• Convergence Security Journal
• /
• v.21 no.3
• /
• pp.13-23
• /
• 2021

The attacker's techniques and tools are becoming intelligent and sophisticated. Existing Anti-Virus cannot prevent security accident. So the security threats on the endpoint should also be considered. Recently, EDR security solutions to protect endpoints have emerged, but they focus on visibility. There is still a lack of detection and responsiveness. In this paper, we use real-world EDR event logs to aggregate knowledge-based MITRE ATT&CK and autoencoder-based anomaly detection techniques to detect anomalies in order to screen effective analysis and analysis targets from a security manager perspective. After that, detected anomaly attack signs show the security manager an alarm along with log information and can be connected to legacy systems. The experiment detected EDR event logs for 5 days, and verified them with hybrid analysis search. Therefore, it is expected to produce results on when, which IPs and processes is suspected based on the EDR event log and create a secure endpoint environment through measures on the suspicious IP/Process.

• Journal of the Korea Convergence Society
• /
• v.12 no.4
• /
• pp.9-21
• /
• 2021

The study aims to identify convergence and trends in technology-based patent data for the biohealth sector in IP5 countries (KR, EP, JP, US, CN) and present the direction of development in that industry. We used patent co-classification analysis-based network analysis and TF-IDF-based text mining as the principal methodology to understand the current state of technology convergence. As a result, the technology convergence cluster in the biohealth industry was derived in three forms: (A) Medical device for treatment, (B) Medical data processing, and (C) Medical device for biometrics. Besides, as a result of trend analysis based on technology convergence results, it is analyzed that Korea is likely to dominate the market with patents with high commercial value in the future as it is derived as a market leader in (B) medical data processing. In particular, the field is expected to require technology convergence activation policies and R&D support strategies for the technology as the possibility of medical data utilization by domestic bio-health companies expands, along with the policy conversion of the "Data 3 Act" passed by the National Assembly in January 2019.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.33 no.9B
• /
• pp.802-812
• /
• 2008

This paper proposes QoS Model which has tested and analyzed the capabilities of provisioning multimedia service in high speed Internet environment. We have tested quality measurement test for VoIP/MoIP, VoD, IPTV services and analyzed the level of QoS and QoS degradation by constructing test laboratory consisted of 46 subscribers which provided by 3 telecom operators. Besides, We propose QoS Model to apply for BcN application based on analysis result and prove proposed model by constructing test lab in KOREN environment. It is expected that telecom will use this results as a valuable information to construct All-IP network based on NGN(NGN:Next Generation Network).This paper proposes QoS Model which has tested and analyzed the capabilities of provisioning multimedia service in high speed Internet environment. It is expected that telecom will use this results as a valuable information to construct All-IP network based on NGN.

• Journal of Broadcast Engineering
• /
• v.13 no.4
• /
• pp.440-451
• /
• 2008

With the advent of IP-based multimedia service based on IP network, there is a rapidly increasing demand for IPTV. Unlike the previous coaxial cable based TV, IPTV provides a variety of convergence services based on IP newark. However, since the IPTV service quality is a lot affected by the network degradation such as packet loss and jitter, it may not be guaranteed. In this paper, we propose an objective measure for various degradations of IPTV-based videos considering subjective assessment. To this end, we first determine QoE(Quality of Experience) indicators, which can affect human visual perception. Then we develop the video quality metric for each QoE indicator. Subjective assessment based on MOS is conducted and used to construct mapping relationship between each measure and perceived visual quality. Experiments are performed on various videos to confirm the efficiency and robustness of the proposed method and show high correlation with subjective assessment.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.5 no.5
• /
• pp.477-486
• /
• 2010

This Study suggests security directions to reconstruct separate network of Smart Grid and information communication network as one communications system and implement Smart Grid integrated information communication network. In addition, it suggests prevention directions to prevent future cyber attacks by reorganizing network as the key three-stage network and separating TCP/IP four layers that consist of existing information communication network from Smart Grid. Moreover, it suggests the foundation for the study and the test by providing current problems of Smart Grid, weak points, and three security models. This study is meaningful to suggest development directions and situations as a technology of future-oriented electric industries, integrate attacks and preventions of TCP/IP Layers with Smart Grid, and seek for a new technology of Smart Grid and future tasks for Smart Grid information security.

