• Journal of Information Technology Services
• /
• v.12 no.1
• /
• pp.289-308
• /
• 2013

This study proceeded to examine the cause of the continuous secret information leakage in the firms. The purpose of this study is to find out what type of security among administrative, technological and physical security would have important influence on firm's security performance such as the security-incident response competence. We established the model that can empirically verify correlation between those three types of security and the security-incident response competence. In addition, We conducted another study to look at relation between developing department of security in the firms and reaction ability at the accidents. According to the study, the administrative security is more important about dealing with the security-incident response competence than the rest. Furthermore, a group with department of security has better the security-incident response competence and shows higher competence in fixing or rebuilding the damage. Therefore, this study demonstrates that investing in administrative security will be effective for the firm security.

• Journal of Digital Convergence
• /
• v.13 no.10
• /
• pp.81-98
• /
• 2015

This study explores performance factors of a casino information system for foreigners, empirically examines the causal relation between these factors and business performances through organizational trust and job satisfaction and suggests a plan to develop such a information system. We found that information quality positively impacted on perception of information security, but negatively on job satisfaction; system quality positively did on security reliability, but negatively on job satisfaction; service quality positively did on trust in information security and job satisfaction; lastly security reliability positively did on job satisfaction. We found that information quality, system quality and service quality would affect perceived information security and job satisfaction.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.9 no.4
• /
• pp.135-141
• /
• 2013

String matching is one of the key algorithms in network security and many areas could be benefit from a faster string matching algorithm. Based on the most efficient string matching algorithm in sual applications, the Boyer-Moore (BM) algorithm, a novel algorithm called RQS is proposed. RQS utilizes an improved bad character heuristic to achieve bigger shift value area and an enhanced good suffix heuristic to dramatically improve the worst case performance. The two heuristics combined with a novel determinant condition to switch between them enable RQS achieve a higher performance than BM both under normal and worst case situation. The experimental results reveal that RQS appears efficient than BM many times in worst case, and the longer the pattern, the bigger the performance improvement. The performance of RQS is 7.57~36.34% higher than BM in English text searching, 16.26~26.18% higher than BM in uniformly random text searching, and 9.77% higher than BM in the real world Snort pattern set searching.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.2
• /
• pp.702-723
• /
• 2020

The application of machine learning (ML) in intrusion detection has attracted much attention with the rapid growth of information security threat. As an efficient multi-label classifier, kernel extreme learning machine (KELM) has been gradually used in intrusion detection system. However, the performance of KELM heavily relies on the kernel selection. In this paper, a novel multiple kernel extreme learning machine (MKELM) model combining the ReliefF with nature-inspired methods is proposed for intrusion detection. The MKELM is designed to estimate whether the attack is carried out and the ReliefF is used as a preprocessor of MKELM to select appropriate features. In addition, the nature-inspired methods whose fitness functions are defined based on the kernel alignment are employed to build the optimal composite kernel in the MKELM. The KDD99, NSL and Kyoto datasets are used to evaluate the performance of the model. The experimental results indicate that the optimal composite kernel function can be determined by using any heuristic optimization method, including PSO, GA, GWO, BA and DE. Since the filter-based feature selection method is combined with the multiple kernel learning approach independent of the classifier, the proposed model can have a good performance while saving a lot of training time.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.12C
• /
• pp.1707-1721
• /
• 2004

In this paper, we propose a distributed communication model of intrusion detection system(IDS) in which integrated security management at networks level is possible, model it at a security node and distributed system levels, design and implement a simulator. At the node level, we evaluate the transfer capability of alert message based on the analysis of giga-bit security node architecture which performs hardware-based intrusion detection. At the distributed system level, we perform the evaluation of transfer capability of detection and alert informations between components of distributed IDS. In the proposed model, we carry out the performance evaluation considering decision factors of communication mechanism and present the results in order to gain some quantitative understanding of the system.

• Journal of Digital Convergence
• /
• v.11 no.1
• /
• pp.47-60
• /
• 2013

This paper focuses on the role of international standards related to industrial technology and to analyze determinants to affect ISMS and its performance. Particularly its financial and operational performance were measured by survey aiming at an influence of certification and its performances. The variables explaining the performance were drawn out from factor analysis and then critical variables to affect performance were discovered by ANOVA and regression analysis. As a result of the analysis considering heteroscedastic and factor analysis, type of business and firm size were not significantly related to the performance but the existence of information security unit, investment in information security and the status of security consciousness in executives and employees were positively related. As a result, this study shows that security certification should be implemented with suitable capabilities and the investments to protect from leaking industrial technology and proved the importance of the security certification as an infrastructures and system.

• Journal of information and communication convergence engineering
• /
• v.7 no.3
• /
• pp.335-339
• /
• 2009

RFID security and privacy issues have been intensively studied in the research field, the authentication between RFID reader and tag is the fundamental them. Most of the existing authentication protocols draw assumptions on classic primitives. Since tags have small capacities, the security mechanisms which are in use in computer networks and communication are not suitable. In this paper, we compare and analyze recent technical research on the problems of privacy and security. It consists of security mechanism, threats and performance evaluation, etc.

• KNOM Review
• /
• v.22 no.2
• /
• pp.39-47
• /
• 2019

There are several big data-driven advanced research activities such as meteorological climate information, high energy physics, astronomy research, satellite information data, and genomic research data on KREONET. Since the performance degradation occurs in the environment with the existing network security equipment, methods for preventing the performance degradation on the high-performance research-only network and for high-speed research collaboration are being studied. In addition, the recent issue of quantum computers has been a threat to security using the existing encryption system. In this paper, we construct quantum cryptography-based communication network through environment construction and high-performance transmission test that build physical security through quantum cryptography-based communication network in end-to-end high-speed research network. The purpose of this study is to analyze the effect on network performance when performing physical encryption and to use it as basic data for constructing high-performance research collaboration network.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.8B
• /
• pp.525-534
• /
• 2005

This paper proposes the architecture and the methods of security network management for auto-configuration of security systems by extending the existing policy-based network management architecture. The architecture and the methods proposed in this paper enable a security management sewer to automatically decide the best-suited security policy to apply to a security system and the most effective and efficient security system to perform security policy rule, based on the role and capability information of security systems and the role and time information of security policy. For integrated control of network system and security system, this paper also proposes SNMP protocol based security network topology map generator. To show the excellence of the proposed architecture and methods, we simulate and evaluate the automatic response against attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.5
• /
• pp.1133-1143
• /
• 2012

Currently, Many Cyber Security Centers(CSC) are established and being operated in our country. But, in the absence of indicators to evaluate activities of the Managed Security Service(MSS), We can't identify the CSC's level of overall job performance. Therefore, we can't derive strengths and weaknesses from the CSC. From these reasons, The purpose of this research is to develop an objective indicator to evaluate activities of the MSS. I studied both international and domestic Information Security Management System(ISMS) as related standards(ISO/IEC 27001, G-ISMS). Moreover, I analysed the NIST Computer Security Incident Handing Guide and the Incident Management Capability Metrics(IMCM) of Carnegie Mellon Software Engineering Institute(SEI). The implications for this analysis and domestic hands-on experience are reflected in the research. So I developed 10 evaluation domains and 62 detail evaluation items. This research will contribute to our understanding the level of the CSC's job performance.