• Convergence Security Journal
• /
• v.6 no.2
• /
• pp.31-42
• /
• 2006

In this paper, we proposed an integrated infrastructure for optimal information security to resolve these kinds of problems and to implement more powerful protection. The proposed infrastructure presents a security framework, provides a functional mechanism, and implements a scheme for information security based on the design concept of integrated structures. In order to ensure effective malicious traffic blocking, this paper emphasizes that a comprehensive approach through infrastructure improvement and combination of scanning tool is the only measure for preparing against today's environment of virus infiltration. The proposed model is a measure developed at a time when a permanent technological solution to virus is yet to be developed. A performance analysis model is developed and the performance is evaluated through the case studies for the proposed methodology. The effectiveness of the infrastructure for optimal information security needs the continuous diagnostic evaluation and tuning through the users or the organizations.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.14 no.3
• /
• pp.11-20
• /
• 2018

Smart devices refer to various devices and control equipment such as health care devices, imaging devices, motor devices and wearable devices that use wireless network communication (e.g., Wi-fi, Bluetooth, LTE). Commercial services using such devices are found in a wide range of fields, including home networks, health care and medical services, entertainment and toys. Studies on smart devices have also been actively undertaken by academia and industry alike, as the penetration rate of smartphones grew and the technological progress made with the fourth industrial revolution bring about great convenience for users. While services offered through smart devices come with convenience, there is also various security threats that can lead to financial loss or even a loss of life in the case of terrorist attacks. As attacks that are committed through smart devices tend to pick up where attacks based on wireless internet left off, more research is needed on related security topics. As such, this paper seeks to design an access control method for reinforced security for smart devices. After registering and authenticating the smart device from the user's smart phone and service provider, a safe communication protocol is designed. Then to secure the integrity and confidentiality of the communication data, a management process such as for device renewal or cancellation is designed. Safety and security of the existing systems against attacks are also evaluated. In doing so, an improved efficiency by approximately 44% compared to the encryption processing speed of the existing system was verified.

• Journal of Internet Computing and Services
• /
• v.7 no.1
• /
• pp.31-38
• /
• 2006

The importance of the Security Risk Analysis has emerged as security breaches and information leaks has occurred in the companies and organization: threats toward information system and its vulnerabilities has grown up as the dependence on the information-communication systems goes higher as a result of technological advances in IT industry, A Risk Analysis Tool helps to mitigate overall risk of an organization by analysing and evaluating critical information systems and providing security measures against threats to systems and its vulnerabilities as a means to identify the inherent dangers and prevent security intrusion incident, This paper defines risk analysis process by introducing Common Criteria Scheme and suggest a risk analysis tool that can be easily implemented by an information security manager.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.15 no.1
• /
• pp.77-86
• /
• 2019

Comparative analysis to secure safety of Blockchain Many investors have invested in virtual currency such as bit coins as a new investment due to increased popularity of virtual currency around the world. Also, virtual currency such as bit coin has a security technology and it has been relatively proved. popularity of virtual currency is rising as a new investment alternative because of this reason. This paper focused on the block chain's transparency and security of distributed ledger technology, which is relatively safe without third party's intervention. Many governments and companies around the world are developing and working on block chain technological development to introduce due to these reasons However, there are some suggestion that block chain has minor risks to its security. In this paper, it will examine security vulnerabilities from importance of security of Blockchain which relates to transactions of Bitcoin which stored by governments and companies around the world. This paper will propose measure which will improve safety and efficiency of Blockchain technology such as the existing Blockchain method, Blockchain proposal, traceability and awareness about hacking.

