• The Journal of the Korea Contents Association
• /
• v.21 no.2
• /
• pp.499-506
• /
• 2021

Hackers' cyber attack techniques are becoming more sophisticated and diversified, with a form of attack that has never been seen before. In terms of information security vulnerability standard code (CVE), about 90,000 new codes were registered from 2015 to 2020. This indicates that security threats are increasing rapidly. When new security vulnerabilities occur, damage should be minimized by preparing countermeasures for them, but in many cases, companies are insufficient to cover the security management level and response system with a limited security IT budget. The reason is that it takes about a month for analysts to discover vulnerabilities through manual analysis, prepare countermeasures through security equipment, and patch security vulnerabilities. In the case of the public sector, the National Cyber Safety Center distributes and manages security operation policies in a batch. However, it is not easy to accept the security policy according to the characteristics of the manufacturer, and it takes about 3 weeks or more to verify the traffic for each section. In addition, when abnormal traffic inflow occurs, countermeasures such as detection and detection of infringement attacks through vulnerability analysis must be prepared, but there are limitations in response due to the absence of specialized security experts. In this paper, we proposed a method of using the security policy information sharing site "snort.org" to prepare effective countermeasures against new security vulnerability attacks.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.3
• /
• pp.605-612
• /
• 2011

Recently, cyber attacks against public communications networks are getting more complicated and varied. Moreover, in some cases, one country could make systematic attacks at a national level against another country to steal its confidential information and intellectual property. Therefore, the issue of cyber attacks is now regarded as a new major threat to national security. The conventional way of operating individual information security systems such as IDS and IPS may not be sufficient to cope with those attacks committed by highly-motivated attackers with significant resources. In this paper, we discuss the technologies and standard trends about actual cyber threat and response methods, design the collaborative response framework based on the security information sharing in the inter-domain environments. The computation method of network threat level based on the collaborative response framework is proposed. The network threats are be quickly detected and real-time response can be executed using the proposed computation method.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.11
• /
• pp.2459-2464
• /
• 2012

Many companies has led to the damage case being leaked to personal information by taking cyber attack. Also, planned hacking cases continues to increase for the purpose of acquiring monetary gain or causing social disruption induction, etc. Approximately 75% of the Web site attacks exploit the vulnerability of the application. Major security issue is to strengthen the S/W development security according to the legal basis. The members of the project team is the fact that the lack of recognition of application development security. In addition, passive response and security validation/testing, etc. throughout the SDLC to the entire area is insufficient. Therefore, rework due to the belated discovery of a defect has occurs. In this paper, we examine the case of the project step-by-step security activities by performing IT services companies. And, through this, we present security measures that can be applied to the step-wise real-world projects.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.595-598
• /
• 2014

The cyber attacks of recent attacks that target zero-day exploit security vulnerabilities before the security patch is released (Zero Day) attack, the web site is without the Lord. These attacks, those that use the vulnerability of security that is built into the software itself is in most cases, cyber attacks that use the vulnerability of the security of the source code, in particular, has a characteristic response that are difficult to security equipment. Therefore, it is necessary to eliminate the security vulnerability from step to implement the software to prevent these attacks. In this paper, we try to design a Secure Coding Guide support tool to eliminate the threat of security from the stage of implementation.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.4B
• /
• pp.592-598
• /
• 2010

A home network system is made up of subject of cyber attack from a variety factors of threatening, but also have security weakness in cases of hacking, vicious code, worm virus, DoS attack, tapping of communication network, and more. So, the necessity for a security protocol to protect user asset and personal information within a home network is gradually increasing. Thus, this paper designs and suggests a home network security protocol using user authentication and approach-control technology to prevent the threat by unauthorized users towards personal information and user asset in advance by providing the gradual authority to corresponding devices based on authorized information, after authorizing the users with a Public Key Certificate.

• Convergence Security Journal
• /
• v.21 no.1
• /
• pp.25-31
• /
• 2021

The purpose of this study was to keep the Security Control Center, which operates under a shift system, uninterrupted during the COVID-19 virus epidemic. Security facilities responding to cybersecurity threats are essential security facilities that must be operated 24 hours a day, 365 days a day in real time, and are critical to security operations and management. If security facilities such as infectious disease epidemic, system failure, and physical impact are closed or affected, they cannot respond to real-time cyberattacks and can be fatal to security issues. Recently, there have been cases in which security system facilities cannot be operated, such as the closure of facilities due to the COVID-19 virus epidemic and the availability of security systems due to the rainy season, and other cases need to be prepared. In this paper, we propose a plan to configure a security system facility as a multiplexing facility and operate it as an alternative in the event of a closed situation.

• Journal of Digital Contents Society
• /
• v.11 no.1
• /
• pp.79-89
• /
• 2010

The government and companies build a DDoS correspondence system hastily to protect assets from cyber threats. It has become more and more intelligent and advanced such as DDoS attack. However, when outbreaks of the social incidents such as 7.7 DDoS attack(2009.7.7) or cases of the direct damage occurred, information security systems(ISS) only become the issue in the short term. As usual, sustained investment about ISS is a negative recognition. Since the characteristic of ISS is hard to recognize the effectiveness of them before incidents occurs. Also, results of incidents occurred classify attack and detection. Detailed and objective measurement criterion to measure effectiveness and efficiency of ISS is not existed. Recently, it is progress that evaluation and certification about for the information security management system(ISMS). Since these works propose only a general guideline, it is difficult to utilize as a result of ISMS improvement for organization. Therefore, this paper proposes a framework to develop main criteria by a correspondence strategy and process. It is able to detailed and objective measurements.

• Journal of Convergence for Information Technology
• /
• v.9 no.3
• /
• pp.1-7
• /
• 2019

There are various cyber attacks on business PCs. In order to reduce the threat of PC security, we are preventing the vulnerability from being diagnosed beforehand. However, this guideline is difficult to cope with because the domestic vulnerability guide does not update the diagnostic items. In this paper, we examine the cyber infringement cases of PCs and the diagnostic items of foreign technical vulnerabilities in order to cope with security threats. In addition, an improved guide is provided by comparing the differences in the diagnostic items of technical vulnerability from abroad and domestic. Through 41 proposed technical vulnerability improvement items, it was found that various security threats can be coped with. Currently, it is mainly able to respond to only known vulnerabilities, but we hope that applying this guideline will reduce unknown security threats.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.3
• /
• pp.920-925
• /
• 2010

A home network system is made up of home devices and wire and wireless network can not only be the subject of cyber attack from a variety factors of threatening, but also have security weakness in cases of hacking, vicious code, worm virus, DoS attack, tapping of communication network, and more. As a result, a variety of problems such as abuse of private life, and exposure and stealing of personal information arose. Therefore, the necessity for a security protocol to protect user asset and personal information within a home network is gradually increasing. Thus, this dissertation designs and suggests a home network security protocol using user authentication and approach-control technology to prevent the threat by unauthorized users towards personal information and user asset in advance by providing the gradual authority to corresponding devices based on authorized information, after authorizing the users with a Public Key Certificate.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.821-834
• /
• 2019

As cyber security threats increase, there is a growing demand for highly reliable systems. Common Criteria, an international standard for evaluating information security products, requires formal specification and verification of the system to ensure a high level of security, and more and more cases are being observed. In this paper, we propose highly reliable drone systems that ensure high level security level and trust. Based on the results, we use formal methods especially Z/EVES to improve the system model in terms of scheduling in the system kernel.