• Convergence Security Journal
• /
• v.20 no.5
• /
• pp.75-80
• /
• 2020

Damage caused by ransomware has continued to increase since last year, but cyber operations are managed without any separate classification of ransomware types in the military's guidelines for carrying out cyber operations. However, unlike other malware, ransomware is a threat that could paralyze all defense operations in one moment, and the military should reevaluate ransomware and take countermeasures. Accordingly, this paper aims to analyze the assets, vulnerabilities, and threats related to defense information service based on information security risk management, and propose alternatives to ensure continuity of defense work from ransomware threats.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.3
• /
• pp.537-552
• /
• 2024

Domestic nuclear power plants operate under the establishment of the "Information System Security Regulations" in accordance with the Nuclear Safety Act, introducing and implementing a cybersecurity system that encompasses organizational structure as well as technical, operational, and managerial security measures for assets. Despite attempts such as phased approaches and alternative measures for physical protection systems, the reduction in managed items has not been achieved, leading to an increased burden on security capabilities due to limited manpower at the site. In the main text, an analysis is conducted on Type A1 assets performing nuclear safety functions using Maintenance Rules (MR) and EPRI Technical Assessment Methodology (TAM) from both a maintenance perspective and considering device characteristics. Through this analysis, approaches to re-evaluate the impact of cyber intrusions on asset functionality are proposed.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.27 no.8C
• /
• pp.748-757
• /
• 2002

Cyber-terror trials are increased in nowadays and these attacks are commonly using security vulnerability and information gathering method by variable services grew by the continuous development of Internet Technology. IDS's application environment is affected by this increasing Cyber Terror. General Network based IDS detects intrusion by signature based Intrusion Detection module about inflowing packet through network devices. Up to now security in network is commonly secure host, an regional issue adopted in special security system but these system is vulnerable intrusion about the attack in globally connected Internet systems. Security mechanism should be produced to expand the security in whole networks. In this paper, we analyzer the DARPA's program and study Infusion Detection related Technology. We design policy security framework for policy enforcing in whole network and look at the modules's function. Enforcement of security policy is acted by Intrusion Detection system on gateway system which is located in network packet's inflow point. Additional security policy is operated on-line. We can design and execute central security policy in managed domain in this method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.6
• /
• pp.1375-1391
• /
• 2012

Smart grid is a next-generation intelligent power grid that applying ICT to power grid to maximize the energy efficiency ratio. Recently, technologies and standards for smart grid are being developed around the world. Information security which is an essential part of smart grid development has to be managed continuously. Information security management system certification for organizational risk management has been implemented in Korea. Although preparation for information security management system certification which is applicable to smart grid is considered, there are no specific methods. This paper is to propose core and added evaluation criteria for Korean smart grid based on K-ISMS through comparative analysis between ISMS operated in Korea and smart grid information security management system developed in the United States. Added evaluation criteria enable smart grid related business that certified existing ISMS to minimize redundant and unnecessary certification assessment work.

• The Transactions of the Korea Information Processing Society
• /
• v.7 no.10
• /
• pp.3171-3181
• /
• 2000

With a remarkable growth and expansionof Internet, the security issues emerged from intrusions and attacks such as computer viruses, dental of servives and backings to destroy intormation have been considered as serious threats for Internet and the provate networks. To protect networks from those attacks, many nendors have developed various security systems such as firewalls, intrusion detection systems, and access control systems. However managing those systems individually requres too much work and high cost. Thus, integrated security managemanet and eatabliashment of consistent security policy for various security products has become more important. In this paper, we propose integrated security manabement system called WISMSF(Web based Integrated Security Management System for Fireswalls) to monitor and contro various kinds of firewalls WISMSF consists of three components-clients, integrated engine, and agents. It supports the transparent management functions of security products, easy ways of defining security policies, and simple expansion of managed ranges.

