• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.249-252
• /
• 2011

National Information and Communication Services of Public Administration and Security organized by the 'A' group (Line service network), 'B' group (IP service network), 'C'Group (Voice over Internet protocol(VoIP) service, IP application services) are provided by constructing the infrastructure. National Information and Communications Services 'C' group, providers are providing VoIP services. In this paper, national information and communications service 'C' group, providers of domestic calls, international calls, including calls to move we will study the basic telephone service. And text messaging, video telephony, IP-Centrex services, etc. we will study the seven value-added services. In addition, national information and communication service providers on the status of the project based on the analysis of national information and communication Internet telephone network using Internet telephony is the type of analysis. In this study, national information and communications services industry, will serve as the basis for the development.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.6
• /
• pp.119-132
• /
• 2011

Mobile devices such as smart phones have brought big changes to be called as 'mobile big bang' against which we can't go. Mobile banking service and MTS(Mobile Trading System) are freely available at any time, anywhere and we are able to activate communications between financial company staffs out of the office and take care of business works even remotely by using mobile devices. Mobile devices are approaching as 'smart mobile innovation' to improve an enterprise productivity and competitiveness, but threats which engaged in unfair trading behaviors or unwholesome business works in finance companies are increasing and the customer's information can be leaked out by using the nonpublic official information and mobile devices. Therefore, we have to analyze the potential problems and take the necessary countermeasures with preemptive steps to protect the customer's information and improve the financial trading soundness and fairness. In this paper, we would like to suggest countermeasures and threats against using the financial company's mobile devices focusing on the financial investment companies by 'Capital Market and Financial Investment Business Act'.

• IEIE Transactions on Smart Processing and Computing
• /
• v.2 no.6
• /
• pp.357-366
• /
• 2013

Spectrum sensing, as a fundamental functionality of Cognitive Radio (CR), enables Secondary Users (SUs) to monitor the spectrum and detect spectrum holes that could be used. Recently, the security issues of Cognitive Radio Networks (CRNs) have attracted increasing research attention. As one of the attacks against CRNs, a Primary User Emulation (PUE) attack compromises the spectrum sensing of CR, where an attacker monopolizes the spectrum holes by impersonating the Primary User (PU) to prevent SUs from accessing the idle frequency bands. Energy detection is often used to sense the spectrum in CRNs, but the presence of PUE attack has not been considered. This study examined the effect of PUE attack on the performance of energy detection-based spectrum sensing technique. In the proposed protocol, the stationary helper nodes (HNs) are deployed in multiple stages and distributed over the coverage area of the PUs to deliver spectrum status information to the next stage of HNs and to SUs. On the other hand, the first stage of HNs is also responsible for inferring the existence of the PU based on the energy detection technique. In addition, this system provides the detection threshold under the constraints imposed on the probabilities of a miss detection and false alarm.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.19 no.4
• /
• pp.664-673
• /
• 2018

The industrial control system (ICS) has operated as a closed network in the past, but it has recently been linked to information and communications services and has been causing damage due to cyber attacks. As a countermeasure, the Information Communication Infrastructure Protection Act was enacted, but it cannot be applied to various real control environments because there is only a one-way policy-from a control network to a business network. In addition, IEC62443 defines an industrial control system reference model as an international standard, and suggests an area security model using a firewall. However, there is a limit to linking an industrial control network, operating as a closed network, to an external network only through a firewall. In this paper, we analyze the security model and research trends of the industrial control system at home and abroad, and propose an industrial control system security model that can be applied to the actual interworking environments of various domestic industrial control networks. Also, we analyze the security of firewalls, industrial firewalls, network connection equipment, and one-way transmission systems. Through a domestic case and policy comparison, it is confirmed that security is improved. In the era of the fourth industrial revolution, the proposed security model can be applied to security management measures for various industrial control fields, such as smart factories, smart cars, and smart plants.

