• Convergence Security Journal
• /
• v.22 no.1
• /
• pp.93-98
• /
• 2022

Information service technology continues to develop, and information service continues to expand based on the IT convergence trend. The premeter-based security model chosen by many organizations can increase the effectiveness of security technologies. However, in the premeter-based security model, it is very difficult to deny security threats that occur from within. To solve this problem, a zero trust model has been proposed. The zero trust model requires authentication for user and terminal environments, device security environment verification, and real-time monitoring and control functions. The operating environment of the information service may vary. Information security management should be able to response effectively when security threats occur in various systems at the same time. In this study, we proposed a security policy distribution system in the object reference method that can effectively distribute security policies to many systems. It was confirmed that the object reference type security policy distribution system proposed in this study can support all of the operating environments of the system constituting the information service. Since the policy distribution performance was confirmed to be similar to that of other security systems, it was verified that it was sufficiently effective. However, since this study assumed that the security threat target was predefined, additional research is needed on the identification method of the breach target for each security threat.

• Korean Security Journal
• /
• no.54
• /
• pp.9-35
• /
• 2018

During the recent years, cyber attacks have been increasing both in the private sector and the government. Those include the DDOS cases in 2009, the Blue House cyber attack, bank hackings etc. Cyber threats are becoming increasingly serious. However, there is no basic law related to cyber security at present, and regulations related to cyber security are scattered in various domestic laws. This can lead to confusion in the application of the law and difficult to grasp the regulations related to cyber security. In order to overcome this situation, the bill on the prevention and countermeasures against cyber crisis was initiated in 2006, but it has been abrogated. Since then, it has been repeatedly proposed, but it has been abrogated repeatedly due to the overlapping of existing laws and concerns about infringement of personal information. The most recent initiative was the National Cyber Security Act, which was initiated by the government in January 2017. The act focuses on resolving the absence of a basic law related to cyber security, strengthening its responsiveness in the event of a cyber security crisis, and fostering security strength. Therefore, this study seeks to contribute to the establishment of National Cyber Security legislation as a basic law of cyber security by examining the necessity of National Cyber Security legislation through comparative legal analysis with existing domestic laws related to cyber security and suggesting policy implications.

• Journal of Korean Society of Disaster and Security
• /
• v.11 no.2
• /
• pp.45-52
• /
• 2018

This study identifies the cause of the accident and presents a new concept for safe urban stream management by numerical simulating the flood event of Cheonggyecheon on August 17, 2017, using rain data measured through a dense weather observation network. In order to simulate water retention in the CSO channel listed as one of the causes of the accident, a reliable urban runoff model(XP-SWMM) was used which can simulate various channel conditions. Rainfall data measured through SK Techx using SK Telecom's cell phone station was used as rain data to simulate the event. The results of numerical simulations show that rainfall measured through AWSs of Korea Meteorological Administration did not cause an accident, but a similar accident occurred under conditions of rainfall measured in SK Techx, which could be estimated more similar to actual phenomena due to high spatial density. This means that the low spatial density rainfall data of AWSs cannot predict the actual phenomenon occurring in Cheonggyecheon and safe river management needs high spatial density weather stations. Also, the results of numerical simulation show that the residual water in the CSO channel directly contributed to the accident.

• Proceedings of the Korea Society for Simulation Conference
• /
• 2004.05a
• /
• pp.13-19
• /
• 2004

본 논문은 SIMVA(Simulation Vulnerability Analyzer)를 이용한 시뮬레이션 기반의 네트워크 취약성 분석을 주목적으로 한다 SIMVA는 네트워크 상태를 감시하고, 이를 토대로 취약성을 분석하기 위하여 개발된 S/W로서, SES/MB (System Entity Structure / Model Base) 프레임워크 및 DEVS(Discrete Event System Specification) 이론을 적용하여 네트워크 보안 모델링을 수행할 수 있으며, 취약성 메트릭스를 통하여 정량적으로 취약성을 분석할 수 있다. 본 연구에서는 SIMVA를 이용하여 최근 네트워크 보안 문제에 심각한 영향을 미치는 슬래머 웜 공격 시나리오에 대한 취약성 분석을 수행함으로써 SIMVA의 검증 및 적용 가능성을 제시한다.

