• 제어로봇시스템학회:학술대회논문집
• /
• 2005.06a
• /
• pp.1577-1580
• /
• 2005

With remarkable growth of using Internet, attempts to try intrusions on network are now increasing. Intrusion Detection System is a security system which detects and copes illegal intrusions. Especially with increasing dispersive attacks through network, concerns for this Distributed Intrusion Detection are also rising. The previous Intrusion Detection System has difficulty in coping cause it detects intrusions only on particular network and only same segment. About same attacks, system lacks capacity of combining information and related data. Also it lacks cooperations against intrusions. Systematic and general security controls can make it possible to detect intrusions and deal with intrusions and predict. This paper considers Distributed Intrusion Detection preventing attacks and suggests the way sending active packets between nodes safely and performing in corresponding active node certainly. This study suggested improved E-IDS system which prevents service attacks and also studied sending messages safely by encoding. Encoding decreases security attacks in active network. Also described effective ways of dealing intrusions when misuses happens thorough case study. Previous network nodes can't deal with hacking and misuses happened in the middle nodes at all, cause it just encodes ends. With above suggested ideas, problems caused by security services can be improved.

• Convergence Security Journal
• /
• v.15 no.5
• /
• pp.77-86
• /
• 2015

The organization shall minimize business risks associated with customer information leaks. Enhance information security activities through voluntary pre-check and must find a way to detect the personal information leakage caused by carelessness and neglect accident. Recently, many companies have introduced an information leakage prevention solution. However, there is a possibility of internal data leakage by the internal user who has permission to access the data. By this thread it is necessary to have the environment to analyze the habit and activity of the internal user. In this study, we use the SFI analytical technique that applies RFM model to evaluate the insider activity levels were carried out case studies is applied to the actual business.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.6
• /
• pp.67-81
• /
• 2011

In recently years, there are cyber-weapon aim to national infrastructure such as 'stuxnet'. Security experts of the world are paying attention to this phenomenon. The networks which controls traffic, subway, waterworks of the city are safe from threats such as computer virus, malware, because the networks were built on closed-networks. However, it's about time to develop countermeasure for the cyber-weapon. In this paper, we review status-quo of the control systems for metropolitan infrastructure and analyze the risk of industrial control system in SCADA(Supervisory Control And Data Acquisition) network. Finally, we propose a security model for control systems of metropolitan infrastructure.

• Korean Security Journal
• /
• no.17
• /
• pp.143-155
• /
• 2008

Purpose of this study is to analyze actual perception of security business of security workers centering on employees working within building and to improve accomplishment of works for security workers. For this, first, activities of security workers are discussed. Second, perception of employees of companies for the necessity of security workers, non-necessity of security workers, qualification requirements of security workers for improving business recognition were established as a framework of the study. Changes for recognition of security works in modern life are a little falling behind compared to unstopping economic development and diversifying job classifications. Even at present, expression of security works is still regarded as manager of facilities or apartments in the past. In other words, it is recognized as a simple change of title and names from apartment guard to security workers. Security works in the modern job classification is settling down as a professional field of facility management and as a part of various controls such as protection and security and its field is also expanding. It is a professional job with the purpose to analyze and prevent diverse criminal actions occurring in the society and also to introduce alternative measures with the role to prevent accidents to be occurred in variety in advance instead of simple working format taking a fixed guard post. Area of security works for the purpose of maximizing necessity of security works shall have equipped with deployment of professional security workers, consideration of business satisfaction of security workers, prevention education for rapidly changing safety accidents, and substantiality in the field. We expect to have more sophisticated area of security works with ceaseless efforts and with instillation of recognition of professionalism by security workers themselves.

• Nutrition Research and Practice
• /
• v.14 no.2
• /
• pp.134-142
• /
• 2020

BACKGROUND/OBJECTIVES: North Korean refugees (NKRs) in South Korea are a unique population as they must adapt in a new country with similar cultural traits but different social, political, and economic systems, but little research has been conducted on diet and nutrition in this population. This study examined food security, dietary behaviors, and nutrient intakes among adult NKRs living in South Korea and compared them to those of South Koreans. SUBJECTS/METHODS: The subjects were 139 adult NKRs (25 men, 114 women) living in the Seoul metropolitan area, and 417 age- and sex- matched South Korean controls (SKCs; 75 men, 342 women) selected from the Korea National Health and Nutrition Examination Survey (KNHANES). Food security and dietary behaviors (meal skipping, eating-out, meals with family, nutrition education and counseling, and nutrition label knowledge and utilization) were obtained using self-administered questionnaires. Nutrient intakes were assessed by 24-hr recall. The statistical analysis was performed using IBM SPSS ver. 23.0. RESULTS: In South Korea, food security had improved over the previous 12 months, but remained significantly poorer for NKR women than SKC women. Meal skipping was three times more frequent than for SKCs and eating-out was rare. Average energy intake was 1,509 kcal for NKR men and 1,344 kcal for NKR women, which was lower than those of SKCs (2,412 kcal and 1,789 kcal, respectively). Significantly more NKRs (men 24.0%, women 21.9%) showed simultaneously deficient intake in energy, calcium, iron, vitamin A, and riboflavin than SKCs (men 2.7% (P = 0.003), women 7.0% (P < 0.001)). NKR women had a significantly higher index of nutrient quality (INQ) for some nutrients than SK women. CONCLUSIONS: This study reports significant differences in food security, dietary behaviors, and nutrient intakes between NKRs and SKCs. Generally, NKRs reported lower intakes despite improved food security, but relatively good INQs across nutrients. Further research is needed to understand processes of food choice and consumption among NKRs to provide appropriate support aimed at improving diets.

