• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.7
• /
• pp.1-8
• /
• 2017

As the IT environment becomes more sophisticated, various threats and their associated serious risks are increasing. Threats such as DDoS attacks, malware, worms, and APT attacks can be a very serious risk to enterprises and must be efficiently managed in a timely manner. Therefore, the government has designated the important system as the main information communication infrastructure in consideration of the impact on the national security and the economic society according to the 'Information and Communication Infrastructure Protection Act', which, in particular, protects the main information communication infrastructure from cyber infringement. In addition, it conducts management supervision such as analysis and evaluation of vulnerability, establishment of protection measures, implementation of protection measures, and distribution of technology guides. Even now, security consulting is proceeding on the basis of 'Guidance for Evaluation of Technical Vulnerability Analysis of Major IT Infrastructure Facilities'. There are neglected inspection items in the applied items, and the vulnerability of APT attack, malicious code, and risk are present issues that are neglected. In order to eliminate the actual security risk, the security manager has arranged the inspection and ordered the special company. In other words, it is difficult to check against current hacking or vulnerability through current system vulnerability checking method. In this paper, we propose an efficient method for extracting diagnostic data regarding the necessity of upgrading system vulnerability check, a check item that does not reflect recent trends, a technical check case for latest intrusion technique, a related study on security threats and requirements. Based on this, we investigate the security vulnerability management system and vulnerability list of domestic and foreign countries, propose effective security vulnerability management system, and propose further study to improve overseas vulnerability diagnosis items so that they can be related to domestic vulnerability items.

• Proceedings of the KIEE Conference
• /
• 2005.10b
• /
• pp.421-423
• /
• 2005

Power transmission lines have been playing a key role as the mainstay of national industry. When a power failure occurs, it can have severe effects on national security as well as national industry and economy. In this paper, we consider an insulator failure, which is one of the main causes of such a power failure. In spite of its importance, however, a shortage of manpower in the insulator maintenance field is getting more serious due to working environments with a high voltage and a high place. For this reason, a new active maintenance technique using a robot system is required to prevent such an insulator failure. In this paper, a new robot mechanism for insulator cleaning and inspection was developed. We confirmed its effectiveness through experiments.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.2
• /
• pp.747-763
• /
• 2018

Information Technology (IT) plays an increasingly important role for small and medium-sized enterprises. It has become fundamental for these companies to protect information and IT assets in relation to risks and threats that have grown in recent years. This study aims to understand the importance and structure of an information security policy, using a quantitative study that intends to identify the most important and least relevant elements of an information security policy document. The findings of this study reveal that the top three most important elements in the structure of a security policy are the asset management, security risk management and define the scope of the policy. On the other side, the three least relevant elements include the executive summary, contacts and manual inspection. Additionally, the study reveals that the importance given to each element of the security policy is slightly changed according to the sectors of activity. The elements that show the greatest variability are the review process, executive summary and penalties. On the other side, the purpose of the policy and the asset management present a stable importance for all sectors of activity.

• Convergence Security Journal
• /
• v.17 no.2
• /
• pp.101-107
• /
• 2017

Recent cyber attacks on South Korea, including hacking and viruses, are increasing significantly. To deal with the cyber invasion of cyber aggression, the Ministry of National Defense defined the necessary procedures for cyber security with guidelines for cyber security. In spite of, based on the analyses the cyber defense operations published, the number of violations are increasing. To address issues stated above, the safety check items should be reviewed and revised. This paper will revisit current safety check items and provide new guidelines to prevent cyber security breaches, which will provide more safe and efficient cyber environment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.1
• /
• pp.23-30
• /
• 2008

Attempt to protect personal computer from hacking, virus, worm, and the troy wooden horse is progressed variously. Nevertheless, it is very difficult fer public users to understand configurations to enhance security stability in windows based personal computer, and many security problem is due to there lack of recognize about information accessability, various kind of configuration, these necessity, and efficiency. Accordingly, it is demandded to develop an efficient system to protect networks and personal computer with automated method. In this paper, we derive problems of personal computer by analyzing various vulnerableness and policy on security, through which we design and implement the system to solve various windows system problem conveniently.

