in the first place such as real-time detection is increasing. In the name of security control center, cyber terror response center and infringement response center, institutional control personnel are making efforts to prevent cyber attacks. Especially, we are detecting infringement accident by using network security equipment or utilizing control system, but it's not enough to prevent infringement accident by just controlling based on device-driven simple patterns. Therefore, the security control system is continuously being upgraded, and the development and research on the detection method are being actively carried out by the prevention activity against the threat of infringement. In this paper, we have defined the method of detecting infringement of major component module in order to improve the problem of existing infringement detection method. Through the performance tests for each module, we propose measures for effective security control and study effective infringement threat detection method by upgrading the control system using Security Information Event Management (SIEM).

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.1034-1037
• /
• 2013

ICT infrastructure is electronic control systems or communication network related to national security, public administration, defense, policing, finance. Water resources sector has been building a system of control that can be performed electronically, communications, management, energy, and other work-related. Water resources sector has been a paradigm shift in water management and the control system is integrated into a single network. The control system security vulnerabilities are exposed - other control networks, business networks, linking with outside agencies, etc. Cyber terrorist society can cause a huge mess economically, The importance of security for control systems is becoming. In this paper, ICT infrastructure - the water resources in the field of control systems will analysis security measures.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.4
• /
• pp.1751-1767
• /
• 2016

Home security has become the prime concern for everyone in present scenario. In this work an attempt has been made to develop a home security system which is accessible, affordable and yet effective.The proposed system is based on 'Remote Embedded Control System' (RECS) which works both on the web and gsm platform for authentication and monitoring. This system is therefore cost effective as it relies on existing network infrastructure. As PCA is most popular and efficient algorithm for face recognition, it has been usedin this work. Next to it an interface has been developed for communication purpose in the embedded security system through the ZigBee module. Based on this embedded system, automated control of door movement has been implemented through electromagnetic door lock technology. This helps the users to monitor the real-time activities through web services/SMS. The web service consists of either web browser command or e-mail provision. The system establishes the communication between the system and authenticated user. The e-mail received by the system from the authorized person will monitor and control the real-time operation and door lock. The entire control system is reinforced using ARM1176JZF-S microcontroller and tested for actual use in the home environment. The result shows the experimental verification of the proposed system.

• Information Systems Review
• /
• v.9 no.1
• /
• pp.121-137
• /
• 2007

Several security systems(firewall, intrusion detection system, vaccine for malicious codes and so on), whose purposes are to prevent the external information security threat, have gathered more technological concerns. However, they are little effective for the area of defending the internal information security threat which occurs more frequently and results in much more monetary damages. In this paper, a system for internal surveillance and control on the use of information systems is suggested and described with its architecture, features, necessary functions and development methods. And a case system is introduced to show the reality of this paper.