• Convergence Security Journal
• /
• v.3 no.2
• /
• pp.85-97
• /
• 2003

At the end of last January, 2003, a domestic top-level domain name server (DNS) shut down the server and it caused the wired and wireless internet services to be completely paralyzed in the aftermath of a virus attack incurring a various range of losses nationwide. The main reason of this event is the lack of our awareness of cyber security. In particular, in the small-scale network, there are few security administrators and no operating devices to protect information as well. Under this circumstance, using ESM center to service real-time security supervision and correspondence for network, it can be one option. However, due to the economic efficiency, most of security systems have been being developed focusing on the large-scale network first. Therefore, ESM centers which inspect security state of network concentrate on IDC or large-scale network services. This dissertation studies economical ESM service by designing exclusive SnSA for small-scale network for widespread use. Firstly, network invasion feeler function N_SnSA and host invasion feeler function H_SnSA are embodied to collect more informations in the small-scale network. Secondarily, the existing vulnerability is studied to find the solutions linked with a low cost to a Public center such as Kyonggi Univ ESM center.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.6
• /
• pp.283-290
• /
• 2015

As society has evolved to the knowledge and information society, the importance of internal information of the company has increased gradually. Especially in financial institutions which must maintain the trust of customers, the disclosure of inside information is a big problem beyond the a company's business information disclosure level to break down sales-based businesses because it contains personal or financial transaction information. Recently, since massive outflow of internal information are occurring in several enterprises, many companies including financial companies have been working a lot in order to prevent the leakage of customer information. This paper describes the internal information leakage incidents occurred in the finance companies, the PC security vulnerabilities exists despite the main security system and internal information leakage prevention and suggests countermeasures against increasing cyber infringement threats.

• Convergence Security Journal
• /
• v.22 no.1
• /
• pp.129-134
• /
• 2022

A smart platform is defined as an evolved platform that realizes physical and virtual space into a hyper-connected environment by combining the existing platform and advanced IT technology. The hyper-connection that is the connection between information and information, infrastructure and infrastructure, infrastructure and information, or space and service, enables the realization and provision of high-quality services that significantly change the quality of life and environment of users. In addition, it is providing everyone with the effect of significantly improving the social safety net and personal health management level by implementing smart government and smart healthcare. A lot of information produced and consumed in these processes can act as a factor threatening the basic rights of the public and individuals by the informations themselves or through big data analysis. In particular, as the smart platform as a core function that forms the ecosystem of a smart city is naturally and continuously expanded, it faces a huge security burden in data processing and network operation. In this paper, platform components as core functions of smart city and appropriate security threats and countermeasures are studied.

• The Korean Journal of Community Living Science
• /
• v.26 no.2
• /
• pp.375-386
• /
• 2015

This study examines the effects of parent-child attachment across the child's life from a life-span developmental perspective. The study investigates the effects of a child's attachment to his or her mother in childhood on his or her school attachment as an adult student and explores the role of self-esteem as a mediator of the relationship between these two variables. A total of 529 S Cyber University students taking social welfare classes participated in this study. These students completed a questionnaire about their present level of self-esteem, attachment to their mother in childhood, and school adjustment. According to the SEM results, adult students' self-esteem fully mediated the relationship between their mother-child attachment in childhood and their school adjustment in adulthood. Attachment security for the mother in childhood was related to the child's own internal working model, and positive self-esteem was related to school adjustment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.5-16
• /
• 2019

Modern state-of-the-art military aviation assets are operated with independent embedded real-time operating systems(RTOS). These embedded systems are made with a high level of information assurance. However, once the systems are introduced and installed on individual platforms for sustaining operational employment, the systems are not actively managed and as a result the platforms become exposed to serious threats. In this paper, we analyzed vulnerability factors in the processing of mission planning data and maintenance-related data for fighter aircraft. We defined the method and form of cyber attacks that modulate air data using these vulnerabilities. We then proposed a detection module for integrity detection. The designed module can preemptively respond to potential cyber threats targeting high - value aviation assets by checking and preemptively responding to malware infection during flight data processing of fighter aircraft.