• Journal of Information Technology Services
• /
• v.20 no.5
• /
• pp.119-136
• /
• 2021

Since the global spread of COVID-19, social distancing and untact service implementation have spread rapidly. With the transition to a non-face-to-face environment such as telework and remote classes, cyber security threats have increased, and a lot of cyber compromises have also occurred. In this study, cyber-attacks and response cases related to COVID-19 are summarized in four aspects: cyber fraud, cyber-attacks on companies related to COVID-19 and healthcare sector, cyber-attacks on untact services such as telework, and preparation of untact services security for post-covid 19. After the outbreak of the COVID-19 pandemic, related events such as vaccination information and payment of national disaster aid continued to be used as bait for smishing and phishing. In the aspect of cyber-attacks on companies related to COVID-19 and healthcare sector, we can see that the damage was rapidly increasing as state-supported hackers attack those companies to obtain research results related to the COVID-19, and hackers chose medical institutions as targets with an efficient ransomware attack approach by changing 'spray and pray' strategy to 'big-game hunting'. Companies using untact services such as telework are experiencing cyber breaches due to insufficient security settings, non-installation of security patches, and vulnerabilities in systems constituting untact services such as VPN. In response to these cyber incidents, as a case of cyber fraud countermeasures, security notices to preventing cyber fraud damage to the public was announced, and security guidelines and ransomware countermeasures were provided to organizations related to COVID-19 and medical institutions. In addition, for companies that use and provide untact services, security vulnerability finding and system development environment security inspection service were provided by Government funding programs. We also looked at the differences in the role of the government and the target of security notices between domestic and overseas response cases. Lastly, considering the development of untact services by industry in preparation for post-COVID-19, supply chain security, cloud security, development security, and IoT security were suggested as common security reinforcement measures.

• Tunnel and Underground Space
• /
• v.16 no.4 s.63
• /
• pp.347-356
• /
• 2006

We analyzed case studies doing in-depth inspection of tunnel to maintain safety of existing tunnel in constructing new tunnel near to a existing tunnel with single track. Futhermore, We accomplished in-depth inspection of existing tunnel and numerical analysis. We suggested remedies to security safety of existing tunnel. We applied line drilling and pre-large hole boring method not to have an effect on existing tunnel and convinced the safety of existing tunnel from blast-vibration and blast-noise of numerical analysis. We planed to install basset system to measure displacement of existing tunnel according to excavating new tunnel.

• Journal of the Korean Society of Safety
• /
• v.32 no.3
• /
• pp.99-104
• /
• 2017

An undeniable reason for elevator accidents is relevant to diverse defects of elevator itself including a fatal flaw in its managing system. In order to prevent and control disastrous accidents, Korean government established brand new department, Ministry of Public Safety and Security(MPSS) in 2014. For the field of elevator accidents, MPSS, hoping to take the lead, tries to reform related law and statutes. At this time, it is worthwhile to review foreign country's precedent to find out its applicable lesson. This study specially focuses on introducing U.S. legal system dealing with elevator safety area from the viewpoint of stressing the identity of local governments such as state, county, city etc. This article mainly reviews these four points: i) a current state of safety code, guide, standard for elevator in U.S.A. ii) an elevator parts certification system under ASME A.17.1, iii) an elevator inspection system in New York City, iv) an implication of an elevator certification and inspection system in U.S.A. to us.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.15 no.4
• /
• pp.747-752
• /
• 2020

Special logistics, such as steel coils or steel plates, are being shipped and deployed depending on experienced personnel. Therefore, there is a great possibility of accidents due to immaturity by human error or lack of experience. There is a need to prevent the possibility of such an accident in advance, to apply security requirements required for special logistics, to ensure the stability of cargo, and to operate an management system to check the correct loading list. In addition, accurate shipping inspection is necessary to balance the ship. This paper analyzes the problems of shipping inspection currently being implemented and proposes a web-based port special logistics shipping inspection and balancing operation system to improve it.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.46 no.1
• /
• pp.48-54
• /
• 2023

Guided missiles are a one-shot system that finishes their purpose after being used once, and due to the long-term storage until launch, the storage reliability is calculated during development, and performance is maintained through periodic inspections until the life cycle arrives. However, the reliability standards applied in the development of guided missiles were established by analyzing data accumulated by the United States during long-term operation in the country, and since they are different from our environment, the 00 guided missiles that have been deployed in the armed forces for more than 10 years under the premise that there is a difference from actual reliability. As a result of verifying the appropriateness of the current inspection cycle by analyzing the actual reliability of the missile, the necessity of changing the inspection period was derived because it was higher than the predicted reliability. It is proposed to build and utilize a lifespan management system that can systematically collect all data such as shooting and maintenance results by classification, and to establish a reliable reliability standard based on the accumulated data.