• 제어로봇시스템학회:학술대회논문집
• /
• 2002.10a
• /
• pp.54.1-54
• /
• 2002

1. Introduction 2. Related Work 3. Secure Data Transmission on web-based monitoring and control System 3.1 Requirement facts with the Security for the Secure Data Transmission 3.2 Architecture for the Secure Data Transmission 4. Conclusions and Further Research

• Journal of Korea Multimedia Society
• /
• v.14 no.5
• /
• pp.703-709
• /
• 2011

State-based infrastructure on IT-based network are prone to numerous cyber attack including subsequent hacking and internet infringement. These acts of terrorism are increasing because of the expanding IT convergence technology. Recently, the trend on cyber security monitoring and control researches focus on combining the general idea of security monitoring and control along with IT field and other control systems. This convergence trend has been increasing in both the use and importance. This research analyzes the state-based infrastructure monitoring and control system, its vulnerability as well as its improvement by incorporating the cyber convergence systems to existing systems. The subject of this research is for extensive use of CCTV systems which is expanded for 'CCTV Monitoring and Control Field' as well as 'Traffic Monitoring and Control Field' operated by 'Intelligent Traffic Information System' and Disaster Management Area which is studied in various fields. Eventually, the objective of the paper is to solve these issues, to apply related systems and to suggest improvement on the convergence system.

• Convergence Security Journal
• /
• v.18 no.3
• /
• pp.77-85
• /
• 2018

With the convergence of communications network between control system and public network, such threats like information leakage/falsification could be fully shown in control system through diverse routes. Due to the recent diversification of security issues and violation cases of new attack techniques, the security system based on the information database that simply blocks and identifies, is not good enough to cope with the new types of threat. The current control system operates its security system focusing on the outside threats to the inside, and it is insufficient to detect the security threats by insiders with　the authority of security access. Thus, this study conducted the importance analysis based on the main event log list of "Spotting the Adversary with Windows Event Log Monitoring" announced by NSA. In the results, the matter of importance of event log for the detection of insider threats to control system was understood, and the results of this study could be contributing to researches in this area.

• 제어로봇시스템학회:학술대회논문집
• /
• 2003.10a
• /
• pp.2097-2100
• /
• 2003

Many studies have been done on secure operating system using secure kernel that has various access control policies for system security. Secure kernel can protect user or system data from unauthorized and/or illegal accesses by applying various access control policies like DAC(Discretionary Access Control), MAC(Mandatory Access Control), RBAC(Role Based Access Control), and so on. But, even if secure operating system is running under various access control policies, network traffic among these secure operating systems can be captured and exposed easily by network monitoring tools like packet sniffer if there is no protection policy for network traffic among secure operating systems. For this reason, protection for data within network traffic is as important as protection for data within local system. In this paper, we propose a secure operating system trusted channel, SOSTC, as a prototype of a simple secure network protocol that can protect network traffic among secure operating systems and can transfer security information of the subject. It is significant that SOSTC can be used to extend a security range of secure operating system to the network environment.

• Convergence Security Journal
• /
• v.21 no.1
• /
• pp.25-31
• /
• 2021

The purpose of this study was to keep the Security Control Center, which operates under a shift system, uninterrupted during the COVID-19 virus epidemic. Security facilities responding to cybersecurity threats are essential security facilities that must be operated 24 hours a day, 365 days a day in real time, and are critical to security operations and management. If security facilities such as infectious disease epidemic, system failure, and physical impact are closed or affected, they cannot respond to real-time cyberattacks and can be fatal to security issues. Recently, there have been cases in which security system facilities cannot be operated, such as the closure of facilities due to the COVID-19 virus epidemic and the availability of security systems due to the rainy season, and other cases need to be prepared. In this paper, we propose a plan to configure a security system facility as a multiplexing facility and operate it as an alternative in the event of a closed situation.

