• Journal of Internet Computing and Services
• /
• v.22 no.3
• /
• pp.53-58
• /
• 2021

There is little research on actual business activities in the field of security control. Therefore, in this paper, we intend to present a practical research methodology that can contribute to the calculation of the size of the appropriate input personnel through the modeling of the threat information detection response time of the security control and to analyze the effectiveness of the latest security solutions. The total threat information detection response time performed by the security control center is defined as TIDRT (Total Intelligence Detection & Response Time). The total threat information detection response time (TIDRT) is composed of the sum of the internal intelligence detection & response time (IIDRT) and the external intelligence detection & response time (EIDRT). The internal threat information detection response time (IIDRT) can be calculated as the sum of the five steps required. The ultimate goal of this study is to model the major business activities of the security control center with an equation to calculate the cyber threat information detection response time calculation formula of the security control center. In Chapter 2, previous studies are examined, and in Chapter 3, the calculation formula of the total threat information detection response time is modeled. Chapter 4 concludes with a conclusion.

• Journal of the Society of Disaster Information
• /
• v.8 no.4
• /
• pp.411-418
• /
• 2012

This thesis aims at presenting the improvements of terror-responsive policy that Korea has to take on the basis of terror threat to Germany and responsive policies. so, First, Korea has to prepare the ways to legislate on terror responsive policies. Second, Korea has to construct a management center to response to terror comprehensively. In addition, Korea, like Germany, has to establish cooperation center related to terror on internet to surveil and analyze information and situation.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.6
• /
• pp.43-54
• /
• 2016

The occurrence of cyber crime is on the rise every year, and the security control center, which should play a crucial role in monitoring and early response against the cyber attacks targeting various information systems, its importance has increased accordingly. Every endeavors to prevent cyber attacks is being attempted by information security personnel of government and financial sector's security control center, threat response Center, cyber terror response center, Cert Team, SOC(Security Operator Center) and else. The ordinary method to monitor cyber attacks consists of utilizing the security system or the network security device. It is anticipated, however, to be insufficient since this is simply one dimensional way of monitoring them based on signatures. There has been considerable improvement of the security control system and researchers also have conducted a number of studies on monitoring methods to prevent threats to security. In accordance with the environment changes from ESM to SIEM, the security control system is able to be provided with more input data as well as generate the correlation analysis which integrates the processed data, by extraction and parsing, into the potential scenarios of attack or threat. This article shows case studies how to detect the threat to security in effective ways, from the initial phase of the security control system to current SIEM circumstances. Furthermore, scenarios based security control systems rather than simple monitoring is introduced, and finally methods of producing the correlation analysis and its verification methods are presented. It is expected that this result contributes to the development of cyber attack monitoring system in other security centers.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.21 no.4
• /
• pp.15-23
• /
• 2021

In most hacking attacks, hackers intrudes inside for a long period of time and attempts to communicate with the outside using a circumvent connection to achieve purpose. research in response to advanced and intelligent cyber threats has been mainly conducted with signature-based detection and blocking methods, but recently it has been extended to threat hunting methods. attacks from organized hacking groups are advanced persistent attacks over a long period of time, and bypass remote attacks account for the majority. however, even in the intrusion detection system using intelligent recognition technology, it only shows detection performance of the existing intrusion status. therefore, countermeasures against targeted bypass rwjqthrwkemote attacks still have limitations with existing detection methods and threat hunting methods. in this paper, to overcome theses limitations, we propose a model that can detect the targeted circumvent connection remote attack threat of an organized hacking group. this model designed a threat hunting process model that applied the method of verifying the origin IP of the remote circumvent connection, and verified the effectiveness by implementing the proposed method in actual defense information system environment.

• Journal of the Korea Convergence Society
• /
• v.9 no.7
• /
• pp.55-62
• /
• 2018

Recently, as the threat of cyber crime increases, the importance of security control to cope with cyber attacks on the information systems in the first place such as real-time detection is increasing. In the name of security control center, cyber terror response center and infringement response center, institutional control personnel are making efforts to prevent cyber attacks. Especially, we are detecting infringement accident by using network security equipment or utilizing control system, but it's not enough to prevent infringement accident by just controlling based on device-driven simple patterns. Therefore, the security control system is continuously being upgraded, and the development and research on the detection method are being actively carried out by the prevention activity against the threat of infringement. In this paper, we have defined the method of detecting infringement of major component module in order to improve the problem of existing infringement detection method. Through the performance tests for each module, we propose measures for effective security control and study effective infringement threat detection method by upgrading the control system using Security Information Event Management (SIEM).

