• Journal of Internet of Things and Convergence
• /
• v.6 no.3
• /
• pp.31-37
• /
• 2020

The cloud computing industry is regarded as a key element of the ICT industry and an important industry that will be a watershed for the future development of ICT industry. Korea has established the 1st~2nd cloud computing development basic plan to induce the growth of the cloud industry. However, the domestic information security guide provides technical vulnerability analysis criteria for Unix and Windows servers, DBMS, network equipment, and security equipment, but fails to provide vulnerability analysis criteria for hypervisors that are key elements of cloud computing. Organizations that have deployed cloud systems will be able to assist in vulnerability analysis using the criteria presented in this paper.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.16 no.1
• /
• pp.79-92
• /
• 2020

As the number of systems increases and the network size increases, automated attack prediction systems are urgently needed to respond to cyber attacks. In this study, we developed four types of information gathering sensors for collecting asset and vulnerability information, and developed technology to automatically generate attack graphs and predict attack targets. To improve performance, the attack graph generation method is divided into the reachability calculation process and the vulnerability assignment process. It always keeps up to date by starting calculations whenever asset and vulnerability information changes. In order to improve the accuracy of the attack target prediction, the degree of asset risk and the degree of asset reference are reflected. We refer to CVSS(Common Vulnerability Scoring System) for asset risk, and Google's PageRank algorithm for asset reference. The results of attack target prediction is displayed on the web screen and CyCOP(Cyber Common Operation Picture) to help both analysts and decision makers.

• Convergence Security Journal
• /
• v.11 no.3
• /
• pp.3-10
• /
• 2011

Recently, due to a series of DDoS attacks, government agencies have enhanced security measures and business-related legislation. However, service attack and large network violations or accidents are most likely to occur repeatedly in the near future. In order to prevent this problem, researches must be conducted to predict the vulnerability in advance. The existing research methods do not state the specific data used for the base of the prediction, making the method more complex and imprecise. Therefore this study was conducted using the vulnerability data used for the basis of machine learning technology prediction, which were retrieved from a reputable organization. Also, the study suggested ways to predict the future vulnerabilities based on the weaknesses found in prior methods, and certified the efficiency using experiments.

• Convergence Security Journal
• /
• v.13 no.3
• /
• pp.47-54
• /
• 2013

Ad-hoc network is composed of mobile nodes and has a vulnerability of attack like on conventional wire networks. So, many studies have been conducted to apply the traceback mechanism on wire network to Ad-hoc network. In this paper, a new mechanism that can trace back to IP source of spoofing DDoS packet using iTrace message on Ad-hoc network is proposed. The proposed mechanism implements ICMP Traceback message and the traceback path between agents allocated in local network and a server located in management network. Also the proposed mechanism can trace the position of attacker even after an attack is over and has extendability through standardization by using a mechanism that IETF proposed. Result of performance evaluation shows a great improvement in terms of load, integrity, safety, traceback function as compared with conventional mechanisms.

• Convergence Security Journal
• /
• v.6 no.4
• /
• pp.29-40
• /
• 2006

Recent trends for cyber threat such as worm and virus exploit vulnerabilities inherent to main information communication infrastructures like the internet to achieve economical and political goals. It needs to develop checking programs for new vulnerabilities published in prompt and apply them to vulnerable systems for the defense of those cyber threats. In this paper, we study of methodologies for new vulnerability checking module development proper to user level. First, we analyze current 7 methodologies for the development of new vulnerability checking modules including GFI LANGuard and Nessus and then compare them. Second, We define and propose the 5 unique methodologies for the development of new vulnerability checking modules in depth. Finally, we induct the best methodology proper to a certain user level by assessing each methodology according to conditions which is set virtually.

