• Journal of Information Technology Services
• /
• v.19 no.5
• /
• pp.33-47
• /
• 2020

In recent years, due to the demand for operating efficiency and cost reduction of industrial facilities, remote access via the Internet is expanding. the control network accelerates from network separation to network connection due to the development of IIoT (Industrial Internet of Things) technology. Transition of control network is a new opportunity, but concerns about cybersecurity are also growing. Therefore, manufacturers must reflect security compliance and standards in consideration of the Internet connection environment, and enterprises must newly recognize the connection area of the control network as a security management target. In this study, the core target of the control system security threat is defined as the network boundary, and issues regarding the security architecture configuration for the boundary and the role & responsibility of the working organization are covered. Enterprises do not integrate the design organization with the operation organization after go-live, and are not consistently reflecting security considerations from design to operation. At this point, the expansion of the control network is a big transition that calls for the establishment of a responsible organization and reinforcement of the role of the network boundary area where there is a concern about lack of management. Thus, through the organization of the facility network and the analysis of the roles between each organization, an static perspective and difference in perception were derived. In addition, standards and guidelines required for reinforcing network boundary security were studied to address essential operational standards that required the Internet connection of the control network. This study will help establish a network boundary management system that should be considered at the enterprise level in the future.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.485-500
• /
• 2018

As the size of the system and network environment grows and the network structure and the system configuration change frequently, network administrators have difficulty managing the status manually and identifying real-time changes. In this paper, we suggest a system that scans dynamic network information in real time, scores vulnerability of network devices, generates all potential attack paths, and visualizes them using attack graph. We implemented the proposed algorithm based attack graph; and we demonstrated that it can be applicable in MTD concept based defense system by simulating on dynamic virtual network environment with SDN.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.5
• /
• pp.841-850
• /
• 2015

XaaS (Everything as a Service) provides re-usable, fine-grained software components like software, platform, infra across a network. Then users usually pay a fee to get access to the software components. It is a subset of cloud computing. Since XaaS is provided by centralized service providers, it can be a target of various security attacks. Specially, if XaaS becomes the target of APT (Advanced Persistent Threat) attack, many users utilizing XaaS as well as XaaS system can be exposed to serious danger. So various solutions against APT attack are proposed. However, they do not consider all aspects of security control, synthetically. In this paper, we propose overall security checkup considering technical aspect and policy aspect to securely operate XaaS.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.11 no.10
• /
• pp.1866-1872
• /
• 2007

Information system contains various components, md these components can be categorized into some types. When preparing security level management activity, it is most important to define the target of management activity. And after deciding these targets, security level management activity can be started. This paper defines management targets by dividing information system into some parts, and these targets can be managed variously according to operation environments and characteristics. By doing so, security level management activity can be processed easily.

• Journal of Institute of Control, Robotics and Systems
• /
• v.20 no.3
• /
• pp.313-322
• /
• 2014

This paper is to survey and put in perspective the working methods of multi-target tracking in clutter. This paper includes theories and practices for data association and related filter structures and is motivated by increasing interest in the area of target tracking, security, surveillance, and multi-sensor data fusion. It is hoped that it will be useful in view of taking into consideration a full understanding of existing techniques before using them in practice.

• Proceedings of the Korea Database Society Conference
• /
• 1999.10a
• /
• pp.129-139
• /
• 1999

현재의 조직 환경에서 정보 보호 수준의 결정은 필수 불가결한 이슈가 되고 있지만 정보 보호 수준 구축을 위한 기준은 상대적으로 부족한 실정이다. 이에 본 논문에서는 정보 보호 수준 결정에 있어서 기준이 될 수 있는 중요한 요소인 위험에 대해서 기존의 위험 평가 프로세스를 분석하여 개선된 위험평가 프로세스를 제시하고 허용 가능한 위험을 결정하기 위한 중요 기준인 목표 잉여 위험의 결정 방법에 대해 논하고자 한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.2
• /
• pp.365-375
• /
• 2019

A PLC (Programmable Logic Controller) is a highly-reliable industrial digital computer which supports real-time embedded control applications for safety-critical control systems. Real-time operating systems such as uC/OS have been used for PLCs and must meet real-time constraints. As PLCs have been widely used for industrial control systems and connected to the Internet, they have been becoming a main target of cyberattacks. In this paper, we propose an execution code sanitizer to enhance the security of PLC systems. The proposed sanitizer analyzes PLC programs developed by an IDE before downloading the program to a target PLC, and mitigates security vulnerabilities of the program. Our sanitizer can detect vulnerable function calls and illegal memory accesses in development of PLC programs using a database of vulnerable functions as well as the other database of code patterns related to pointer misuses. Based on these DBs, it detects and removes abnormal use patterns of pointer variables and existence of vulnerable functions shown in the call graph of the target executable code. We have implemented the proposed technique and verified its effectiveness through experiments.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.4
• /
• pp.37-46
• /
• 2007

The authentication in WSN(Wireless Sensor Network) usually means the entity authentication, but owing to the data centric nature of sensor network, much more importance must be put on the authentication(or attestation) for code of sensor nodes. The naive approach to the attestation is for the verifier to compare the previously known memory contents of the target node with the actual memory contents in the target node, but it has a significant drawback. In this paper, we show what the drawback is and propose a countermeasure. This scheme can verify the whole memory space of the target node and provides extremely low probability of malicious code's concealment without depending on accurate timing information unlike SWATT. We provide two modes of this verification method: BS-to-node and node-to-node. The performance estimation in various environments is shown.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.20 no.3
• /
• pp.421-430
• /
• 2017

In this research, we propose a methodology for assessing security vulnerability of the national defense intelligence system, considering not only target elements but also the interconnection relationship of the whole system. Existing approaches decide the security vulnerability of the whole system by assessing only target elements. However, those approaches have an issue with potentially showing the same outcome for the systems that have identical target elements but the different types of interconnection relationships. We propose a more practical assessment method which takes the interconnection relationship of a whole system into consideration based on the concept of SNA(Social Network Analysis).

• Proceedings of the IEEK Conference
• /
• 2002.07c
• /
• pp.1678-1680
• /
• 2002

Stereo matching technique is used in many practical fields like satellite image analysis and computer vision. In this paper, we suggest a method to extract a target object image from a complicated background. For example, human face image can be extracted from random background. This method can be applied to computer vision such as security system, dressing simulation by use of extracted human face, 3D modeling, and security system. Many researches about stereo matching have been performed. Conventional approaches can be categorized into area-based and feature-based method. In this paper, we start from area-based method and apply area tracking using scanning window. Coarse depth information is used for area merging process using area searching data. Finally, we produce a target object image.