• The Journal of Information Technology
• /
• v.1 no.1
• /
• pp.173-188
• /
• 1998

In this paper we discussed various types of electronic payment schemes that are emerging. Threats vary from malicious hackers attempting to crash a system, to threats to data or transaction integrity. An understanding of the various types of threats can assist a security manager in selecting appropriate cost-effective controls to protect valuable information resources. An overview of many of today's common threats presented in this paper will be useful to mangers studying their own threat environments with a view toward developing solutions specific to their organization. To ensure security on the Internet, several methods have been developed and deployed. They include authentication of users and servers, encryption, and data integrity. Transaction security is critical : without it, information transmitted over the Internet is susceptible to fraud and other misuse. So computer systems represents an Intermediary with the potential to access the flow of information between a user. Security is needed to ensure that intermediaries cannot eavesdrop on transactions, or copy/modify data. Online firms must take additional precautions to prevent security breaches. To protect consumer information, they must maintain physical security of their servers and control access to software passwords and private keys. Techniques such as secret and public-key encryption and digital signatures play a crucial role in developing consumer confidence in electronic commerce.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.267-281
• /
• 2012

SCADA system is a computer system that monitors and controls the national infrastructure or industrial process including transportation facilities, water treatment and distribution, electrical power transmission and distribution, and gas pipelines. The SCADA system has been operated in a closed network, but it changes to open network as information and communication technology is developed rapidly. As the way of connecting with outside user extends, the possibility of exploitation of vulnerability of SCADA system gets high. The methodology to protect the possible huge damage caused by malicious user should be developed. In this paper, we proposed anomaly detection based intrusion detection methodology by estimating self-similarity of SCADA system.

• Convergence Security Journal
• /
• v.23 no.1
• /
• pp.9-17
• /
• 2023

Due to COVID-19, the concept of Zero Trust, a safe security in a non-face-to-face environment due to telecomm uting, is drawing attention. U.S. President Biden emphasized the introduction of Zero Trust in an executive order to improve national cybersecurity in May 2021, and Zero Trust is a global trend. However, the most difficulty in introd ucing new technologies such as Zero Trust in Korea is excessive regulation of cloud and network separation, which is based on the boundary security model, but is limited to not reflecting all new information protection controls due to non-face-to-face environments. In particular, in order for the government's policy to ease network separation to b ecome an effective policy, the zero trust name culture is essential. Therefore, this paper aims to study legal improve ments that reflect the concept of zero trust under the Electronic Financial Transactions Act.

• Journal of the Korea Computer Industry Society
• /
• v.2 no.10
• /
• pp.1355-1364
• /
• 2001

Internal control comprises the plan of Organization and all of the coordinate methods and measure adopted within a business to safeguard its assets. check the accuracy and reliability of its accounting data, promote operation efficiency, and encourage adherence to prescribed managerial policies. Internal accounting control is classified into General Control and Application Control. Essential elements of internal accounting control as follows : 1. General Control $\circled1$ Organization and operation controls. $\circled2$ System development and Documentation controls. $\circled3$ Hardware controls. $\circled4$ Software and hardware Accessibility controls. $\circled5$ General systems security and protection 2. Application control $\circled1$Input control. $\circled2$ Processing control. $\circled3$ Output control. Internal accounting control can establish a total management information system by connecting with mana-gement control of a company, and enable decision makers to establish decision support system(DSS), is so vital today.

• Journal of National Security and Military Science
• /
• s.1
• /
• pp.345-360
• /
• 2003

To build an information oriented armed forces, the Korean military telecommunication networks adopt TCP/IP standard communication infrastructures based on ATM packet switched networks. Utilizing this network infrastructure, the Korean armed forces also applies to the areas of battleship management for efficient operation command controls and resource management for efficient resource allocations. In this military communication networks, it is essential to determine the least cost network topology under equal performance and reliability constraints. Basically, this type of communication network design problem is known in the literature as an NP Hard problem. As the number of network node increases, it is very hard to obtain an optimal solution in polynomial time. Therefore, it is reasonable to use a heuristic algorithm which provides a good solution with minimal computational efforts. In this study, we developed a simulated annealing based heuristic algorithm which can be utilized for the design of military communication networks. The developed algorithm provides a good packet switched network topology which satisfies a given set of performance and reliability constraints with reasonable computation times.