• Journal of Digital Convergence
• /
• v.15 no.7
• /
• pp.201-211
• /
• 2017

Wireless network using dynamic IP and mobile IP technology provides the user with convenience of access and movement. However, this causes the attacker who disguises normal user(pretending to be a regular user) to have more opportunity in regard to access and acquisition of information. This paper help the network administrator and the service provider quickly to recognize the attacker's intention to access network and service. Therefore network administrator and service provider can specify and respond the location of the attacker appropriately. To achieve above, we define an entity (W_L_M) that manages user information of WiFi and LTE network, and propose messages and procedures for attacker's location identification and alarm. The performance evaluation of this paper is based on qualitative analysis. By using the proposed method, some cost (message creation, processing and transmission) occurred but it was analyzed to be less than the total network operation cost. The proposal of this paper is a management method that utilizes existing network information and structure. This method can be used as a reference material to enhance security.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.22 no.5
• /
• pp.654-666
• /
• 2019

The tactical network has several different characteristics compared with commercial internet network such as hierarchical topology, dynamic topology changing and wireless link based connectivity. For considering IP mobility management in the tactical network, current mobility management using Mobile IP(MIP) is not suitable with some reasons such as non-optimal routing paths and single point of failure. Proxy Mobile IP(PMIP) which supporting network-based mobility in hierarchical manner can provide optimal routing path in the tactical network environment, but centralized anchor is still remained a threat to the stability of the tactical network which changes its topology dynamically. In this paper, we propose PMIP-based distributed mobility management for the tactical network environment. From our design, routing paths are always configured in optimized way, as well as path is recovered quickly when the mobility anchor of user is failed. From numerical analysis, comparing to other mobility scheme, result shows that the proposed scheme can reduce packet transmission cost and latency in tactical network model.

• Journal of the Korea Convergence Society
• /
• v.13 no.3
• /
• pp.227-237
• /
• 2022

With the growing interest in convergence, there have been various attempts to measure convergence, but the definition of convergence is ambiguous and consensus on appropriate indicators has not been reached, so measurement of convergence is still at a rudimentary stage. In this study, using the KSIC-IPC linkage table developed by the Korean Intellectual Property Office to analyze the correlation and impact of patents, industry, economy, and population, we propose a new evaluation model that can evaluate industry convergence from patent data. In addition, it was verified whether the industry convergence derived from this properly reflects the corporate convergence characteristics. As a result of classifying the convergence of 39,740 patents owned by global major automobile companies, and evaluating the degree of convergence of each company, it was confirmed that the industry convergence derived using the KSIC-IPC linkage table better reflects the corporate convergence characteristics than the technology convergence classified by IPC co-classification. Therefore, the industry convergence data of automotive sector derived from the new industry convergence evaluation model using the KSIC-IPC linkage table is expected to be widely used for future convergence research.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.6
• /
• pp.2881-2894
• /
• 2018

Cyber attacks are increasing continuously. On average about one million malicious codes appear every day, and attacks are expanding gradually to IT convergence services (e.g. vehicles and television) and social infrastructure (nuclear energy, power, water, etc.), as well as cyberspace. Analysis of large-scale cyber incidents has revealed that most attacks are started by PCs infected with malicious code. This paper proposes a method of detecting an attack IP automatically by analyzing the characteristics of the e-mail transfer path, which cannot be manipulated by the attacker. In particular, we developed a system based on the proposed model, and operated it for more than four months, and then detected 1,750,000 attack IPs by analyzing 22,570,000 spam e-mails in a commercial environment. A detected attack IP can be used to remove spam e-mails by linking it with the cyber removal system, or to block spam e-mails by linking it with the RBL(Real-time Blocking List) system. In addition, the developed system is expected to play a positive role in preventing cyber attacks, as it can detect a large number of attack IPs when linked with the portal site.

• Journal of Korea Game Society
• /
• v.17 no.5
• /
• pp.61-70
• /
• 2017

The fusion of virtual and reality and the revolution of gamification are beginning in human culture. As the quaternary industrial revolution enters the era, major developments of convergence main content games are expected as human-made play products. Now that we need a diverse game IP, we need a methodology that makes it easy to approach game scenario creation. The creation of the game scenario has a very large difference due to interactivity with the general video scenario. Therefore, without interactive knowledge, it is difficult to challenge game scenario creation. In this paper, 'Game Scenario Creation List' was created in order to lower the barriers to entering game scenario creation. I hope that this paper will be even a little positive for the development of game contents.