• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.12
• /
• pp.4531-4544
• /
• 2021

Because the traditional network information security vulnerability risk assessment method does not set the weight, it is easy for security personnel to fail to evaluate the value of information security vulnerability risk according to the calculation value of network centrality, resulting in poor evaluation effect. Therefore, based on the network security data element feature system, this study designed a quantitative assessment method of network information security vulnerability detection risk under single transmission state. In the case of single transmission state, the multi-dimensional analysis of network information security vulnerability is carried out by using the analysis model. On this basis, the weight is set, and the intrinsic attribute value of information security vulnerability is quantified by using the qualitative method. In order to comprehensively evaluate information security vulnerability, the efficacy coefficient method is used to transform information security vulnerability associated risk, and the information security vulnerability risk value is obtained, so as to realize the quantitative evaluation of network information security vulnerability detection under single transmission state. The calculated values of network centrality of the traditional method and the proposed method are tested respectively, and the evaluation of the two methods is evaluated according to the calculated results. The experimental results show that the proposed method can be used to calculate the network centrality value in the complex information security vulnerability space network, and the output evaluation result has a high signal-to-noise ratio, and the evaluation effect is obviously better than the traditional method.

• International Journal of Computer Science & Network Security
• /
• v.22 no.6
• /
• pp.67-74
• /
• 2022

One type of network security breach is the availability breach, which deprives legitimate users of their right to access services. The Denial of Service (DoS) attack is one way to have this breach, whereas using the Intrusion Detection System (IDS) is the trending way to detect a DoS attack. However, building IDS has two challenges: reducing the false alert and picking up the right dataset to train the IDS model. The survey concluded, in the end, that using a real dataset such as MAWILab or some tools like ID2T that give the researcher the ability to create a custom dataset may enhance the IDS model to handle the network threats, including DoS attacks. In addition to minimizing the rate of the false alert.

• International Journal of Computer Science & Network Security
• /
• v.21 no.9
• /
• pp.132-140
• /
• 2021

Under the mobile ad-hoc network system, the main reason for causing congestion is because of the limited availability of resources. On the other hand, the standardised TCP based congestion controlling mechanism is unable to control and handle the major properties associated with the shared system of wireless channels. It creates an effect on the design associated with suitable protocols along with protocol stacks through the process of determining the mechanisms of congestion on a complete basis. Moreover, when bringing a comparison with standard TCP systems the major environment associated with mobile ad hoc network is regraded to be more problematic on a complete basis. On the other hand, an agent-based mobile technique for congestion is designed and developed for the part of avoiding any mode of congestion under the ad-hoc network systems.

• 제어로봇시스템학회:학술대회논문집
• /
• 2005.06a
• /
• pp.1602-1605
• /
• 2005

An audit tracer is one of the last ways to defend an attack for network equipments. Firewall and IDS which block off an attack in advance are active way and audit tracing is passive way which analogizes a type and a situation of an attack from log after an attack. This paper explains importance of audit trace function in network equipment for security and defines events which we must leave by security audit log. We design and implement security audit system for secure router. This paper explains the reason why we separate general audit log and security audit log.

• Journal of the Korea Computer Industry Society
• /
• v.5 no.4
• /
• pp.427-434
• /
• 2004

Attacks such as hacking, a virus intimidating a system and a network are increasing recently. However, the existing system security or network management system(NMS) cannot be safe on various threats. Therefore, Firewall, IDS, VPN, LAS(Log Analysis System) establishes security system and has defended a system and a network against a threat. But mutual linkage between security systems was short and cannot prepare an effective correspondence system, and inefficiency was indicated with duplication of security. Therefore, an active security and an Enterprise Security Management came to need. An effective security network was established recently by Enterprise Security Management, Intrusion Tracking, Intrustion Induction. But an internetworking is hard for an enterprise security systems, and a correspondence method cannot be systematic, and it is responded later. Therefore, we proposes the active enterprise security management module that can manage a network safely in this paper.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.5
• /
• pp.1920-1937
• /
• 2015

Network environment has been under constant threat from both malicious attackers and inherent vulnerabilities of network infrastructure. Existence of such threats calls for exhaustive vulnerability analyzing to guarantee a secure system. However, due to the diversity of security hazards, analysts have to select from massive alternative hardening strategies, which is laborious and time-consuming. In this paper, we develop an approach to seek for possible hardening strategies and prioritize them to help security analysts to handle the optimal ones. In particular, we apply a Risk Flow Attack Graph (RFAG) to represent network situation and attack scenarios, and analyze them to measure network risk. We also employ a multi-objective genetic algorithm to infer the priority of hardening strategies automatically. Finally, we present some numerical results to show the performance of prioritizing strategies by network risk and hardening cost and illustrate the application of optimal hardening strategy set in typical cases. Our novel approach provides a promising new direction for network and vulnerability analysis to take proper precautions to reduce network risk.

• International Journal of Computer Science & Network Security
• /
• v.22 no.6
• /
• pp.310-318
• /
• 2022

Job offers have become more widespread and it has become easier and faster to apply for jobs through electronic recruitment platforms. In order to increase the protection of the data that is attached to the recruitment platforms. In this research, a proposed model was created through the use of hybrid encryption, which is used through the following algorithms: AES,Twofish,. This proposed model proved the effectiveness of using hybrid encryption in protecting personal data.

• International Journal of Computer Science & Network Security
• /
• v.24 no.3
• /
• pp.38-42
• /
• 2024

In this paper, we analyze the security of a self-recovery fragile watermarking scheme proposed by C. Wang et al. An attack against C. Wang et al.'s scheme is demonstrated. The theoretical and experimental results show that the proposed scheme is not secure against attacks.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.05a
• /
• pp.638-640
• /
• 2021

The network separation environment is a network security design system that separates the internal business network from the external Internet network. It separates the internal business network from the external Internet by separating it into a business network that is not connected to the network to which the Internet is connected. The network is separated, and it is a relatively secure network structure compared to Danilman in terms of security. However, there are frequent cases of infecting internal networks by using vulnerabilities in internal systems, network devices, and security devices. In this paper, we analyze the vulnerability of IT security threats in such a network isolation environment and provide technical measures for effective security monitoring.

• International Journal of Computer Science & Network Security
• /
• v.24 no.7
• /
• pp.63-72
• /
• 2024

This is an extended paper, focusing on the cost management for the organizations dealing with the crucial issues of security systems. Information Technology (IT) is an important and irreplaceable need of society and all working sector's success depends on IT to a greater extent; therefore maintaining security features is one of the most important aspects of IT. When security in the IT sector is discussed, Patch Management (P.Mgnt) has to be taken under account. P. Mgnt includes many concerns and areas to be described for IT security such as methods and problems in updating patch, methods of reducing security risks with P.Mgnt, methods of achieving economies of scale by controlling the operational costs and taking decisions in investing as and when necessary. This paper presents a general definition of Patch management, its benefits and management of working cost through theoretical models, also the paper gives methods of feeding techniques for microstrip patch antenna MPA, showing the contracting and non contracting methods.