• Korean Security Journal
• /
• no.33
• /
• pp.163-195
• /
• 2012

Various kinds of performances and events have been held by local governments along with the worldwide popularity of K-pop, and there is a growing concern about possible accidents. Actually, a large-scale of accident took place during the MBC pop song concert in Sangju Sports Stadium in October 3, 2005. And another great safety accident occurred during an open event in the Lotte World in Seoul in March 26, 2006. The purpose of this study is to propose improvement of security company that carry out security activity through the analysis of the cases of accidents and common causes in the event sites. The improvement of safety management for large-scale event site by the study are as followings; First, institutional measures should be taken to extend the size of private security companies. Second, more education and training should be provided for security personnels who work for the event. Third, private security companies should prepare for the security measures more thoroughly in advance. Fourth, private security companies should make every possible effort to maintain order in the event site. Fifth, private security companies should bolster their collaboration with relevant organizations. Sixth, security companies should take actions to make themselves completely ready for any possible unexpected situations.

• International Journal of Computer Science & Network Security
• /
• v.23 no.5
• /
• pp.212-220
• /
• 2023

Ontologies are knowledge containers in which information about a specified domain can be shared and reused. An event happens within a specific time and place and in which some actors engage and show specific action features. The fact is that several ontology models are based on events called Event-Based Models, where the event is an individual entity or concept connected with other entities to describe the underlying ontology because the event can be composed of spatiotemporal extents. However, current event-based ontologies are inadequate to bridge the gap between spatiotemporal extents and participants to describe a specific domain event. This paper reviews, describes, and compares the existing event-based ontologies. The paper compares and contrasts various ways of representing the events and how they have been modelled, constructed, and integrated with the ontologies. The primary criterion for comparison is based on the events' ability to represent spatial and temporal extent and the participants in the event.

• Journal of Information Technology Services
• /
• v.15 no.3
• /
• pp.51-69
• /
• 2016

Recently, many Korean firms have suffered financial losses and damaged firm's trust due to information security incidents. Hence, a lot of firms have realized the importance of the information security. In particular, the demand for information security certification has increased. This study examined the effect of information security certification using the event study methodology. Our research shows that the announcement of the information security certification significantly influences the market value of the corresponding firm. The certified firms rise, on average, o.4993% (-2 day), 0.5462% (+1 day) of their market value. Further, we found that the financial sector in our data showed a 1.4% higher abnormal returns than the nonfinancial sector. On the other hand, whether a firm first acquired the information security certification is not significant. Our paper presents that it is possible to analyze the effect of the information security certification using the event study. We are expected to be used in making a decision for the investment of information security. Also, our results indicate that the firm which have acquired the information security certification should actively announce that fact.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.04a
• /
• pp.449-451
• /
• 2015

When cyber attacks are discovered in nuclear facilities, licensees are required to notify regulatory organizations for quick action. This also helps regulatory organizations to strengthen regulatory capabilities for cyber security. Currently the U.S. issued the final draft rule for Cyber Security Event Notifications. Domestic regulatory activities being at an early stage for cyber security need to implement law for Cyber Security Event Notifications. Since the current laws are focused on the aspect of safety, they are in need of more specific laws for cyber security.

• Smart Media Journal
• /
• v.6 no.4
• /
• pp.41-49
• /
• 2017

According to the occurrence of many security incidents, the SOC(Security Operation Center) and SIEM(Security Information & Event Management) are concentrated recently. The various studies and commercial products of the information security industry are being released. As reflected in this situation, NIST in the US is publishing and revising the document about the Cybersecurity Framework. In this study, we investigated the NIST's Cyberseurity Framework, trends in SOC and SIEM security technologies and solutions, and also introduce the open source Apache Metron of a real-time Bigdata security tool.

• Korean Security Journal
• /
• no.57
• /
• pp.157-176
• /
• 2018

The purpose of this study is to explore the development methods of private security services based on the problems that field experts in charge of event security are currently aware of. In order to accomplish the purpose of this study, we conducted interviews with 4 professors in relevant fields and 6 field experts with more than 10 years experience and analyzed the data. They suggested the development of private security services as follows. First, education that is related to event security work is necessary. Second, training should be conducted in response to audience and audience complaints. Third, service-related training is required. Fourth, in the Security Law, the provisions of the collective complaints field should be adjusted to the reality. Fifth, improving poor working conditions. Sixth, it is necessary to educate to develop responsibility and sense of mission.