• Electronics and Telecommunications Trends
• /
• v.37 no.4
• /
• pp.36-45
• /
• 2022

As the interest in achieving an intelligent society grows with the fourth industrial revolution's development, information and communications technologies technologies like artificial intelligence (AI), Internet of Things, virtual reality, information security, and blockchain technology are being actively employed in different fields for achieving an intelligent society. With these modifications, the information security paradigm in industrial and public institutions, like personal sensitive data, is quickly changing, and it is exposed to different cyber threats and breaches. Furthermore, as the number of cyber threats and breaches grows, so does the need for rapid detection and response. This demand can be satisfied by establishing cyber training programs and fostering experts that can improve cyber security abilities. In this study, we explored the domestic and international technology trends in cyber security education and training facilities for developing experts in information security. Additionally, the AI technology application in the cyber training ground, which can be established to respond to and deter cyber threats that are becoming more intelligent, was examined.

• Journal of the Korea Society of Computer and Information
• /
• v.29 no.9
• /
• pp.61-68
• /
• 2024

In this paper, Generative AI is a technology that creates various forms of content such as text, images, and music, and is being utilized across different fields. In the security sector, generative AI is poised to open up new possibilities in various areas including security vulnerability analysis, malware detection and analysis, and the creation and improvement of security policies. This paper presents a guide for identifying vulnerabilities and secure coding using ChatGPT for security vulnerability analysis and prediction, considering the application of generative AI in the security domain. While generative AI offers innovative possibilities in the security field, it is essential to continuously pursue research and development to ensure safe and effective utilization of generative AI through in-depth consideration of ethical and legal issues accompanying technological advancements.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.3
• /
• pp.687-704
• /
• 2017

As Korea's industrial competitiveness and technological prowess increase, collaboration and technical exchanges with contracting companies are increasing. In an environment where cooperation with the contracting company is unavoidable ordering companies are also striving to prevent leakage of technologies through various security systems, policy-making and security checks. However, although the contracting companies were assessed to have a high level of security management the leakage of technical datas are steadily increasing. Issues are being raised about the effectiveness of the security management assessment and the actual security management levels. Therefore, this study suggested a security management system model to improve security management efficiency in the general contract structure. To prove this, analyze the efficiency of 36 contractor companies for the technical datas security management system using the DEA model. The results of the analysis are reflected in the assessment results. Lastly, suggestions for improving the effectiveness of the technical datas security system are proposed.

• Convergence Security Journal
• /
• v.13 no.4
• /
• pp.53-59
• /
• 2013

As the hacking technology for cyber-terror and financial fraud evolves, the research and development for advanced and standardized information security technology is growing to be more and more important. In this paper, the domestic level of technology and standardization for information security as compared to advanced country is diagnosed, and future policy is presented by analyzing the influence effect for market and technology. The information security is classified into information security-based & user protection, network & system security, and application security & evaluation validation with details of OTP-based validation, smart-phone app security, and mobile electronic finance, etc. The analytic results indicate that domestic level is some poor for advanced country, the technological development and standardization capability for smart-phone app security and mobile electronic finance is needed, and finally the government's supporting policy for the future Internet is urgently needed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.235-255
• /
• 2019

Recent technological advances and industry changes, the game industry is maximizing fun by supporting cross-play that can be enjoyed by different platform users in PC, Mobile and Console games. If the boundaries are lost through the cross play, unexpected security threats can occur due to new services, even if existing security is maintained above a certain level. The existing online game security researches are mostly fraud detection that can occur in PC and mobile environment, but it is also necessary to study the security of the console game as cross play becomes possible. Therefore, this paper systematically identifies the security threats that can occur when enjoying cross play against console game users using STRIDE and LINDDUN threat modeling, derives security requirements using the international common evaluation standard.

• International Journal of Computer Science & Network Security
• /
• v.22 no.6
• /
• pp.75-82
• /
• 2022

Medical data is one of the data that must be kept in safe containers, far from intrusion, viewing and modification. With the technological developments in hospital systems and the use of cloud computing, it has become necessary to save, encrypt and even hide data from the eyes of attackers. Medical data includes medical images, whether they are x-ray images of patients or others, or even documents that have been saved in the image format. In this review, we review the latest research and the latest tools and algorithms that are used to protect, encrypt and hide these images, and discuss the most important challenges facing these areas.