• The Journal of the Korea institute of electronic communication sciences
• /
• v.14 no.2
• /
• pp.303-308
• /
• 2019

Spring framework is widely used as a base technology for e-government frameworks and to the extent it is a standard for web service development tools of Korean public institutions. However, recently, a remote code execution vulnerability(CVE-2018-1270) was found in an application using a spring framework. This paper proposes a method of analyzing the vulnerability experiment using a hacking scenario, Proof Of Concept(POC), in which the spring framework is a hazard to the server. We propose the patch to version 4.3.16 and version 5.0.5 or later as an ultimate response. It is also expected that the proposed experiment analysis on vulnerability of hacking scenario will be used as a data for improving performance of security programs and establishing a new authentication system.

• Nuclear Engineering and Technology
• /
• v.36 no.4
• /
• pp.346-356
• /
• 2004

14 Pressurized Water Reactors (PWR) in Korea use a remote monitoring system (RMS), which have been used in Korea since 1998. A Memorandum of Understanding on Remote Monitoring, based on Enhanced Cooperation on PWRs, was signed at the 10th Safeguards Review Meeting in October 2001 between the International Atomic Energy Agency (IAEA) and Ministry Of Science and Technology (MOST). Thereafter, all PWR power plants applied for remote monitoring systems. However, the existing method is high cost (involving expensive telephone costs). So, it was eventually applied to an Internet system for Remote Monitoring. According to the Internet-based Virtual Private Network (VPN) applied to Remote Monitoring, the Korea Atomic Energy Research Institute (KAERI) came to an agreement with the IAEA, using a Member State Support Program (MSSP). Phase I is a Lab test. Phase II is to apply it to a target power plant. Phase III is to apply it to all the power plants. This paper reports on the penetration testing of Phase I. Phase I involved both domestic testing and international testing. The target of the testing consisted of a Surveillance Digital Integrated System (SDIS) Server, IAEA Server and TCNC (Technology Center for Nuclear Control) Server. In each system, Virtual Private Network (VPN) system hardware was installed. The penetration of the three systems and the three VPNs was tested. The domestic test involved two hacking scenarios: hacking from the outside and hacking from the inside. The international test involved one scenario from the outside. The results of tests demonstrated that the VPN hardware provided a good defense against hacking. We verified that there was no invasion of the system (SDIS Server and VPN; TCNC Server and VPN; and IAEA Server and VPN) via penetration testing.

• Journal of the Korean Institute of Illuminating and Electrical Installation Engineers
• /
• v.26 no.7
• /
• pp.99-109
• /
• 2012

Sub-station, key equipment in electric power infrastructure, are being exposed to increasing risk of hacking. For this, soft redundancy sub-station system needs to be formulated with automatic restoration mechanism. For this it is important to assess the reliability of the applicable range of data that are used in actual system operation, as well as the methods and findings of the tests. At the same time performance of soft redundancy system and total security mechanism, which are aligned for the protection of the sub-station, need to be tested. For testing the above-mentioned, this paper presented a viable formation of a soft redundancy practical VPN system within a panel to protect the latter from hacking or cracking incidences, and conducts a test to check if the considered system actually serves the protection function in the actual operation setting, gathering evidence from the data from the testing of the actual performance of the system as well as of emergency scenario simulation operations. Because tested soft-redundancy & restorative sub-station system is expected to be widely applicable for various cases such as Smart-grid or electricity IT system, where VPN with enhanced level of security is required.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.8 no.9
• /
• pp.1313-1318
• /
• 2013

In order to actively respond to cyber attacks, not only the security systems such as IDS, IPS, and Firewalls, but also ESM, a system that detects cyber attacks by analyzing various log data, are preferably deployed. However, as the attacks be come more elaborate and advanced, existing signature-based detection methods start to face their limitations. In response to that, researches upon symptom detection technology based on attack modeling by employing big-data analysis technology are actively on-going. This symptom detection technology is effective when it can accurately extract features of attacks and manipulate them to successfully execute the attack modeling. We propose the ways to extract attack features which can play a role as the basis of the modeling and detect intelligent threats by carrying out scenario-based modeling.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2016.04a
• /
• pp.289-291
• /
• 2016