• Convergence Security Journal
• /
• v.6 no.4
• /
• pp.67-73
• /
• 2006

The method which research a standardization from real time cyber threat is finding the suspicious indication above the attack against cyber space include internet worm, virus and hacking using analysis the event of each security system through correlation with the critical point, and draft a general standardization plan through statistical analysis of this evaluation result. It means that becomes the basis which constructs the effective cyber attack response system. Especially at the time of security accident occurrence, It overcomes the problem of existing security system through a definition of the event of security system and traffic volume and a concretize of database input method, and propose the standardization plan which is the cornerstone real time response and early warning system. a general standardization plan of this paper summarizes that put out of threat index, threat rating through adding this index and the package of early warning process, output a basis of cyber threat index calculation.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1995.11a
• /
• pp.115-125
• /
• 1995

본 논문에서는 컴퓨터 시스템에서 침입 감지 시스템을 설계함에 있어서 사용될 수 있는 새로운 방법인 Event Sequence Tracking 방법을 제안하였다. Event Sequence Tracking 방법에서는 컴퓨터 시스템의 공격방법을 크게 두가지로 분류한다. 첫번째는 일련의 시스템 명령어를 이용한 공격방법이고 두번째는 침입자 자신이 만들었거나 다른 사람으로부터 얻은 프로그램을 이용하는 방법이다. 첫번째 공격방법에 대한 감지방법은 시스템을 공격할 때 사용한 일련의 시스템 명령어들을 감사 데이타를 분석하여 찾아내고 이 결과를 기존에 알려진 공격 시나리오들과 비교하여 침입자를 찾아내는 방식이다. 두번째 공격방법에 대한 감지 방법은 보안 관리자가 정해놓은, 시스템에서 일반 사용자가 할 수 없는 행위에 관한 보안 정책에 따라 Key-Event 데이타 베이스를 만들고 여기에 해당하는 event의 집합을 감사 데이타에서 찾아내는 방법이다. Event Sequence Tracking 방법은 Rule-based Penetration Identification 방법의 일종으로서 시스템의 공격방법을 분류하여 컴퓨터 시스템에의 침입을 효과적으로 감지할 수 있다는 것과 rule-base의 생성과 갱신을 함에 있어서 보다 간단하게 할 수 있다는 장점을 갖는다.

• Nuclear Engineering and Technology
• /
• v.49 no.3
• /
• pp.517-524
• /
• 2017

Cyber security is an important issue in the field of nuclear engineering because nuclear facilities use digital equipment and digital systems that can lead to serious hazards in the event of an accident. Regulatory agencies worldwide have announced guidelines for cyber security related to nuclear issues, including U.S. NRC Regulatory Guide 5.71. It is important to evaluate cyber security risk in accordance with these regulatory guides. In this study, we propose a cyber security risk evaluation model for nuclear instrumentation and control systems using a Bayesian network and event trees. As it is difficult to perform penetration tests on the systems, the evaluation model can inform research on cyber threats to cyber security systems for nuclear facilities through the use of prior and posterior information and backpropagation calculations. Furthermore, we suggest a methodology for the application of analytical results from the Bayesian network model to an event tree model, which is a probabilistic safety assessment method. The proposed method will provide insight into safety and cyber security risks.

• Journal of Communications and Networks
• /
• v.14 no.6
• /
• pp.597-605
• /
• 2012

With the smart grid coming near, wide-area supervisory control and data acquisition (SCADA) becomes more and more important. However, traditional SCADA systems are not suitable for the openness and distribution requirements of smart grid. Distributed SCADA services should be openly composable and secure. Event-driven methodology makes service collaborations more real-time and flexible because of the space, time and control decoupling of event producer and consumer, which gives us an appropriate foundation. Our SCADA services are constructed and integrated based on distributed events in this paper. Unfortunately, an event-driven SCADA service does not know who consumes its events, and consumers do not know who produces the events either. In this environment, a SCADA service cannot directly control access because of anonymous and multicast interactions. In this paper, a distributed security framework is proposed to protect not only service operations but also data contents in smart grid environments. Finally, a security implementation scheme is given for SCADA services.