• Journal of Digital Convergence
• /
• v.14 no.11
• /
• pp.313-318
• /
• 2016

Recently, the smart farm development using a PC and smart phone to manag the farm for improving competitiveness is in progress. In the smart farm, by using the various ICT technology including RFID, Wi-Fi, ZigBee, Wireless LAN, and etc., the growing environment of the crop and animals can be managed with the remote. By using the network including not only the TCP/IP based wired network but also ZigBee, Wireless LAN, and etc., each of the devices installed in the smart farm transmits the growing environment data to the server. So, smart farms have information and network security vulnerability. Therefore, we propose the method that analyzes the security vulnerability which can begenerated in the smart farm and user authentication method.

• Proceedings of the IEEK Conference
• /
• 1998.10a
• /
• pp.83-86
• /
• 1998

In recent years, security has been more and more significant in network environment. The internetworkding communication including ATM network will be exposed to all kinds of attacks, such as eavesdropping, spoofing, service denial and traffic analysis etc. So, in this paper, we focused on ATM network threats, security service and ATM security mechanisms for threats.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.8
• /
• pp.1989-2009
• /
• 2013

How to discover router vulnerabilities effectively and automatically is a critical problem to ensure network and information security. Previous research on router security is mostly about the technology of exploiting known flaws of routers. Fuzzing is a famous automated vulnerability finding technology; however, traditional Fuzzing tools are designed for testing network applications or other software. These tools are not or partly not suitable for testing routers. This paper designs a framework of discovering router protocol vulnerabilities, and proposes a mathematical model Two-stage Fuzzing Test Cases Generator(TFTCG) that improves previous methods to generate test cases. We have developed a tool called RPFuzzer based on TFTCG. RPFuzzer monitors routers by sending normal packets, keeping watch on CPU utilization and checking system logs, which can detect DoS, router reboot and so on. RPFuzzer' debugger based on modified Dynamips, which can record register values when an exception occurs. Finally, we experiment on the SNMP protocol, find 8 vulnerabilities, of which there are five unreleased vulnerabilities. The experiment has proved the effectiveness of RPFuzzer.

• Journal of Multimedia Information System
• /
• v.6 no.3
• /
• pp.139-146
• /
• 2019

This paper, wireless internet such as Wi-Fi has a vulnerability to security. Blockchain also means a 'Ledger' in which transaction information that occurs on a public or private network is encrypted and shared among the network participants. Blockchain maintains information integrity by making it impossible for a particular node to tamper with information arbitrarily, a feature that would result in changes in the overall blockchain hash value if any one transaction information that constitutes a block was changed. The complete sharing of information through a peer-to-peer network will also cripple hacking attempts from outside, targeting specialized nodes, and prepare for the "single point of failure" risk of the entire system being shut down. Due to the value of these Blockchain, various types of Blockchain are emerging, and related technology development efforts are also actively underway. Various business models such as public block chains such as Bitcoin, as well as private block chains that allow only certain authorized nodes to participate, or consortium block chains operated by a select few licensed groups, are being utilized. In terms of technological evolution, Blockchain also shows the potential to grow beyond cryptocurrency into an online platform that allows all kinds of transactions with the advent of 'Smart Contract'. By using Blockchain technology, the company makes suggestions to overcome the vulnerability of wireless Internet.

• International Journal of Computer Science & Network Security
• /
• v.22 no.7
• /
• pp.229-239
• /
• 2022

Today's Internet of Things (IoT) has had a dramatic increase in the use of various daily aspects. As a consequence, many homes adopt IoT technology to move towards the smart home. So, the home can be called smart when it has a range of smart devices that are united into one network, such as cameras, sensors, etc. While IoT smart home devices bring numerous benefits to human life, there are many security concerns associated with these devices. These security concerns, such as user privacy, can result in an insecure application. In this research, we focused on analyzing the vulnerabilities of IoT smart home cameras. This will be done by designing a new model that follows the STRIDE approach to identify these threats in order to afford an efficient and secure IoT device. Then, apply a number of test cases on a smart home camera in order to verify the usage of the proposed model. Lastly, we present a scheme for mitigation techniques to prevent any vulnerabilities that might occur in IoT devices.