• The Korean Journal of Emergency Medical Services
• /
• v.22 no.2
• /
• pp.51-65
• /
• 2018

Purpose: The purpose of this study was to investigate experiences of violence with patients or family members by paramedics working at emergency rooms. Methods: A questionnaire was administered from June 1 to 31, 2017 to 225 paramedics working at 27 emergency medical centers. The collected data were analyzed with SPSS statistics ver 24.0 program. Results: Within the past year, 208(92.9%) of 224 participants experienced violence among whom 202(90.2%) experienced verbal abuse, 193(86.2%) experienced physical threat, 89(39.7%) experienced physical violence, and 52(23.2%) experienced sexual violence. The level of violence response depending on the overlapping experience of violence type showed significant difference from emotional response (p= .001), social response (p= .001), physical response (p= .004), and overall violence response (p= .001). Conclusion: In conclusion, paramedics are frequently exposed to violence in the emergency rooms, of which they mostly experience verbal abuse. In addition, because the reporting system in the event of violence and the coping process are not well-informed, paramedics are unable to sufficiently utilize the reporting system and programs established within the institution. Therefore, the support of the legal system is needed to create a safe working environment for the medical staff who work in the emergency medical centers.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.251-257
• /
• 2004

Todays, the more information technologies(IT) like internet is developed, the more main facilities of individuals and social organizations get deeply involved in IT. Also, the trend of cyber threats such as internet worms and viruses is moving from local pc attacks to IT infrastructure attacks by exploiting inherent vulnerabilities of IT. Social organizations has a limit to response these attacks individually, and so the systematic coordinate center for social organizations is necessary. To analyze and share cyber threat information is performed prior to the construction of the coordinate center. In this paper, we survey domestic alert systems for cyber threats of related organizations and companies, and then classify them into two categories by the range of threat assessment: global alert systems for global If infrastructure and individual alert systems for each threat. Next, we identify problems of domestic alert systems and suggest approaches to resolve them.

• The Plant Pathology Journal
• /
• v.39 no.6
• /
• pp.584-591
• /
• 2023

Active plant immune response involving programmed cell death called the hypersensitive response (HR) is elicited by microbial effectors delivered through the type III secretion system (T3SS). The marine bacterium Hahella chejuensis contains two T3SSs that are similar to those of animal pathogens, but it was able to elicit HR-like cell death in the land plant Nicotiana benthamiana. The cell death was comparable with the transcriptional patterns of H. chejuensis T3SS-1 genes, was mediated by SGT1, a general regulator of plant resistance, and was suppressed by AvrPto1, a type III-secreted effector of a plant pathogen that inhibits HR. Thus, type III-secreted effectors of a marine bacterium are capable of inducing the nonhost HR in a land plant it has never encountered before. This suggests that plants may have evolved to cope with a potential threat posed by alien pathogen effectors. Our work documents an exceptional case of nonhost HR and provides an expanded perspective for studying plant nonhost resistance.

• ETRI Journal
• /
• v.42 no.2
• /
• pp.205-216
• /
• 2020

An arbiter physical unclonable function (APUF) has exponential challenge-response pairs and is easy to implement on field-programmable gate arrays (FPGAs). However, modeling attacks based on machine learning have become a serious threat to APUFs. Although the modeling-attack resistance of an MA-APUF has been improved considerably by architecture modifications, the response generation method of an MA-APUF results in low uniqueness. In this study, we demonstrate three design problems regarding the low uniqueness that APUF-based strong PUFs may exhibit, and we present several foundational principles to improve the uniqueness of APUF-based strong PUFs. In particular, an improved MA-APUF design is implemented in an FPGA and evaluated using a well-established experimental setup. Two types of evaluation metrics are used for evaluation and comparison. Furthermore, evolution strategies, logistic regression, and K-junta functions are used to evaluate the security of our design. The experiment results reveal that the uniqueness of our improved MA-APUF is 81.29% (compared with that of the MA-APUF, 13.12%), and the prediction rate is approximately 56% (compared with that of the MA-APUF (60%-80%).

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2006.05a
• /
• pp.187-190
• /
• 2006

TETRA system provides the radio authentication service which permits only authorized radio to access network. Radio authentication is the process which checks the sameness of authentication-key(K) by challenge-response protocol between radio and authentication center. This paper analyzes authentication-key generation/delivery/injection model in TETRA authentication system and analyzes the threat of clone radio caused by authentication-key exposure.