• Convergence Security Journal
• /
• v.8 no.1
• /
• pp.117-127
• /
• 2008

The backwardness of Domestic security management system tend to depend on foreign security companies which have advanced technology. The appearance risk to flow out confidential affairs of domestic enterprises and public organizations to foreign countries. In this regard, this paper is implement and designed automatic security analysis system for secure public network. This system is to offer enhanced security quality of public organizations and reducing the dependence on foreign companies. And maintains security analysis technique for public network.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2019.10a
• /
• pp.401-404
• /
• 2019

최근 국가기반시설 산업제어시스템은 시나리오를 기반으로 시뮬레이션 훈련을 진행한다. 그러나 국내 ICS 보안 기술은 외부 경계 보호에 중점을 둔 시나리오가 대다수였기 때문에 내부에서 발생할 수 있는 시나리오 가이드라인이 상대적으로 부족하고 이를 평가하는 기준 또한 제대로 정의되어 있지 않다. 내부 공격이 증가함에 따라 국내에서도 사회공학적 기법에 초점을 둔 시뮬레이션 훈련을 진행할 필요가 있다. 이에 본 논문은 NEI 08-09 의 운영·관리항목 중 가장 빈번하게 발생하는 위협을 바탕으로 한 시나리오 및 구성요소를 개발하고, 이를 평가할 수 있는 명확한 기준을 제시하여 효과적인 비상대응 훈련을 수행할 수 있도록 한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2010.11a
• /
• pp.1281-1284
• /
• 2010

오늘날 인터넷 기술의 발전과 대중화와 함께 다양한 악성코드가 빠르게 제작, 유포되고 있다. 최근 빠르게 증가하는 악성코드를 신속하게 대응하기 위해 자동화된 분석 기법에 대한 연구가 활발히 진행되고 있다. 자동화된 악성코드 분석 결과로 생성되는 데이터는 안티바이러스 업체나 관련 기관 등에서 알려지지 않은 악성코드에 대응할 수 있는 시그니처를 생성하는데 활용된다. 따라서 저장되는 악성코드 분석 결과는 악성코드 사이의 행위와 특성 관계가 고려되어 저장되어야 한다. 즉, 자동화된 악성코드 분석 결과를 효율적으로 저장할 수 있는 DB 설계가 필요하다. 본 논문에서는 악성코드의 대부분을 차지하는 PE를 대상으로 자동화된 악성코드 분석 결과를 효율적으로 저장할 수 있는 DB 설계를 제안하고자 한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2023.05a
• /
• pp.158-161
• /
• 2023

최근 사물인터넷 및 통신 기술 및 통신 기술이 발달하면서 사물인터넷 상에서의 데이터 보호에 대한관심이 지속되고 있다. 이에 따라 데이터 보호를 위한 기술적 요구들이 커지고 있으며, 데이터를 송수신하는 과정에서 비밀 데이터가 숨겨져 있다는 사실을 자체를 숨기는 스테가노그래피 기술이 활용되고 있다. 본 논문에서는 IoT 환경에서의 스테가노그래피 기술이 만족해야하는 조건과 연구 사례에 대해 살펴본다.

• Convergence Security Journal
• /
• v.3 no.3
• /
• pp.7-18
• /
• 2003

Under database system environment, to accomplish database security is to ascertain the security threats and to choose the policy and mechanism of treating them. This study suggests the type and character of security threat and general method of prevention and cutting off the threats. Also, this study suggests the method of realization of Oracle security and additionally shows the method of Oracle security framework implemention. As an example, the verification method of Oracle security implementions are shown.

• Convergence Security Journal
• /
• v.13 no.5
• /
• pp.207-213
• /
• 2013

As the axis of the private security maintain social order in order to achieve the original purpose of all society must move in the direction of motion, and so in order to be a private security based philosophical values and ideological composition should be based. In this process, to be followed by private security value or direction, philosophy private security is the norm. In this regard, this study pursued by the private security justification ever truly normative principles are intended to establish. The public nature of the ideology of private security, public, efficiency, legality, responsiveness and the like. Conflict occurs between the value of these ideals, although complementary are in harmony.

• Convergence Security Journal
• /
• v.13 no.5
• /
• pp.167-176
• /
• 2013

This study was analysis that first, a problem of security guard supervisor system, second, a problem of on the job training, third, a problem of basic and refresher training for improvement of security guard supervisor system that among security guard supervisor by NVivo 10. It was suggestion what improvement about problem.

• Convergence Security Journal
• /
• v.5 no.3
• /
• pp.67-73
• /
• 2005

Security requirements must be defined well to reduce software vulnerabilities in requirement specification phase. In this paper, we show how to specify security requirements in structured manner for object-oriented development methodology. Our method specifies security requirements through four phases: defining security objectives, identifying the threat, construct attack tree, and specifying security function. This method would help developers to specify security requirements and functions which software have to possess clearly and systematically.

• Journal of Korea Multimedia Society
• /
• v.18 no.2
• /
• pp.218-232
• /
• 2015

According to the development of information processing technology and mobile communication technology, the utilization of mobile banking systems is drastically increasing in banking system. In the foreseeable future, it is expected to increase rapidly the demands of mobile banking in bank systems with the prevalence of smart devices and technologies. However, the keeping 'security' is very important in banking systems that handles personal information and financial assets. But it is very difficult to improve the security of banking systems only with the vulnerabilities and faults analysis methods of information security. Hence, in this paper, we accomplish the analysis of security risk factor and security vulnerability that occur in mobile banking system. With analyzed results, we propose the information security control and management processes for assessing and improving security based on the mechanisms which composes mobile banking system.

• International journal of advanced smart convergence
• /
• v.10 no.2
• /
• pp.10-14
• /
• 2021

Today people adopt various contents from their mobile devices which lead to numerous platforms. As technology of 5G, IOT, and smart phone develops, the number of people who create, edit, collect, and share their own videos, photos, and articles continues to increase. As more contents are shared online, the numbers of data being stolen continue to increase too. To prevent these cases, an authentication method is needed to encrypt the content and prove it as its own content. In the report, we propose a few methods to secure various misused content with secondary security. A unique private key is designed when people create new contents through sending photos or videos to platforms. The primary security is to encrypt the "Private Key" with a public key algorithm, making its data-specific "Timeset" that doesn't allow third-party users to enter. For the secondary security, we propose to use Message Authentication Codes(MACs) to certify that we have produced the content.