• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.6
• /
• pp.3-13
• /
• 2004

Kvarnstrom et al. ${in}^{[10]}$ proposed a rule protection scheme by using one-way hash function to protect rules in security systems over ubiquitous environment. Son et at. ${in}^{[5-6]}$ also prooposed a rule protection scheme for Snort, which is one of the most common IDS. These schemes provide security only for the header information but not for its contents. To solve this problem, this paper presents a scheme based on the symmetric cryptosystem over Snort not only for the header information but also contents. This paper uses the key management based on PCMCIA security module proposed ${by}^{[12]}$ for the symmetric cryptosystem. Our scheme could be adjusted to other security systems, which use the rule based detection.

• ETRI Journal
• /
• v.44 no.2
• /
• pp.183-193
• /
• 2022

Smart cities are expected to provide residents with convenience via various agents such as CCTV, delivery robots, security robots, and unmanned shuttles. Environmental data collected by various agents can be used for various purposes, including advertising and security monitoring. This study suggests a surveillance map data framework for efficient and integrated multimodal data representation from multi-agents. The suggested surveillance map is a multilayered global information grid, which is integrated from the multimodal data of each agent. To confirm this, we collected surveillance map data for 4 months, and the behavior patterns of humans and vehicles, distribution changes of elevation, and temperature were analyzed. Moreover, we represent an anomaly detection algorithm based on a surveillance map for security service. A two-stage anomaly detection algorithm for unusual situations was developed. With this, abnormal situations such as unusual crowds and pedestrians, vehicle movement, unusual objects, and temperature change were detected. Because the surveillance map enables efficient and integrated processing of large multimodal data from a multi-agent, the suggested data framework can be used for various applications in the smart city.

• Journal of Korean Society for Quality Management
• /
• v.51 no.3
• /
• pp.435-444
• /
• 2023

Purpose: To attain advanced performance certification, safety aspects along with functionality and performance are essential. Hence, this study suggests radiation leakage assessment methods for aviation security equipment during its performance certification. Methods: Detection technology guided the choice of radiation leakage assessment targets. We then detailed measurement and evaluation methods based on equipment type and operation mode. Equipment was categorized as container or box types for establishing measurement procedures. Results: We've developed specific radiation leakage assessment procedures for different types of aviation security equipment, crucial for ensuring airport safety. Using these procedures allows efficient evaluation of compliance with radiation leakage standards. Conclusion: The suggested radiation leakage assessment method aims to enhance aviation security and reliability. Future research will focus on identifying risks in novel aviation security equipment detection technologies and establishing safety standards.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.4
• /
• pp.587-596
• /
• 2024

Cyber Attack and Cyber Threat are getting confused and evolved. Therefore, using AI(Artificial Intelligence), which is the most important technology in Fourth Industry Revolution, to build a Cyber Threat Detection System is getting important. Especially, Government's SOC(Security Operation Center) is highly interested in using AI to build SOAR(Security Orchestration, Automation and Response) Solution to predict and build CTI(Cyber Threat Intelligence). In this thesis, We introduce the Cyber Threat Detection System by analyzing Network Traffic and Web Application Firewall(WAF) Log data. Additionally, we apply the well-known TF-IDF(Term Frequency-Inverse Document Frequency) method and AutoML technology to classify Web traffic attack type.

• KEPCO Journal on Electric Power and Energy
• /
• v.4 no.2
• /
• pp.75-80
• /
• 2018

The smart city is developing an energy system efficiently through a common management of the city resource for the growth and a low carbon social. However, the smart city doesn't counter a verification effectively about a anomaly pattern detection when existing security technology (authentication, integrity, confidentiality) is used by fixed security key and key deodorization according to generated big data. This paper is proposed the "security nonce generation based on security nonce generation" for anomaly pattern detection of the adversary and a safety of the key is high through the key generation of the KDC (Key Distribution Center; KDC) for improvement. The proposed scheme distributes the generated security nonce and authentication keys to each facilities system by the KDC. This proposed scheme can be enhanced to the security by doing the external pattern detection and changed new security key through distributed security nonce with keys. Therefore, this paper can do improving the security and a responsibility of the smart city platform management data through the anomaly pattern detection and the safety of the keys.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.27 no.8C
• /
• pp.748-757
• /
• 2002

