• Proceedings of the Korean Society of Computer Information Conference
• /
• 2011.06a
• /
• pp.105-110
• /
• 2011

악의적 목적을 가진 Hacker는 Google의 검색 기능과 키워드 사용을 이용해 인터넷 상에 존재하는 개인정보를 탈취하거나 웹페이지의 취약성, 해킹 대상에 대한 정보들을 수집할 수 있다. Google의 검색 결과 인터넷에서는 수많은 개인정보가 검색되고, 이중에는 타인에게 노출되지 않아야 하는 개인의 이력서, 기업의 기밀자료, 관리자의 ID, Password 등도 인터넷 상에서 보안되지 않은 상태로 존재하고 있다. 본 논문에서는 Google을 이용한 정보검색과 정보탈취에 대해 연구하고, 개인 탈취 정보를 이용한 침해사고와 포렌식 자료 생성에 관한 기술과 보안방안을 제안한다. 본 논문 연구를 통하여 인터넷 검색 결과에 대한 보안 취약성 보완의 기술 발전과 기초자료로 활용될 것이다.

• Proceedings of the Korean Society of Disaster Information Conference
• /
• 2022.10a
• /
• pp.407-411
• /
• 2022

공항 시설에서 통틀어 보안이 가장 취약한 곳은 Landside이다. 항공기 테러가 빈번하던 시절에는 X-ray를 비롯한 검색기술의 수준이 높지 않았던 탓에 Hijacking이나 폭발물에 의한 피해가 많았었다. 물론 기술이 발전한 현대에 와서도 Hijacking이나 항공기 폭파 같은 테러가 발생하고 있지만 9.11테러 이전보다는 훨씬 감소한 상황이다. 최근에는 보안수준이 높은 Airside 보다 상대적으로 보안이 취약한 Landside에 대한 보안 강화가 필요하다. 그 이유는 테러의 유형이 협상의 여지가 없는 최대피해와 최대공포를 주는 방식으로 변화하고 있기 때문이다. 따라서 상대적으로 부담이 덜하고 유동인구가 많은 Landside가 Soft Target이 되었다. 이런 상황에서 대한민국 공항이 어떻게 대응해야 하는지 관련된 법을 중심으로 본 연구를 진행해 보고자 한다.

• Journal of Advanced Marine Engineering and Technology
• /
• v.39 no.3
• /
• pp.306-311
• /
• 2015

Recently, vessel hijacking by pirates has been a big issue around the world. In case of the hostages of M/V "SAMHO Jewelry" on January 20, 2011, the Korean Navy has rescued 21 seafarers by first naval operation with somalia pirates since establishment of the Navy. Also, in case of the "HANJIN Tianjin", all crews evacuated to the Citadel promptly when being attacking by pirates and were safely rescued by the navy. By the accident, Necessity of Citadel for seafarer on board ship came to the fore against pirates. Taking in account increasing pirates accident at sea, many research relating to pirates has been implementing with a view to responding to them so far. By amending the ship facility regulation in the domestic law on Jan. 2011, the installment of Citadel on board ship became mandatory for ocean going vessel serving pirates area. Hence, this paper provides new model of Citadel structure based on an Fire Dynamic simulation in order to improve personal safety in case of vessel hijacking.

• 제어로봇시스템학회:학술대회논문집
• /
• 2003.10a
• /
• pp.2151-2154
• /
• 2003

Internet is deeply rooted in everyday life and many things are performed using internet in real-world, therefore internet users increased because of convenience. Also internet accident is on the increase rapidly. The security vendor developed security system to protect network and system from intruder. Many hackings can be prevented and detected by using these security solutions. However, the new hacking methods and tools that can detour or defeat these solutions have been emerging and even script kids using these methods and tools can easily hack the systems. In consequence, system has gone through various difficulties. So, Necessity of intruder trace-back technology is increased gradually. Trace-back technology is tracing back a malicious hacker to his real location. trace-back technology is largely divided into TCP connection trace-back and IP packet trace-back to trace spoofed IP of form denial-of-service attacks. TCP connection trace-back technology that autonomously traces back the real location of hacker who attacks system using stepping stone at real time. In this paper, We will describe watermark trace-back system using TCP hijacking technique to supplement difficult problem of connection maintenance happened at watermark insertion. Through proposed result, we may search attacker's real location which attempt attack through multiple connection by real time.

