• Journal of Internet Technology
• /
• 제21권1호
• /
• pp.249-264
• /
• 2020

Cellular (C) setups facilitate the connectivity amongst the devices with better provisioning of services to its users. Vehicular networks are one of the representative setups that aim at expanding their functionalities by using the available cellular systems like Long Term Evolution (LTE)-based Evolved Universal Terrestrial Radio Access Network (E-UTRAN) as well as the upcoming Fifth Generation (5G)-based functional architecture. The vehicular networks include Vehicle to Vehicle (V2V), Vehicle to Infrastructure (V2I), Vehicle to Pedestrian (V2P) and Vehicle to Network (V2N), all of which are referred to as Vehicle to Everything (V2X). 5G has dominated the vehicular network and most of the upcoming research is motivated towards the fully functional utilization of 5G-V2X. Despite that, credential management and edge-initiated security are yet to be resolved under 5G-V2X. To further understand the issue, this paper presents security management as a principle of sustainability and key-management. The performance tradeoff is evaluated with the key-updates required to maintain a secure connection between the vehicles and the 5G-terminals. The proposed approach aims at the utilization of high-speed mmWave-based backhaul for enhancing the security operations between the core and the sub-divided functions at the edge of the network through a dual security management framework. The evaluations are conducted using numerical simulations, which help to understand the impact on the sustainability of connections as well as identification of the fail-safe points for secure and fast operations. Furthermore, the evaluations help to follow the multiple tradeoffs of security and performance based on the metrics like mandatory key updates, the range of operations and the probability of connectivity.

• 한국정보보호학회:학술대회논문집
• /
• 한국정보보호학회 1997년도 종합학술발표회논문집
• /
• pp.265-273
• /
• 1997

Intranet is an enterprise network using Internet protocols as communication standard and HTML as content standard. The Internet is like a house built on information water. It has a lot of strong points as a future enterprise network. However, companies wish to have confidence in its functional and economic effectiveness and security before adopting it. The security issue especially is a problem to solve inevitably. Enterprises will hold back to adopt Intranet unless there are enough security counter plans and countermeasures against vulnerabilities of Intranet(it is the wise decision !). Nevertheless the researches related to Intranet has been concentrated on techniques for building it. In this paper, we focus the security aspect of Intranet. Intranet security must be considered on the whole from structure design to users' services. We propose a security-based Intranet structure and security management system.

• International Journal of Computer Science & Network Security
• /
• 제24권9호
• /
• pp.85-92
• /
• 2024

Information Security is the foremost concern for IoT (Internet of things) devices and applications. Since the advent of IoT, its applications and devices have experienced an exponential increase in numerous applications which are utilized. Nowadays we people are becoming smart because we started using smart devices like a smartwatch, smart TV, smart home appliances. These devices are part of the IoT devices. The IoT device differs widely in capacity storage, size, computational power, and supply of energy. With the rapid increase of IoT devices in different IoT fields, information security, and privacy are not addressed well. Most IoT devices having constraints in computational and operational capabilities are a threat to security and privacy, also prone to cyber-attacks. This study presents a CIA triad-based information security implementation for the four-layer architecture of the IoT devices. An overview of layer-wise threats to the IoT devices and finally suggest CIA triad-based security techniques for securing the IoT devices..Make sure that the abstract is written as one paragraph.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제16권6호
• /
• pp.1818-1832
• /
• 2022

Violence in the Internet era poses a new challenge to the current counter-riot work, and according to research and analysis, most of the violent incidents occurring are related to the dissemination of violence images. The use of the popular deep learning neural network to automatically analyze the massive amount of images on the Internet has become one of the important tools in the current counter-violence work. This paper focuses on the use of transfer learning techniques and the introduction of an attention mechanism to the residual network (ResNet) model for the classification and identification of violence images. Firstly, the feature elements of the violence images are identified and a targeted dataset is constructed; secondly, due to the small number of positive samples of violence images, pre-training and attention mechanisms are introduced to suggest improvements to the traditional residual network; finally, the improved model is trained and tested on the constructed dedicated dataset. The research results show that the improved network model can quickly and accurately identify violence images with an average accuracy rate of 92.20%, thus effectively reducing the cost of manual identification and providing decision support for combating rebel organization activities.

• International Journal of Computer Science & Network Security
• /
• 제22권10호
• /
• pp.237-245
• /
• 2022

The prominence of IoTs (Internet of Things) and exponential advancement of computer networks has resulted in massive essential applications. Recognizing various cyber-attacks or anomalies in networks and establishing effective intrusion recognition systems are becoming increasingly vital to current security. MLTs (Machine Learning Techniques) can be developed for such data-driven intelligent recognition systems. Researchers have employed a TFDNNs (Tensor Flow Deep Neural Networks) and DCNNs (Deep Convolution Neural Networks) to recognize pirated software and malwares efficiently. However, tuning the amount of neurons in multiple layers with activation functions leads to learning error rates, degrading classifier's reliability. HTFDNNs ( Hybrid tensor flow DNNs) and MRNs (Modified Residual Networks) or Resnet CNNs were presented to recognize software piracy and malwares. This study proposes HTFDNNs to identify stolen software starting with plagiarized source codes. This work uses Tokens and weights for filtering noises while focusing on token's for identifying source code thefts. DLTs (Deep learning techniques) are then used to detect plagiarized sources. Data from Google Code Jam is used for finding software piracy. MRNs visualize colour images for identifying harms in networks using IoTs. Malware samples of Maling dataset is used for tests in this work.