최근 정보통신기술의 눈부신 발전으로 사람-사람, 사람-사물, 사물-사물 각각을 연결하여 최대한의 시너지를 발휘하려는 움직임이 활발해지고 있다. 즉 일상생활에서 사용되는 자동차, 가전제품, 드론 등의 제품도 연결되어 통신하는 사물인터넷 시대가 도래 하고 있다. 머지않아 모든 기기가 연결되는 시대가 오면 물리적 보안 보다 논리적 보안이 중요해 질 것이다. 또한 사물인터넷 해킹은 정보보호라는 단위를 넘어 사람의 생명과 직결되는 해킹 피해가 발생할 위험이 있다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.27 no.1
• /
• pp.69-75
• /
• 2023

Small communication devices used in the Internet of Things are vulnerable to various hacking because they do not apply advanced encryption techniques due to their low memory capacity or slow computation speed. In order to increase the authentication reliability of small-sized transmitters operating in 433MHz band, we introduce an RF fingerprint and adopt a convolutional neural network (CNN) as a classification algorithm. The preamble signal transmitted by each transmitter are extracted and collected using software-defined-radio to constitute a training data set, which is used for training the CNN. We tested identification of 20 transmitters in four different scenarios and obtained high identification accuracy. In particular, the accuracy of 95.8% and 92.6% was obtained, respectively in the scenario where the test was performed at a location different from the transmitter's location at the time of collecting training data, and in the scenario where the transmitter moves at walking speed.

• Journal of Digital Convergence
• /
• v.20 no.4
• /
• pp.377-388
• /
• 2022

Metaverse, realistic virtual space technology has become a hot topic. However, due to the lack of an institutional system to the metaverse environment, concerns are rising over the leakage of industrial confidentiality, including digital assets produced, stored, processed, and transferred within the metaverse. Digital forensics, a technology to defend against hacking attacks in cyberspace, cannot be used in metaverse space, and there is no basis for calculating the extent of damage and tracking responsibility, making it difficult to respond to human resources leakage and cyberhacking effectively. In this paper, we define the scope of industrial confidentiality information and leakage scenario and propose policy and institutional measures based on problems in each metaverse scenario. As a result of the study, it was necessary to prepare a standardized law on Extra-territorial search and seizure issues and a system for collecting cryptocurrency evidence to respond to industrial confidentiality leaks in the metaverse. The study expects to contribute to industrial technology development by preparing in advance for problems that may arise in metaverse technology.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.2
• /
• pp.411-421
• /
• 2015

These days, a conversion of the fast-advancing ICT (Information and Communications Technologies) and the IoT (Internet of Things) has been in progress. However, these conversion Technology could lead to many of the security threat existing in the ICT environment. The security threats of car in the IoT environment could cause the property damage and casualty. There are the inadequate preparations for the car security and the difficulty of detection for the security threats by itself. In this paper, we proposed the decision-making framework for the anomaly detection and found out what are the threats of car in the IoT environment. The discrimination of the factor, path and type of threats from the attack against the car should take priority over the self-inspection and the swift handling of the attack on control system.

• The KIPS Transactions:PartC
• /
• v.9C no.4
• /
• pp.481-488
• /
• 2002

Guarantee of the data integrity is important to the Virtual Private Network (VPN) which can be improved cost decreasing and effective work by applying on Internet as the private network. Thus, the integrity function in the VPN must be maintained and the security manager must be check it occasionally. In this paper we propose the VPN Integrity Evaluation System (VIES) which is collecting, and evaluating automatically the vulnerable data of VPN against current hacking mechanisms in information security system. And this VIES obtain to the results which have objectivity and fairness of evaluation by driving off the evaluation scenario based on Common Criteria (CC), and general users or non-specialist can utilize easy the security evaluation of organization.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.245-248
• /
• 2011

Voice over Internet protocol(VoIP) is call's contents using the existing internet. Thus, in common with the Internet service has the same vulnerability. In addition, unlike traditional PSTN remotely without physical access to hack through the eavesdropping is possible. Cyber terrorism by anti-state groups take place when the agency's computer network and telephone system at the same time work is likely to get upset. In this paper is penetration testing for security threats(Call interception, eavesdropping, misuse of services) set out in the NIS in the VoIP. In addition, scenario writing and penetration testing, hacking through the Voice over Internet protocol at the examination center will study discovered vulnerabilities. Vulnerability discovered in Voice over Internet protocol presents an attack and defense plan.