• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.5
• /
• pp.949-959
• /
• 2024

Recently, as enterprises utilize the cloud and artificial intelligence, it is becoming increasingly difficult to protect exposed interfaces with existing perimeter security methods. Accordingly, zero trust-based comprehensive risk management is becoming necessary. Most enterprises use vulnerability inspection and bug bounty (security vulnerability reporting system) as basic risk management methods, but it is difficult to effectively respond to unpredictable problems such as zero-day attacks or open source vulnerabilities with these methods alone. Therefore, in this paper, we propose a risk response technique for the entire enterprise that links external OSINT (open source information) and CTI of national government agencies to detect threats through CTI (cyber threat intelligence) and collects the enterprise's own CTI. As a result of comparing the method of threat detection and blocking that collects the enterprise's own CTI by configuring a honeypot for effective threat detection and links it to the CTI of an external government agency, the proposed technique showed a 65.8% higher performance improvement in detection accuracy and verified the effect of reducing the number of attackers in the organization through this method

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.317-326
• /
• 2012

Internet service provider is able to collect personal information to prevent the violations of the rights of service providers and customers using internet. But there are still many debates going on between a personal privacy and a regulation. Proxy servers are used in various technical purposes include bypass access. Although the proxy server users are increasing but there are not any proper institutional mechanisms and regulations to protect users. In this study, we discuss the two sides of a proxy service includes its privacy protection function and the cyber-crime threat and propose supplementary measures to mediate between the interests of public and private.

• Convergence Security Journal
• /
• v.23 no.5
• /
• pp.173-179
• /
• 2023

The 4th Industrial Revolution technology has emerged as a solution to build a hyper-connected, super-intelligent network-oriented operational environment, overcoming the obstacles of reducing troops and defense budgets facing the current military. However, the overall risk management, including the increase in complexity of the latest inform ation technology and the verification of the impact with the existing information system, is insufficient, leading to serious threats to system integrity and availability, or negatively affecting interoperability between systems. It can be inhibited. In this paper, we suggest cyber threat response strategies for our military to prepare for cyber threats by examining information security risk management in the United States in order to protect military information assets from cyber threats that may arise due to the advancement of information technology.

• Journal of Digital Convergence
• /
• v.15 no.6
• /
• pp.51-59
• /
• 2017

The role of government is to defend its lands and people from enemies. The range of that defense has now extended into the cyber domain, regarded as the fourth domain of the conventional defense domains (i.e., land, sea, sky, and universe). Traditionally, a government's intelligence power overrides that of its civilians, and government is exclusively responsible for defense. However, it is difficult for government to take the initiative to defend in the cyber domain because civilians already have a greater means for collecting information, which is known as being "intelligence inverse" in the cyber domain. To this end, we first define the intelligence inverse phenomenon and then analyze its main features. Then we investigate foreign countries' efforts to overcome the phenomenon and look at the current domestic situation. Based on these results, we describe the appropriate role of the National Intelligence Agency to handle cyber threats and offer a cyber threat intelligence model to share with civilians to help protect against these threats. Using the proposed model, we propose that the National Intelligence Agency should establish a base system that will respond to cyber threats more effectively.

• The Journal of Society for e-Business Studies
• /
• v.24 no.2
• /
• pp.113-124
• /
• 2019

Today many companies are offering IoT-enabled products and place emphasis on security from the planning stage to protect their products and user information from external threats. The present security levels, however, remain low because the time and resources invested in developing security requirements for each device are far from enough to meet the needs of a wide range of IoT products. Nevertheless, vulnerabilities of IoT devices have been reported continuously, which calls for more detailed security requirements for home IoT devices. In this context, this research identified threats of home IoT systems by using Microsoft Threat Modeling Tool. It then suggested measures to enhance the security of home IoT devices by developing security assessment items through comparative analysis of the identified threats, domestic and global vulnerability assessment standards and related research. It also verified the effectiveness of the developed security requirements by testing them against the existing ones, and the results revealed the security requirements developed in this research proved to be more effective in identifying vulnerabilities.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.6
• /
• pp.135-144
• /
• 2009

This paper discusses an issue of serious security risks at web log which contains private information, and suggests solutions to protect them. These days privacy is core information to produce value-added in information society. Its scope and type is expanded and is more important along with the growth of information society. Web log is a privacy information file enacted as law in South Korea. Web log is not protected properly in spite of that has private information It just is treated as residual product of web services. Many malicious people could gain private information in web log. This problem is occurred by no classified data and improper development of web application. This paper suggests the technical solutions which control data in development phase and minimizes that the private information stored in web log, and applies in operation environment. It is very efficient method to protect private information and to observe the law.