• Journal of Information Technology Services
• /
• v.21 no.4
• /
• pp.63-74
• /
• 2022

Globally researchers at medical institutions are actively sharing COHORT data of patients to develop vaccines and treatments to overcome the COVID-19 crisis. OMOP-CDM, a common data model that efficiently shares medical data research independently operated by individual medical institutions has patient personal information (e.g. PII, PHI). Although PII and PHI are managed and shared indistinguishably through de-identification or anonymization in medical institutions they could not be guaranteed at 100% by complete de-identification and anonymization. For this reason the security of the OMOP-CDM database is important but there is no detailed and specific OMOP-CDM security inspection tool so risk mitigation measures are being taken with a general security inspection tool. This study intends to study and present a model for implementing a tool to check the security vulnerability of OMOP-CDM by analyzing the security guidelines for the US database and security controls of the personal information protection of the NIST. Additionally it intends to verify the implementation feasibility by real field demonstration in an actual 3 hospitals environment. As a result of checking the security status of the test server and the CDM database of the three hospitals in operation, most of the database audit and encryption functions were found to be insufficient. Based on these inspection results it was applied to the optimization study of the complex and time-consuming CDM CSF developed in the "Development of Security Framework Required for CDM-based Distributed Research" task of the Korea Health Industry Promotion Agency. According to several recent newspaper articles, Ramsomware attacks on financially large hospitals are intensifying. Organizations that are currently operating or will operate CDM databases need to install database audits(proofing) and encryption (data protection) that are not provided by the OMOP-CDM database template to prevent attackers from compromising.

• Convergence Security Journal
• /
• v.3 no.3
• /
• pp.91-97
• /
• 2003

As increasing of Internet user and fast development of communication, many security problems occur. Because of Internet is design and development for speed not security, it is weak to attack from malicious user. furthermore attack is more developed to have high efficiency and intelligent. We proposed effective traceback system in network and consider that ability of constitution. Traceback by Selected Router system is consists of managed router and manager system. Selected router marks router ID to packet which passing selected router, and use this router ID for traceback and filtering. Consequently this system reduce damage of attack.

• International Journal of Internet, Broadcasting and Communication
• /
• v.15 no.4
• /
• pp.261-269
• /
• 2023

We propose to design a Holochain-based security and privacy protection system for resource-constrained IoT healthcare systems. Through analysis and performance evaluation, the proposed system confirmed that these characteristics operate effectively in the IoT healthcare environment. The system proposed in this paper consists of four main layers aimed at secure collection, transmission, storage, and processing of important medical data in IoT healthcare environments. The first PERCEPTION layer consists of various IoT devices, such as wearable devices, sensors, and other medical devices. These devices collect patient health data and pass it on to the network layer. The second network connectivity layer assigns an IP address to the collected data and ensures that the data is transmitted reliably over the network. Transmission takes place via standardized protocols, which ensures data reliability and availability. The third distributed cloud layer is a distributed data storage based on Holochain that stores important medical information collected from resource-limited IoT devices. This layer manages data integrity and access control, and allows users to share data securely. Finally, the fourth application layer provides useful information and services to end users, patients and healthcare professionals. The structuring and presentation of data and interaction between applications are managed at this layer. This structure aims to provide security, privacy, and resource efficiency suitable for IoT healthcare systems, in contrast to traditional centralized or blockchain-based systems. We design and propose a Holochain-based security and privacy protection system through a better IoT healthcare system.

• Journal of Convergence for Information Technology
• /
• v.7 no.3
• /
• pp.83-90
• /
• 2017

The purpose of this study is to solve the limitations that the information security manager of company should recognize the personal information of all employees. In this study, we propose efficient personal information retention status management system to minimize information retention status of personal information and department by information security manager and departmental information security officer. To do this, we study the method of transferring the check result from the PVA system to the efficient personal information retention management system, also study ways to minimize the amount of personal information we hold. It is possible to minimize the possession of personal information by changing the one channel method managed by the information security administrator of the existing PVA system to the two channel method so that the information security manager and the information security officer can manage it.

• Convergence Security Journal
• /
• v.9 no.4
• /
• pp.7-12
• /
• 2009

It is very difficult to completely block the DDoS attack, which paralyzes services by depleting resources or occupying the network bandwidth by transmitting a vast amount of traffic to the specific website or server from normal users' PCs that have been already infected by an outside attacker. In order to defense or endure the DDoS attack, we usually use various solutions such as IDS (Intrusion Detection System), IPS (Intrusion Prevention System), ITS (Intrusion Tolerance System), FW (Firewall), and the dedicated security equipment against DDoS attack. However, diverse types of security appliances cause the cost problem, besides, the full function of the equipments are not performed well owing to the unproper setting without considering connectivity among systems. In this paper, we present the effective connectivity of security equipments and countermeasure methodology against DDoS attack. In practice, it is approved by experimentation that this designed methdology is better than existing network structure in the efficiency of block and endurance. Therefore, we would like to propose the effective security control measures responding and enduring against discriminated DDoS attacks through this research.