Cyber-terror trials are increased in nowadays and these attacks are commonly using security vulnerability and information gathering method by variable services grew by the continuous development of Internet Technology. IDS's application environment is affected by this increasing Cyber Terror. General Network based IDS detects intrusion by signature based Intrusion Detection module about inflowing packet through network devices. Up to now security in network is commonly secure host, an regional issue adopted in special security system but these system is vulnerable intrusion about the attack in globally connected Internet systems. Security mechanism should be produced to expand the security in whole networks. In this paper, we analyzer the DARPA's program and study Infusion Detection related Technology. We design policy security framework for policy enforcing in whole network and look at the modules's function. Enforcement of security policy is acted by Intrusion Detection system on gateway system which is located in network packet's inflow point. Additional security policy is operated on-line. We can design and execute central security policy in managed domain in this method.

• Journal of the Society of Disaster Information
• /
• v.10 no.2
• /
• pp.282-286
• /
• 2014

This study is to present an improvement of physical security system operation by survey on the install and operation of physical security system of 90 facilities. The level of CCTV operation is higher than Access Control system and Intrusion Detection System. But the level of maintenance and management of physical security system is low. The rate of install of X-ray Inspection device show the concern on material detection, although the rate is low. The level of install and operation for the Integration of physical security system is low, so integration of security personnel and security system is necessary for the effective operation. For reinforcement of access control management, security gate and preparing of some obstacles are required with RFID.

• The Journal of Society for e-Business Studies
• /
• v.23 no.4
• /
• pp.153-169
• /
• 2018

Previous e-financial anomalies analysis and detection technology collects large amounts of electronic financial transaction logs generated from electronic financial business systems into big-data-based storage space. And it detects abnormal transactions in real time using detection rules that analyze transaction pattern profiling of existing customers and various accident transactions. However, deep analysis such as attempts to access e-finance by insiders of financial institutions with large scale of damages and social ripple effects and stealing important information from e-financial users through bypass of internal control environments is not conducted. This paper analyzes the management status of e-financial security programs of financial companies and draws the possibility that they are allies in security control of insiders who exploit vulnerability in management. In order to efficiently respond to this problem, it will present a comprehensive e-financial security management environment linked to insider threat monitoring as well as the existing e-financial transaction detection system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.267-281
• /
• 2012

SCADA system is a computer system that monitors and controls the national infrastructure or industrial process including transportation facilities, water treatment and distribution, electrical power transmission and distribution, and gas pipelines. The SCADA system has been operated in a closed network, but it changes to open network as information and communication technology is developed rapidly. As the way of connecting with outside user extends, the possibility of exploitation of vulnerability of SCADA system gets high. The methodology to protect the possible huge damage caused by malicious user should be developed. In this paper, we proposed anomaly detection based intrusion detection methodology by estimating self-similarity of SCADA system.

• Smart Media Journal
• /
• v.13 no.3
• /
• pp.45-52
• /
• 2024

In today's growing threat environment, rapid and effective detection and response to security events is essential. To solve these problems, many companies and organizations respond to security threats by introducing security control systems. However, existing security control systems are experiencing difficulties due to the complexity and diverse characteristics of security events. In this study, we propose an automated integrated security control system model based on artificial intelligence. It is based on deep learning, an artificial intelligence technology, and provides effective detection and processing functions for various security events. To this end, the model applies various artificial intelligence algorithms and machine learning methods to overcome the limitations of existing security control systems. The proposed model reduces the operator's workload, ensures efficient operation, and supports rapid response to security threats.