• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.4
• /
• pp.655-666
• /
• 2013

As the capacity of storage devices becomes larger, most users divide them into several logical partitions for convenience of storing and controlling data. Therefore, recovering partitions stably which are artificially hidden or damaged is the most important issue in the perspective of digital forensic. This research suggests partition recovery algorithm that makes stable and effective analysis using characteristics of each file system. This algorithm is available when partition is not distinguishable due to concealment of partition or damage in partition area.

• Journal of Information Processing Systems
• /
• v.20 no.2
• /
• pp.252-262
• /
• 2024

The multi-hop wireless sensor network (WSN) suffers from energy limitation and eavesdropping attacks. We propose a simple and energy-efficient convergecast mechanism using inter-flow random linear network coding that can provide confidentiality to the multi-hop WSN. Our scheme consists of two steps, constructing a logical tree of sensor nodes rooted at the sink node, with using the Bloom filter, and transmitting sensory data encoded by sensor nodes along the logical tree upward to the sink where the encoded data are decoded according to our proposed multi-hop network coding (MHNC) mechanism. We conducted simulations using OMNET++ CASTALIA-3.3 framework and validated that MHNC outperforms the conventional mechanism in terms of packet delivery ratio, data delivery time and energy efficiency.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.12 no.5
• /
• pp.737-746
• /
• 2017

In 2017, amid changes in the security market such as integrated security (IS) and convergence security (CS), a variety of security paradigms in terms of operation and management have been suggested. Rather than changing existing network infrastructure and bringing about fluid, multi-dimensional changes, these solutions and technologies focus entire security capacity on a primary protection, leading to network infrastructure suffering from unexpected inherent violations and problems in a continued manner. Therefore, it is time to propose and develop a flexible network section that can protect from attacks of similar pattern and concentrated traffic attacks by applying a new concept of WB (Water-Bubble) to network infrastructure and analyzing on the basis of experiment and installation. Methodology of the WB-based highly secure flexible network section proposed in this study is expected to provide materials for studies on how to achieve network section security taking into account three major limitations and security standards: fluidity, unpredictability, and non-area scalability by contact point ratio, by changing a network area predicted to be the final target of attack into resonant network section (area) with flexible area changes.

• International Journal of Computer Science & Network Security
• /
• v.21 no.3
• /
• pp.191-197
• /
• 2021

Ensuring the economic security of agro-industrial complexes of Ukrainian regions has become a top-priority task of state regional policy, as their stable functioning is an essential element of economic security of the whole country. It is overcoming threats to the development of the agro-industrial complex that ensures its further effective functioning and has a significant impact on the economic security of our state. Methods: logical method; methods of system analysis; synthesis; economic and statistical method; method of expert assessment; SWOT analysis; economic and mathematical modelling and planning. Results. Characteristic features of economic security have been given. The essence and significance of the agro-industrial complex in improving the economic security of the state have been determined. It has been noted that in recent years, the agro-industrial complex, which acts as a driver of the domestic economy and has a direct impact on the development of the country, has been growing (in 2019 the cereal and legume harvest exceeded 75 million tons, 20,269 thousand tons of potatoes were dug, more than 15 million tons of sunflower, 9,688 thousand tons of vegetables and 2,119 thousand tons of fruits and berries were harvested, meat and egg production increased by 137.5 thousand tons (or 5.8%) and 545.5 million pieces (or 3.4%), respectively, the number of employed population in agriculture increased by 139.8 thousand people (or 4.9%), the labour productivity in crop production increased by UAH 294.4 thousand (or 44.6%), in livestock production - by UAH 311.3 thousand (or 61.8%)). Based on the system of production and economic indicators, the analysis of the state of the agro-industrial complex has been carried out. Taking into account the results of the obtained data and using SWOT-analysis, the major threats to the development of the agro-industrial complex have been identified. Ways of overcoming threats enhancing the economic security of Ukraine have been proposed.

• Journal of Digital Convergence
• /
• v.11 no.2
• /
• pp.43-50
• /
• 2013

Recently, Cyber threats that is doing intelligence and sophistication from the organization's information assets to secure order technical disciplines, as well as managerial and environmental sectors, such as mind-response system is must established. In this paper, possible to analyze the case for the theory in network security, such as the logical network and physical network separation suitable for the corporate environment and constantly respond and manage the Information Security Management Model A secure network design is proposed. In particular, the proposed model improvements derived from the existing network, network improvements have been made in order to design improved ability to respond to real-time security and central manageability, security threats, pre-emptive detection and proactive coping, critical equipment in the event of a dual hwalreu through applied features such as high-availability, high-performance, high-reliability, ensuring separation of individual network security policy integrated management of individual network, network security directional.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.1
• /
• pp.83-102
• /
• 2024