• Journal of KIISE
• /
• v.44 no.6
• /
• pp.595-600
• /
• 2017

Android applications are composed of one or more components. The components within an application or several applications may interact with each other primarily through intents. Such interactions may cause security and reliability issues such as broadcast theft, activity hijacking, and intent spoofing. These problems need to be resolved through testing techniques using various interaction test scenarios before an application gets launched. However, with the existing test scenario generation approach, some infeasible test scenarios may be generated since they do not consider the re-execution order based on activity setting when pressing the back button. This paper proposes a test case generation technique which removes infeasible interaction paths by utilizing the activity stack information.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2011.11a
• /
• pp.142-143
• /
• 2011

As mentioned above, various safety measures are considered and discussed as hijacking of Korean vessels by pirates is increasing. Thus, the standard for ship's facilities has been partially revised and setting up an evacuation shelter on all vessels sailing dangerous zone has been reinforced. This research aims to discuss crew Citadel set up that has to sail long haul. In addition, measures against potential gas flow have to be taken due to recent pirate armed and portable rocket attacks. There is also a possibility of fire outbreak within the vessel due to its nature. Thus, this research assesses the relevant number of crew Citadel theoretically. It will also make a model by estimating the relevant number of shelters in the event of fire outbreak and implement simulation using FDS.

• Journal of Navigation and Port Research
• /
• v.36 no.1
• /
• pp.21-26
• /
• 2012

Recently, vessel hijacking by pirates has been a big issue around the world. For example, the hostages of VLCC "SAMHO Dream" were released for a large sum of ransom. On January 20, 2011 "SAMHO Jewelry" succeeded releasing all of the 21 crews on the vessel by attacking the pirates in international waters for the first time since the founding of the Naval Force. Furthermore, the "HANJIN Tianjin" crews evacuated to the Citadel promptly and were rescued by the navy. As hijacking of Korean vessels by pirates is increasing, various safety measures must be implemented. As a matter of fact, the standard for ship's facilities has been partially revised and setting up an evacuation shelter on all vessels sailing dangerous zone has been reinforced. This research aims to discuss crew Citadel installation on vessels intended for long haul. In addition, it will look at measures against potential gas flow in the event of pirate armed attacks and fire outbreak onboard a vessel. It will also assess the optimal number of crew Citadels theoretically. Lastly, the optimal number of shelters in the event of fire outbreak will be discussed based on an FDS simulation.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.10c
• /
• pp.469-471
• /
• 2002

인터넷의 급속한 발전은 우리 생활의 많은 변화를 가져왔다. 특히 사용상의 편리함과 유용성으로 인해 컴퓨터를 전공하지 않은 사랑도 쉽게 접속하여 사용할 수 있게 됨에 따라 악의적인 사용자도 증가하기 시작하였다. 따라서 본문에서는 악의적인 사용자의 접근을 차단할 수 있는 침입 차단 시스템을 설계하고 침입 차단 시스템의 취약점인 TCP Hijacking, IP Spoofing등에도 견딜 수 있는 침입 차단 시스템의 패킷필터링 모듈을 제안한다.

• The Journal of the Korea Contents Association
• /
• v.6 no.12
• /
• pp.29-39
• /
• 2006

With the increasing popularity of the wireless network, the vulnerability issue on IEEE 802.1x Wireless Local Area Network (WLAN) are more serious than we expected. Security issues range from mis-configured wireless Access Point(AP) such as session hijacking to Denial of Service(DoS) attack. We propose a new system based on intrusion detection or prevention mechanism to protect the wireless network against these attacks. The proposed system has a security solution on AP that includes an intrusion detection and protection system(IDS/IPS) as an embedded module. In this paper, we suggest integrated wireless IDS/IPS module on AP with wireless traffic monitoring, analysis and packet filtering module against malicious wireless attacks. We also present that the system provides both enhanced security and performance such as on the university wireless campus network.

• Convergence Security Journal
• /
• v.13 no.2
• /
• pp.155-163
• /
• 2013

Connection hijacking attack using the vulnerability of the TCP protocol to redirect TCP stream goes through your machine actively (Active Attack). The SKEY such as one-time password protection mechanisms that are provided by a ticket-based authentication system such as Kerberos or redirection, the attacker can bypass.Someone TCP connection if you have access on TCP packet sniffer or packet generator is very vulnerable. Sniffer to defend against attacks such as one-time passwords and token-based authentication and user identification scheme has been used. Active protection, but these methods does not sign or encrypt the data stream from sniffing passwords over insecure networks, they are still vulnerable from attacks. For many people, an active attack is very difficult and so I think the threat is low, but here to help break the illusion successful intrusion on the UNIX host, a very aggressive attack is presented. The tools available on the Internet that attempt to exploit this vulnerability, known as the recent theoretical measures is required. In this paper, we propose analysis techniques on a wireless network intruder detection.