• Journal of Internet Computing and Services
• /
• v.13 no.6
• /
• pp.33-40
• /
• 2012

The cloud service has become the significant factor to save the IT operation cost and to improve the productivities in companies. It was introduced to Korea for enterprise services of major companies in 2008. As the increase of recognition for its effect, more small businesses and public institutions plan to introduce the cloud computing services. The cloud computing researches have only focused on the security threats and response technologies to them. Therefore, this research analyzed the importances of responses to security threats in specific domains. The domains were divided into managerial, physical, and technical security. The specific factors in three domains were used for the analysis in this research as well. The ordered logit model was used for the analysis and the analysis results showed that physical security and managerial security are considered to be significantly important in the cloud computing security. The results also presented that the security policy, the control and surveillance to service infrastructure, and application security are highly important in the respect of specific factors. This research will contribute to enterprises or institutions in Korea, which want to introduce the cloud computing services, by aiding the establishment of effective security strategies.

• International Journal of Computer Science & Network Security
• /
• v.23 no.4
• /
• pp.95-102
• /
• 2023

The emergence of Internet of Things (IoT) into our daily lives has grown rapidly. It's been integrated to our homes, cars, and cities, increasing the intelligence of devices involved in communications. Enormous amount of data is exchanged over smart devices through the internet, which raises security concerns in regards of privacy evasion. This paper is focused on the forensics and intrusion detection on one of the most common protocols in IoT environments, especially smart home environments, which is the Message Queuing Telemetry Transport (MQTT) protocol. The paper covers general IoT infrastructure, MQTT protocol and attacks conducted on it, and multiple network forensics frameworks in smart homes. Furthermore, a machine learning model is developed and tested to detect several types of attacks in an IoT network. A forensics tool (MQTTracker) is proposed to contribute to the investigation of MQTT protocol in order to provide a safer technological future in the warmth of people's homes. The MQTT-IOT-IDS2020 dataset is used to train the machine learning model. In addition, different attack detection algorithms are compared to ensure the suitable algorithm is chosen to perform accurate classification of attacks within MQTT traffic.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.40 no.1
• /
• pp.8-14
• /
• 2003

In this paper, we investigate a rekey mechanism for a secure multicast group communications and relate the mechanism to the loss of information from group key exposal. We also combine cost for the information loss and cost for group key updates and analyze the optimum rekey interval. Using the results of the analysis in this paper, we can manage a secure multicast group efficiently with the minimal cost on the bases of number of group members, each member's security level and withdrawal rates.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.41 no.10
• /
• pp.1221-1232
• /
• 2016

Even though there have been a surge in demand for Internet addresses, but the existing IPv4 addresses are virtually depleted. Therefore, the conversion of IPv6 is being made consistently and the need for systematic situation grasp for IPv6 adoption through the measurement index of the IPv6 is on the rise. This study investigated domestic and overseas IPv6 usage measurement techniques and cases. Through evaluating existing measurement indices, this study derives the improved indices of measuring IPv6 usage and proposes the implementation methods of them.

• Convergence Security Journal
• /
• v.20 no.2
• /
• pp.59-68
• /
• 2020

In January 2020, the National Assembly passed the revisions of three bills which ease regulations on the use of personal information. The revised laws include the launch of an independent supervisory body, the arrangement of redundant regulations, and regulations for the development of the data economy. This paper analyzes the content and meaning of each law of the Three Revised Bills that Ease Regulations on the Use of Personal Information. And the future challenges outline three aspects: the establishment of a system to ensure the right to informational self-determination of privacy concerns, the establishment of a certification system and the presentation of reasonable guidelines, and the expectation of professional performance by the Personal Information Protection Commission.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.12 no.6
• /
• pp.2754-2759
• /
• 2011

With information communications and RFID/USN environments merged wire/wireless networks are generalized. In this viewpoint, WAP is used by communication protocol for the data communication in the field of wireless environment. WTLS developed for the secure communications optimize TLS adapted wireless environment in the TCP/IP internet protocol. But WTLS denote WAP security problem, end-to-end problem, and power consumption, etc. Therefore in this paper we proposed WTLS cryptographic algorithm eliminated WTLS disadvantages. Proposed algorithm solved power consumption, calculated complexity, and security problems because it is not unique but hybrid form.