• Proceedings of the Korean Society for Noise and Vibration Engineering Conference
• /
• 1997.04a
• /
• pp.139-145
• /
• 1997

Nowadays, the axial stiffness of crankshaft of long-stroke diesel engine is low compared to that of the old types of engine by increasing stroke/bore ratio and major critical speed might occur within engine operation speed. An axial damper needs to be installed in order to reduce the axial vibration of the crankshaft in the event of reduced or stopped axial damper function are discussed.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2018.05a
• /
• pp.222-223
• /
• 2018

본 논문에서는 인간과 사물, 서비스 세 가지 분산된 환경 요소에 대해 인간의 명시적 개입 없이 상호 협력적으로 정보 센싱, 네트워킹, 정보 처리 등 지능적인 기능을 제공하는 표준 IoT 플랫폼 기반에 대량의 이벤트에 대한 융합분석이 가능한 CEP(Complex Event Processing) 및 시나리오 기반 자동화된 절차에 따라 대응이 가능한 워크플로우 기술을 적용하여 중요시설감지, 국경감시, 해안감시, 도시안전 분야 등 다양한 분야에 활용이 가능한 지능형 시큐리티 플랫폼을 제안하고자 한다.

• Electronics and Telecommunications Trends
• /
• v.22 no.1 s.103
• /
• pp.59-72
• /
• 2007

기존의 사이버 공격은 특정 호스트나 서버를 목표로 하여 정보의 탈취 및 변경 등에 집중되었으나, 현재는 직접 혹은 간접적으로 과다 트래픽을 유발하여 네트워크 서비스를 마비시키는 방향으로 그 경향이 변하고 있다. 이런 사이버 공격을 방지하여 네트워크의 안정적인 서비스의 제공을 위해서는 해당 공격에 대한 적절한 대응을 수행하여야하며 이를 위해서는 관리 도메인 상에서 발생하는 보안 이벤트들을 분석하여 현재의 보안 상황에 대한 파악이 필수적으로 이루어져야 한다. 본 논문에서는 보안상황 분석을 위해 보안이벤트간 연관성 분석 기술에 대한 일반적 동향과 이벤트 연관성 분석의 특정 분야로써 현재 활발이 연구가 진행중인 이벤트의 시각화를 통한 보안상황 분석에 대한 연구 동향을 다루도록 한다.

• Journal of Korea Game Society
• /
• v.5 no.1
• /
• pp.41-44
• /
• 2005

This paper is model can be useful and capable of automatically collecting and classifying the various information about a wide range of security incidents such as hackings, worms, spyware, cyber-terror, network espionage and information warfare from firewall, IDS, VPN and so on. According to them Internet game and an automated/integrated computer emergency response system can perform an attack assessment and an early warning for any incidents based on Enterprise Security Management environment.

• Journal of the Korea Society for Simulation
• /
• v.14 no.1
• /
• pp.9-18
• /
• 2005

Attempts to attack hosts in the network have become diverse, due to crackers developments of new creative attacking methods. Under these circumstances the role of intrusion detection system as a security system component gets considerably importance. Therefore, in this paper, we have suggested multiple intrusion detection system based on the contract net protocol which provides the communication among multiple agents. In this architecture, fuzzy rule based system has been applied for agent selection among agents competing for being activated. The simulation models are designed and implemented based on DEVS formalism which is theoretically well grounded means of expressing discrete event simulation models.

• Journal of The Institute of Information and Telecommunication Facilities Engineering
• /
• v.9 no.3
• /
• pp.112-118
• /
• 2010

This paper propose G-code and G-Pedigree system that are development based on the e-Pedigree and EPC, and RFID solutions for logistics management is proposed. The proposed G-Pedigree system to include the forward logistics and reverse logistics all logistics and management systems are appropriate for the event, with security features, security and accessibility of critical data was strengthened. The proposed G-code systems and the EPC code of the existing RFID readers, tags can be applied to, the more you can manage the logistics-related information.