• 한국통신학회논문지
• /
• 제27권8C호
• /
• pp.748-757
• /
• 2002

인터넷의 지속적인 보급/발전과 인터넷을 이용한 다양한 서비스의 증대를 통해 네트워크를 통한 보안취약점 공격과 정보획득을 위한 사이버테러 시도가 증가하고 있는 추세이다. 이는 침입탐지시스템의 적용환경에도 많은 영향을 끼치게 되었다. 일반적인 네트워크 기반 침입탐지 시스템은 네트워크 디바이스를 통해 유입되는 패킷에 대하여 시그너춰 기반 침입 탐지 모듈을 통하여 침입을 탐지하게 된다. 현재까지의 네트워크상의 정보보호는 주로 보안 호스트, 특정 보안 시스템에 대한 지역적인 정보보호였으나 전세계에 연결된 인터넷 시스템들의 침해에 대한 방어능력이 취약한 상태이다. 특정 도메인에 국한하여 서브 네트워크 상에 적용되었던 보안을 네트워크 전체에 확장시킬 수 있는 보안 메커니즘이 제공되어야 한다. 본 논문에서는 이를 해결하기 위해 DARPA의 과제를 분석하고, 그 분석을 통한 침입탐지관련 기술을 살펴본다. 또한, 상기에 지적한 보안 문제점들을 해결하기 위해 Policy 기반으로 보안집행이 수행되는 정보보호 서비스 구조를 설계하고, 각 모듈별 제공 기능에 대하여 살펴본다. 보안정책의 집행은 AS내의 네트워크 유입지점인 게이트웨이 장치에 설치된 침입탐지시스템을 통해 수행되며, 추가되는 정책정보가 중앙의 보안제어서버를 통하여 실시간으로 반영되어 처리된다. 이를 통하여 관리도메인에 대한 집중적인 보안정책의 설계 및 집행이 수행된다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제10권6호
• /
• pp.2801-2816
• /
• 2016

Owing to their low scalability, weak support on big data, insufficient data collaborative analysis and inadequate situational awareness, the traditional methods fail to meet the needs of the security data analysis. This paper proposes visualization methods to fuse the multi-source security data and grasp the network situation. Firstly, data sources are classified at their collection positions, with the objects of security data taken from three different layers. Secondly, the Heatmap is adopted to show host status; the Treemap is used to visualize Netflow logs; and the radial Node-link diagram is employed to express IPS logs. Finally, the Labeled Treemap is invented to make a fusion at data-level and the Time-series features are extracted to fuse data at feature-level. The comparative analyses with the prize-winning works prove this method enjoying substantial advantages for network analysts to facilitate data feature fusion, better understand network security situation with a unified, convenient and accurate mode.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제9권4호
• /
• pp.1493-1515
• /
• 2015

A smart meter is one of the core components in Advanced Metering Infrastructure (AMI) that is responsible for providing effective control and monitor of electrical energy consumptions. The multifunction tasks that a smart meter carries out such as facilitating two-way communication between utility providers and consumers, managing metering data, delivering anomalies reports, analyzing fault and power quality, simply show that there are huge amount of data exchange in smart metering networks (SMNs). These data are prone to security threats due to high dependability of SMNs on Internet-based communication, which is highly insecure. Therefore, there is a need to identify all possible security threats over this network and propose suitable countermeasures for securing the communication between smart meters and utility provider office. This paper studies the architecture of the smart grid communication networks, focuses on smart metering networks and discusses how such networks can be vulnerable to security attacks. This paper also presents current mechanisms that have been used to secure the smart metering networks from specific type of attacks in SMNs. Moreover, we highlight several open issues related to the security and privacy of SMNs which we anticipate could serve as baseline for future research directions.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제12권12호
• /
• pp.6139-6160
• /
• 2018

For ease of use and access, web browsers are now being used to access and modify sensitive data and systems including critical control systems. Due to their computational capabilities and network connectivity, browsers are vulnerable to several types of attacks, even when fully updated. Browsers are also the main target of phishing attacks. Many browser attacks, including phishing, could be prevented or mitigated by using site-, user-, and device-specific security configurations. However, we discovered that all major browsers expose disparate security configuration procedures, option names, values, and semantics. This results in an extremely hard to secure web browsing ecosystem. We analyzed more than a 1000 browser security configuration options in three major browsers and found that only 13 configuration options had syntactic and semantic similarity, while 4 configuration options had semantic similarity, but not syntactic similarity. We: a) describe the results of our in-depth analysis of browser security configuration options; b) demonstrate the complexity of policy-based configuration of web browsers; c) describe a knowledge-based solution that would enable organizations to implement highly-granular and policy-level secure configurations for their information and operational technology browsing infrastructures at the enterprise scale; and d) argue for necessity of developing a common language and semantics for web browser configurations.

• International Journal of Computer Science & Network Security
• /
• 제22권6호
• /
• pp.75-82
• /
• 2022

Medical data is one of the data that must be kept in safe containers, far from intrusion, viewing and modification. With the technological developments in hospital systems and the use of cloud computing, it has become necessary to save, encrypt and even hide data from the eyes of attackers. Medical data includes medical images, whether they are x-ray images of patients or others, or even documents that have been saved in the image format. In this review, we review the latest research and the latest tools and algorithms that are used to protect, encrypt and hide these images, and discuss the most important challenges facing these areas.