• The Journal of Korean Association of Computer Education
• /
• v.13 no.6
• /
• pp.91-98
• /
• 2010

NAC(Network Access Control) has been developed as a solution for the security of end-point user, to be a target computer of worm attack which does not use security patch of OS and install Anti-Virus, which spreads the viruses in the Intra-net. Currently the NAC products in market have a sufficient technology of pre-connect, but insufficient one of post-connect which detects the threats after the connect through regular authentication. Therefore NAC users have been suffered from Zero-day attacks and malware infection. In this paper, to solve the problems in the post-connect step we generate the normal behavior profiles using the traffic information of each host, host information through agent, information of open port and network configuration modification through network scanner addition to authentication of host and inspection of policy violation used before. Based on these we propose the system to detect the hosts infected malware.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.2B
• /
• pp.91-97
• /
• 2006

As increasing the network bandwidth, the threat of a network also increases with emerging various new services. For a high-performance network security, It is generally used that high-speed packet classification methods which employ hardware like TCAM. There needs an method using these devices efficiently because they are expensive and their capacity is not sufficient. In this paper, we propose an efficient packet classification using a Ternary-CAM(TCAM) which is widely used device for high-speed packet classification in which we have applied Snort rule set for the well-known intrusion detection system. In order to save the size of an expensive TCAM, we have eliminated duplicated IP addresses and port numbers in the rule according to the partitioning of a table in the TCAM, and we have represented negation and range rules with reduced TCAM size. We also keep advantages of low TCAM capacity consumption and reduce the number of TCAM lookups by decreasing the TCAM partitioning using combining port numbers. According to simulation results on our TCAM partitioning, the size of a TCAM can be reduced by upto 98$\%$ and the performance does not degrade significantly for high-speed packet classification with a large amount of rules.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2022.06a
• /
• pp.308-309
• /
• 2022

The Ministry of Oceans and Fisheries is providing maritime safety services using combine limited artificial intelligence technologies through the operation of the Korean e-Navigation service, and research is needed to improve reliability and quality to secure the competitiveness of the system. However, linking real-time operating systems requires a separate system configuration that can be linked after processing personal information security with minimal performance impact. To solve this problem, this study will make a basic design of a big-data maritime information gateway system of the Korean e-Navigation service that minimizes the impact of performance and reflects the security of personal information.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2023.05a
• /
• pp.158-159
• /
• 2023

With the development and state-of-the-art of ocean satellites, wide-area management of the waters around Korea has become possible. In particular, in the field of ship operation, as autonomous navigation technology based on artificial intelligence and big data is being developed, there is a need for additional analysis and observation through ocean satellite data.. Researches that can combine ship operation with ocean satellite data include ship detection based on ocean satellites and ship navigation assistance using marine weather forecasting.

• Journal of the Korea Society of Computer and Information
• /
• v.24 no.10
• /
• pp.25-32
• /
• 2019

In this paper, we propose a method to apply the attack surface expansion through decoy traps to a protected server network. The network consists of a large number of decoys and protected servers. In the network, each protected server dynamically mutates its IP address and port numbers based on Hidden Tunnel Networking that is a network-based moving target defense scheme. The moving target defense is a new approach to cyber security and continuously changes system's attack surface to prevent attacks. And, the attack surface expansion is an approach that uses decoys and decoy groups to protect attacks. The proposed method modifies the NAT table of the protected server with a custom chain and a RETURN target in order to make attackers waste all their time and effort in the decoy traps. We theoretically analyze the attacker success rate for the protected server network before and after applying the proposed method. The proposed method is expected to significantly reduce the probability that a protected server will be identified and compromised by attackers.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2004.11a
• /
• pp.343-348
• /
• 2004

Since the destruction of World Trade Center the attention of the united States and the wider international community has focussed upon the need to strengthen security and prevent terrorism. This paper suggests an analysis prior to risk factor and structure for anti-terrorism in the korean maritime society. For this, in this paper, maritime terror risk factor was extracted by type and case of terror using brainstorming method. Also, risk factor is structured by FSM method and analyzed for ranking of each risk factor by AHP. At the result, the evaluation of risk factor is especially over maximum factor for related external impact.

• Journal of Navigation and Port Research
• /
• v.39 no.5
• /
• pp.431-438
• /
• 2015

The purpose of this paper is to analyze maritime piracy and its economic implications with particular attention to attacks registered in the Gulf of Aden, The paper also aims to investigate how the International community, along with Sovereign States, should allocate resources in order to make the seas a safer place and describe how closely inter-related maritime piracy, preventive and punitive measures put in place by Governments are. Elements of economics and ergonomics are taken into account in order to properly investigate the major legal issues relating to maritime security. The paper proposes a cost-benefit analysis in order to investigate in theory what is the rationale behind engaging in criminal behavior and recommend some solutions to the issue to be undertaken by the International community. It is concluded that in order to cost effectively fight piracy, a mix of more coordinated National and International laws, standardized and increased punishment levels among jurisdictions and extended patrol controls are needed.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2014.06a
• /
• pp.68-69
• /
• 2014

At the present, ship traffic monitoring and management are focused on the harbor area and the specified coastal zone in South Korea. It, however, is required that the Jurisdictional Sea Area of South Korea is monitored from two viewpoints: Safety and Security. Through a safe sea line (transport route) over the world, it is possible to expand our ocean economical territory. As a first step, we have been in field campaigns for integrated ship monitoring on the Ieodo Ocean Research Station in November 2013 after the first test in Gyunggi Bay.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2015.07a
• /
• pp.299-301
• /
• 2015

As the new notification of Ministry of Public Safety and Security on the management of coastal VTS has been effective since April $20^{th}$ this year, all pleasure ships over 2 tons with AIS device(Automatic Identification System) must be the objects given certain vessel traffic service. So Tong-yeong Coastal VTS which has the largest number of pleasure ship throughout the country tries to review some problems that have emerged since the beginning and require consideration in all its aspects to prevent any maritime incidents related with pleasure ships and contribute largely to making our sea safe.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2004.04a
• /
• pp.49-54
• /
• 2004

Ubiquitous computing support to use various informations through any machine which can connect the computer in any where and any time. Recently barcode and RFID which is improved business model to store large scale information and certify security in on- and off-line internet technology is applied the credit curd and payment service and so on However this technology has serious problem that RFID In this paper, we investigate method used example of 2D barcode and RFID and compare and analysis characteristics of recent technology to solve former problem in Ubiquitous environment.