• Asia pacific journal of information systems
• /
• v.15 no.1
• /
• pp.115-133
• /
• 2005

This study is to develop an information security management model(ISMM) for small and medium sized enterprises(SMEs). Based on extensive literature review, a five-pillar twelve-component reference ISMM is developed. The five pillars of SME's information security are: centralized decision making, ease of management, flexibility, agility and expandability. Twelve components are: scope & organization, security policy, resource assessment, risk assessment, implementation planning, control development, awareness training, monitoring, change management, auditing, maintenance and accident management. Subsequent survey designed and administered to expose experts' perception on the importance of these twelve components revealed that five out of tweleve components require relatively immediate attention than others, especially in SME's context. These five components are: scope and organization, resource assessment, auditing, change management, and incident management. Other seven components are policy, risk assessment, implementation planning, control development, awareness training, monitoring, and maintenance. It seems that resource limitation of SMEs directs their attention to ISMM activities that may not require a lot of resources. On the basis of these findings, a three-phase approach is developed and proposed here as an SME ISMM. Three phases are (1) foundation and promotion, (2) management and expansion, and (3) maturity. Implications of the model are discussed and suggestions are made for further research.

• Nuclear Engineering and Technology
• /
• v.55 no.1
• /
• pp.37-44
• /
• 2023

Using the Kalman filtering technique, we propose a novel method for estimating the missing video frames to monitor the activities inside the control room of a nuclear power plant (NPP). The purpose of this study is to reinforce the existing security and safety procedures in the control room of an NPP. The NPP control room serves as the nervous system of the plant, with instrumentation and control systems used to monitor and control critical plant parameters. Because the safety and security of the NPP control room are critical, it must be monitored closely by security cameras in order to assess and reduce the onset of any incidents and accidents that could adversely impact the safety of the NPP. However, for a variety of technical and administrative reasons, continuous monitoring may be interrupted. Because of the interruption, one or more frames of the video may be distorted or missing, making it difficult to identify the activity during this time period. This could endanger overall safety. The demonstrated Kalman filter model estimates the value of the missing frame pixel-by-pixel using information from the frame that occurred in the video sequence before it and the frame that will occur in the video sequence after it. The results of the experiment provide evidence of the effectiveness of the algorithm.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.6
• /
• pp.67-81
• /
• 2011

In recently years, there are cyber-weapon aim to national infrastructure such as 'stuxnet'. Security experts of the world are paying attention to this phenomenon. The networks which controls traffic, subway, waterworks of the city are safe from threats such as computer virus, malware, because the networks were built on closed-networks. However, it's about time to develop countermeasure for the cyber-weapon. In this paper, we review status-quo of the control systems for metropolitan infrastructure and analyze the risk of industrial control system in SCADA(Supervisory Control And Data Acquisition) network. Finally, we propose a security model for control systems of metropolitan infrastructure.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2003.05a
• /
• pp.301-304
• /
• 2003

Recently, the development of internet remote control system has been studied lively along with fast growth of internet. In this paper, we proposed the internet-based remote control and monitoring system using java platform. The apache web server that is now used worldwide was constructed for monitoring and controlling of an machine in administrator's web browser. We solved the limitation on security which is the biggest problem of internet control system due to strong security setting in web server. As a result of experiment which is used in the proposed remote internet control system, several time-delay occurred in internet. However, correct control result could be achieved without an error. And this system monitored informations of a RPM, temperature and the other condition in almost real time.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.8 no.5
• /
• pp.437-445
• /
• 2018

Devices have a lot of small breakdowns rather than big breakdowns. But it often wastes time and increases cost of maintenance, such as calling a service technician for small breakdowns. So, if we use remote control and monitoring service using Internet of Things, we can minimize the time period and cost for the maintenance. However, security is important because remote control and monitoring services contain personal information which when leaked, may be dangerous. There are many types of Internet based monitoring devices that are in use, but it is difficult to expect a high level of security because there are many cases in which the performance is minimal. Therefore, in this paper, we classify remote control and monitoring services based on Internet of Things type and derive encryption requirement for four types. We also compared and analyzed the lightweight cryptographic algorithms that can be expected to use high performance even on the Internet of Things. And it is derived that LED is used as a equipment management type, DESLX as a environment management type, CLEFIA as a healthcare management type and LEA as a security management type are the optimal lightweight cryptographic algorithms for each type.