• The Korean Society of Law and Medicine
• /
• v.11 no.1
• /
• pp.331-393
• /
• 2010

Psychiatrists who treat violent or potentially violent patients may be sue for failure to control aggressive outpatients and for the discharge of violent inpatients. Psychiatrists may be sued for failing to protect society from the violent acts of their patients if it was reasonable for the psychiatrists to have known or should have known about the patient's violent tendencies and if the psychiatrists could have done something that could have safeguarded in public. The courts of a number of jurisdictions have imposed a duty to protect the potential victims of a third party on persons or institutions with a special relationship to that party. In the landmark case of Tarasoff v Regents of University of California, the California Supreme Court held that the special relationship between a psychotherapist and a patient imposes on the therapist a duty to act reasonably to protect the foreseeable victims of the patient. Under Tarasoff, when a therapist has determined, or under applicable professional standards should determine, that a patient poses a serious threat of violence to another, he incurs an obligation to use reasonable care to protect the intended victim against such danger. In addition to a Tarasoff type of action based on a duty to warn or protect foreseeable victims of psychiatric outpatients, courts have also imposed liability on mental health care providers based on their custody of patients known to have violent propensities. The legal duty in such a case has been stated to be that where the course of treatment of a mental patient involves an exercise of "control" over him by a physician who knows or should know that the patient is likely to cause bodily harm to others, an independent duty arises from that relationship and falls on the physician to exercise that control with such reasonable care as to prevent harm to others at the hands of the patient. After going through a period of transition, from McIntosh, Thompson and Brady case, finally, the narrow rule of requiring a specific or foreseeable threat of violence against a specific or identifiable victim is the standard threshold or trigger element in the majority of states. Judgements on these kinds of cases are not enough yet in Korea, so that it may be too early to try find principles in these cases, however it is hardly wrong to read the same reasons of Tarasoff in the judgements of Korea district courts. To specific, whether a psychiatric institute was liable for violent behavior toward others depends upon the patients conditions, circumstances and the extent of the danger the patients poses to others; in short, the foreseeability of a specific or identifiable victim. In this context if a patient exhibit strong violent behavior toward others, constant observation should be required. Negligence has been found not exist, however, when a patient abruptly and unexpectedly attack others or unidentifiable victim. And the standard of conduct that is required to meet the obligation of "due care" is based on what the "reasonable practitioner" would do in like circumstances. The standard is not one of excellence or superior practice; it only requires that the physician exercise that degree of skill and care that would be expected of the average qualified practitioner practicing under like circumstances. All these principles have been established in cases of the U.S.A and Japan. In this article you can find the reasons which you can use for psychotherapist's liability for failure to protect third person in Korea as practitioner.

• The KIPS Transactions:PartD
• /
• v.13D no.1 s.104
• /
• pp.67-74
• /
• 2006

The security requirements identification in the software development has received some attention recently. However, previous methods do not provide clear method and process of security requirements identification. We propose a process that software developers can build application specific security requirements from state transition diagrams at the security threat location. The proposed process consists of building model and identifying application specific security requirements. The state transition diagram is constructed through subprocesses i) the identification of security threat locations using security failure data based on the point that attackers exploit software vulnerabilities and attack system assets, ii) the construction of a state transition diagram which is usable to protect, mitigate, and remove vulnerabilities of security threat locations. The identification Process of application specific security requirements consist of i) the analysis of the functional requirements of the software, which are decomposed into a DFD(Data Flow Diagram; the identification of the security threat location; and the appliance of the corresponding state transition diagram into the security threat locations, ii) the construction of the application specific state transition diagram, iii) the construction of security requirements based on the rule of the identification of security requirements. The proposed method is helpful to identify the security requirements easily at an early phase of software development.

• Journal of Internet Computing and Services
• /
• v.22 no.3
• /
• pp.27-35
• /
• 2021

With the development of the Internet, various IT technologies such as IoT, Cloud, etc. have been developed, and various systems have been built in countries and companies. Because these systems generate and share vast amounts of data, they needed a variety of systems that could detect threats to protect the critical data contained in the system, which has been actively studied to date. Typical techniques include anomaly detection and misuse detection, and these techniques detect threats that are known or exhibit behavior different from normal. However, as IT technology advances, so do technologies that threaten systems, and these methods of detection. Advanced Persistent Threat (APT) attacks national or companies systems to steal important information and perform attacks such as system down. These threats apply previously unknown malware and attack technologies. Therefore, in this paper, we propose a hybrid intrusion detection system that combines anomaly detection and misuse detection to detect unknown threats. Two detection techniques have been applied to enable the detection of known and unknown threats, and by applying machine learning, more accurate threat detection is possible. In misuse detection, we applied Classification based on Association Rule(CBA) to generate rules for known threats, and in anomaly detection, we used One-Class SVM(OCSVM) to detect unknown threats. Experiments show that unknown threat detection accuracy is about 94%, and we confirm that unknown threats can be detected.

• Journal of the Korean Institute of Electrical and Electronic Material Engineers
• /
• v.27 no.4
• /
• pp.221-225
• /
• 2014

In modern times, threat of high power electromagnetic wave is increasing. When the electrical grid and communication network are attacked by these high power electromagnetic wave, the whole infrastructure is paralyzed. To protect the infrastructure from these high power electromagnetic wave threat, the shielding facility that can block high power electromagnetic wave is constructed. Also shielding effectiveness evaluation about the constructed facility is important. But, because of space efficiency and saving of construction cost to construct the actual shielding facility, the shielding room wall is generally adjacent to exterior concrete structures. As space between shielding facility wall and concrete structures is very small, arranging the transmitting antenna exterior shielding facility is realistically difficult. Therefore, in this research, The shielding effectiveness measurement plan in the state of exterior narrow space of HEMP shielding facility is presented. And to apply this plan, The influence of shielding effectiveness according to the size of the shielding facility is analyzed.