• The Transactions of the Korea Information Processing Society
• /
• v.5 no.4
• /
• pp.967-974
• /
• 1998

Access control scheme of the firewall systems protects the systems from threats by using the conventional discretionary access control mechanism. The discretionary access control mechanism is insufficient to control secure information flow on the multievel network. Thus, it is necessary to provide the mandatory access control mechanism to the firewall systems for the multilevel security environment. In this paper, we present a design scheme of the security mechanisms concerning the sensitivity label and the mandatory access control for securely processing the multilevel information.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.05a
• /
• pp.1087-1090
• /
• 2007

The security issues related to IPv6 protocol have been focused on by many researchers and engineers. Especially, extension headers of IPv6 protocol provide various functionalities such as IP security, mobile IP, and in principle, it is said to give much more effective network services than the previous protocol, IPv4. In this paper, the cases are surveyed in which fragment header, that is one of many extension headers in IPv6 protocol, is abused and made to be the sources of threats. Prevention mechanisms are also surveyed to countermeasure the threats.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2016.10a
• /
• pp.265-267
• /
• 2016

현대 사회는 IoT의 대중화와 함께 늘어나는 보안 위협에 노출되어 있다. 특히 CCTV의 설치 구역 확대는 그 보안 취약성과 맞물려 사생활 침해 등 문제를 야기할 가능성이 높다. 기존의 보안 솔루션은 키를 기기에 저장해야 하는 점 때문에 키 추출 공격 등으로 쉽게 보호능력을 상실할 수 있다. 본 논문은 키를 저장하는 것이 아닌 이미지를 씨드(Seed)로 사용하여 동적으로 키를 생성하는 개념과 매커니즘을 제안한다.

• International Journal of Computer Science & Network Security
• /
• v.21 no.9
• /
• pp.132-140
• /
• 2021

Under the mobile ad-hoc network system, the main reason for causing congestion is because of the limited availability of resources. On the other hand, the standardised TCP based congestion controlling mechanism is unable to control and handle the major properties associated with the shared system of wireless channels. It creates an effect on the design associated with suitable protocols along with protocol stacks through the process of determining the mechanisms of congestion on a complete basis. Moreover, when bringing a comparison with standard TCP systems the major environment associated with mobile ad hoc network is regraded to be more problematic on a complete basis. On the other hand, an agent-based mobile technique for congestion is designed and developed for the part of avoiding any mode of congestion under the ad-hoc network systems.

• International Journal of Computer Science & Network Security
• /
• v.21 no.7
• /
• pp.56-62
• /
• 2021

The surge in generic attacks execution against cipher text on the computer network has led to the continuous advancement of the mechanisms to protect information integrity and confidentiality. The implementation of explicit decision tree machine learning algorithm is reported to accurately classifier generic attacks better than some multi-classification algorithms as the multi-classification method suffers from detection oversight. However, there is a need to improve the accuracy and reduce the false alarm rate. Therefore, this study aims to improve generic attack classification by implementing two hybridized decision tree algorithms namely Naïve Bayes Decision tree (NBTree) and Logistic Model tree (LMT). The proposed hybridized methods were developed using the 10-fold cross-validation technique to avoid overfitting. The generic attack detector produced a 99.8% accuracy, an FPR score of 0.002 and an MCC score of 0.995. The performances of the proposed methods were better than the existing decision tree method. Similarly, the proposed method outperformed multi-classification methods for detecting generic attacks. Hence, it is recommended to implement hybridized decision tree method for detecting generic attacks on a computer network.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12
• /
• pp.219-222
• /
• 2021

The study shed the light on the information required by Governance Principles and Corporate Social Responsibilities of human resources department from the point deans' perspectives of BA colleges during the discussion the publication of studies that academic members earlier submitted in many journals as authors of similar studies talking about business schools and CSR in Saudi Arabia universities. The study sample was the deans of business schools in northern border university and interviews were used to collect data. Findings showed that CSR in business colleges within an integrated set of research products in the human resource that he owns, support the mechanisms of social services from a purposeful pioneering and creative perspective. In addition, the success of business administration colleges in preparing these cadres depends on the college's senior leadership represented by its dean and its administrative policy to motivate academic staff and students to develop the CSR and governance.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2004.05a
• /
• pp.1299-1302
• /
• 2004

본 연구에서는 MANET(Mobile Ad Hoc Network)에서 분산 PKI(Public Key Infrastructure) 메커니즘을 라우팅 프로토콜에 적용하기 위한 방법을 제안한다. 이를 위해 MANET이 사용하는 라우팅 프로토콜로 CBRP(Cluster Based Routing Protocol)를 고려한다. 제안하는 프로토콜은 CBRP의 기능과 분산 PKI 메커니즘을 활용하여 효율적으로 인증서 체인을 찾을 수 있고, 이를 통해 통신노드 상호간의 세션키 설정과 송수신하고자 하는 데이터에 대한 암호화를 지원한다. 또한, 라우팅 프로토콜의 안전한 동작을 위해 제안하는 프로토콜은 전자서명된 HELLO 메시지를 교환하여 악의적인 공격자들에 대해 신뢰성을 제공하고, 안전한 라우팅을 가능하게 한다.

• Journal of Information Processing Systems
• /
• v.15 no.2
• /
• pp.239-250
• /
• 2019

An individual's health data is very sensitive and private. Such data are usually stored on a private or community owned cloud, where access is not restricted to the owners of that cloud. Anyone within the cloud can access this data. This data may not be read only and multiple parties can make to it. Thus, any unauthorized modification of health-related data will lead to incorrect diagnosis and mistreatment. However, we cannot restrict semipublic access to this data. Existing security mechanisms in e-health systems are competent in dealing with the issues associated with these systems but only up to a certain extent. The indigenous technologies need to be complemented with current and future technologies. We have put forward a method to complement such technologies by incorporating the concept of blockchain to ensure the integrity of data as well as its provenance.

• International Journal of Computer Science & Network Security
• /
• v.22 no.3
• /
• pp.23-28
• /
• 2022

The purpose of the article is to analyze students' self-assessment of the level of soft skills development and the prospects for its improvement in a pandemic. For an adequate and objective study of the stated issues, comparative analysis was most often used. For this purpose, theoretical studies of national and foreign experts were analyzed, which included specific sociological surveys. Prospects for further work are assumed in a detailed study of the factors, conditions and mechanisms for the formation and development of soft skills in students of natural, engineering and technological, medical, social and humanitarian specialties.

• International Journal of Computer Science & Network Security
• /
• v.22 no.1
• /
• pp.312-318
• /
• 2022

The article notes that one of the reasons for the crisis in education was the sharp discrepancy between the emerging new forms and content and the model of macro-management that has developed over the decades. The level of management of the educational system did not emerge as a specific activity characterized by its own mechanisms and processes, just as qualified carriers of this activity - professionals - managers - did not appear. At the same time, there is practically no theoretical and methodological model of the macrolevel of education management, that is, management of the educational system as an integral structure.