Recently, as the use of the cloud increases year by year and remote work within the enterprise has become one of the new types of work, the security of the cloud-based remote work environment has become important. The introduction of zero trust is required due to the limitations of the existing perimeter security model that assumes that everything in the internal network is safe. Accordingly, NIST and DoD published standards related to zero trust architecture, but the security requirements of that standard describe only logical architecture at the abstract level. Therefore, this paper intends to present more detailed security requirements compared to NIST and DoD standards by performing threat modeling for OpenStack clouds. After that, this research team performed a security analysis of commercial cloud services to verify the requirements. As a result of the security analysis, we identified security requirements that each cloud service was not satisfied with. We proposed potential threats and countermeasures for cloud services with zero trust, which aims to help build a secure zero trust-based remote working environment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.2
• /
• pp.786-799
• /
• 2018

Recently, NFV has attracted attention as a next-generation network virtualization technology for hardware -independent and efficient utilization of resources. NFV is a technology that not only virtualize computing, server, storage, network resources based on cloud computing but also connect Multi-Tenant of VNFs, a software network function. Therefore, it is possible to reduce the cost for constructing a physical network and to construct a logical network quickly by using NFV. However, in NFV, when a new VNF is added to a running Tenant, authentication between VNFs is not performed. Because of this problem, it is impossible to identify the presence of Fake-VNF in the tenant. Such a problem can cause an access from malicious attacker to one of VNFs in tenant as well as other VNFs in the tenant, disabling the NFV environment. In this paper, we propose Auto-configurable Security Mechanism in NFV including authentication between tenant-internal VNFs, and enforcement mechanism of security policy for traffic control between VNFs. This proposal not only authenticate identification of VNF when the VNF is registered, but also apply the security policy automatically to prevent malicious behavior in the tenant. Therefore, we can establish an independent communication channel for VNFs and guarantee a secure NFV environment.

• Proceedings of the KIEE Conference
• /
• 1999.07c
• /
• pp.1253-1255
• /
• 1999

This paper presents database design and construction for VSECOMs (Voltage Security On-line Monitoring System). The database design has steps of requirements collection and analysis, conceptual design, logical design, and physical design. For interconnection between New EMS and VSECOMs to get the needed data, Snapshots in ORACLE are proposed. It proved the proposal to be compatible through the case study.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.6
• /
• pp.3299-3315
• /
• 2019

Deniable authentication (DA) is a protocol in which a receiver can generate an authenticator that is probabilistically indistinguishable from a sender. DA can be applied in many scenarios that require user privacy protection. To enhance the security of DA, in this paper, we construct a new deniable authenticated encryption (DAE) scheme that realizes deniable authentication and confidentiality in a logical single step. Compared with existing approaches, our approach provides proof of security and is efficient in terms of performance analysis. Our scheme is in an identity-based environment; thus, it avoids the public key certificate-based public key infrastructure (PKI). Moreover, we provide an example that shows that our protocol is applicable for e-voting systems.

• Asia pacific journal of information systems
• /
• v.23 no.4
• /
• pp.129-149
• /
• 2013

According to the development of new Information Technologies, firms consistently invest a significant amount of money in IT activities, such as establishing internal and external information systems. However, several anti-Information activities-such as hacking, leakage of information and system destruction-are also rapidly increasing, thus many firms are exposed to direct and indirect threats. Therefore, firms try to establish information security systems and manage these systems more effectively via an enterprise perspective. However, stakeholders or some managers have negative opinions about information security systems. Therefore, in this research, we study the relationship between multibusiness firms' performance and information security systems. Information security indicates physical and logical correspondence of information system department against threats and disaster. Studies on information security systems suggested frameworks such as IT Governance Cube and COBIT Framework to identify information security systems. Thus, this study define that information security systems is a controlled system on enterprise IT process and resource on IT Governance perspective rather than independent domain of IT. Thus, Information Security Systems should be understood as a subordinate concept of IT and business processes. In addition, this study incorporates information capability to information security system literature to show the positive relationship between Information Security Systems and Corporate Performance. The concept of information capability suggested that an interaction of human, information, technical and an effect on corporate performance using three types of capability (IT Practice, Information Management Practice, Information Behaviors and Values). Information capability is about firms' capability to manage IT infrastructure and information as well as individual employees who use IT infrastructure and information. Thus, this study uses information capability as a mediating variable for the relationship between information security systems and firms' performance. To investigate the relationship between Information Security Systems and multibusiness firms' performance, this study extends the IT relatedness concept into Information Security Systems. IT relatedness provides understanding of how corporations cope with conflicts between headquarters and business units to create a synergy effect and achieve high performance using IT resources. Based on the previous literature, this study develops the IT Security Relatedness model. IT Security Relatedness is our main independent variable, while Information Capability and Information Security Performance are mediating variables. To control for the common method bias, we collect each multibusiness firm's financial performance and use it as our dependent variable. We find that Information Security Systems influence Information Capability and Information Security Performance positively, and these two variables consequently influence Corporate Performance positively. In addition, this result indirectly shows that corporations under a multibusiness environment can obtain synergy effects using the integrated Information Security Systems. This positive impact of Information Security Systems on multibusiness firms' performance has an important implication to various stakeholders. Therefore, multibusiness firms need to establish Information Security Systems to achieve better financial performance.