• International Journal of Computer Science & Network Security
• /
• v.23 no.11
• /
• pp.99-109
• /
• 2023

The darknet is frequently referred to as the hub of illicit online activity. In order to keep track of real-time applications and activities taking place on Darknet, traffic on that network must be analysed. It is without a doubt important to recognise network traffic tied to an unused Internet address in order to spot and investigate malicious online activity. Any observed network traffic is the result of mis-configuration from faked source addresses and another methods that monitor the unused space address because there are no genuine devices or hosts in an unused address block. Digital systems can now detect and identify darknet activity on their own thanks to recent advances in artificial intelligence. In this paper, offer a generalised method for deep learning-based detection and classification of darknet traffic. Furthermore, analyse a cutting-edge complicated dataset that contains a lot of information about darknet traffic. Next, examine various feature selection strategies to choose a best attribute for detecting and classifying darknet traffic. For the purpose of identifying threats using network properties acquired from darknet traffic, devised a hybrid deep learning (DL) approach that combines Recurrent Neural Network (RNN) and Bidirectional LSTM (BiLSTM). This probing technique can tell malicious traffic from legitimate traffic. The results show that the suggested strategy works better than the existing ways by producing the highest level of accuracy for categorising darknet traffic using the Black widow optimization algorithm as a feature selection approach and RNN-BiLSTM as a recognition model.

• Journal of the Korea Society for Simulation
• /
• v.24 no.1
• /
• pp.17-24
• /
• 2015

Smart grid is a modernized electrical grid that uses information and communication technologies to gather and act on information, such as information about the behaviors of suppliers and consumers, in an automated fashion to improve the efficiency, reliability, economics, and sustainability of the production and distribution of electricity. However, with the advent of cyber crime, there are also concerns on the security of the infrastructure, primarily that involving communications technologies. In this work, we make an in-depth investigation on the issue of security services and network loads on Smart grid. Through simulation, we analyze the relations between security services and network loads. The experimental results of this study will contribute toward designing an advanced Smart grid system that offers better quality of services. Also, the approach proposed in this study can be utilized to derive new and valuable insights in security aspects.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.6
• /
• pp.1489-1497
• /
• 2018

Web application services have diversified. At the same time, research on intrusion detection is continuing due to the surge of cyber threats. Also, As a single-defense system evolves into multi-level security, we are responding to specific intrusions by correlating security events that have become vast. However, it is difficult to check the OS, service, web application type and version of the target system in real time, and intrusion detection events occurring in network-based security devices can not confirm vulnerability of the target system and success of the attack A blind spot can occur for threats that are not analyzed for problems and associativity. In this paper, we propose the validation of effectiveness for intrusion detection events using TF-IDF. The proposed scheme extracts the response traffics by mapping the response of the target system corresponding to the attack. Then, Response traffics are divided into lines and weights each line with an TF-IDF weight. we checked the valid intrusion detection events by sequentially examining the lines with high weights.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.1
• /
• pp.171-182
• /
• 2014

Common Criteria is a scheme that minimize IT products's vulnerabilities in accordance with the evaluation assurance level. SSDLC(Secure Software Development Lifecycle) is a methodology that reduce the weakness that can be used to generate vulnerabilities of software development life cycle. However, Common Criteria does not consider certificated IT products's vulnerabilities after certificated it. So, it can make a problem the safety and reliability of IT products. In addition, the developer and the evaluator have the burden of duplicating evaluations of IT products that introduce into the government business due to satisfy both Common Criteria and SSDLC. Thus, we researched the relationship among the Common Criteria, the static code analysis tools, and the SSDLC. And then, we proposed how to combine SSDLC into Common Criteria.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.10a
• /
• pp.398-401
• /
• 2014

Due to recent arise of cybercrime, importance of cyber security is highlighted more than ever. Korean government has been running Korea Cryptographic Module Validation Program, namely KCMVP, to validate security level of cryptographic modules for public organizations: indeed, many are achieving the validation. According to the program, operating environments for any specific cryptographic module are fixed. In other words, running validated module in other software environment is strictly prohibited. However, this paper asserts that it is possible for a C language based module to operate in Java based environment as long as the module is running on a validated environment. We expect this paper to help saving great amount of money and time for developing another cryptographic modules for the same operating environment. Also, this method will provide an idea for developing faster modules.