• International Journal of Computer Science & Network Security
• /
• v.21 no.5
• /
• pp.168-174
• /
• 2021

The Cognitive radio (CR) is evolving technology for managing the spectrum bandwidth in wireless network. The security plays a vital role in wireless network where the secondary users are trying to access the primary user's bandwidth. During the allocation the any malicious user either he pretends to be primary user or secondary user to access the vital information's such as credentials, hacking the key, network jam, user overlapping etc. This research paper discusses on various types of attack and to prevent the attack in cognitive radio network. In this research, secondary users are identified by the primary user to access the primary network by the secondary users. The secondary users are given authorization to access the primary network. If any secondary user fails to provide the authorization, then that user will be treated as the malicious user. In this paper two approaches are suggested one by applying elliptic curve cryptography and the other method by using priority-based service access.

• International Journal of Computer Science & Network Security
• /
• v.23 no.12
• /
• pp.1-12
• /
• 2023

Ensuring the security of Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems (ICS) is paramount to safeguarding the reliability and safety of critical infrastructure. This paper addresses the significant threat posed by reconnaissance attacks on SCADA/ICS networks and presents an innovative methodology for enhancing their protection. The proposed approach strategically employs imbalance dataset handling techniques, ensemble methods, and feature engineering to enhance the resilience of SCADA/ICS systems. Experimentation and analysis demonstrate the compelling efficacy of our strategy, as evidenced by excellent model performance characterized by good precision, recall, and a commendably low false negative (FN). The practical utility of our approach is underscored through the evaluation of real-world SCADA/ICS datasets, showcasing superior performance compared to existing methods in a comparative analysis. Moreover, the integration of feature augmentation is revealed to significantly enhance detection capabilities. This research contributes to advancing the security posture of SCADA/ICS environments, addressing a critical imperative in the face of evolving cyber threats.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.2
• /
• pp.117-125
• /
• 2009

In this paper, we analyze the Contact Center's specific-security characteristics, including the threat model and weakness and study effective security measures focussing on protecting customer's personal information. Also, we establish the information security management system to reduce the possibility of information leakage from the internal employee in advance. As a result, we propose the "Security management model for protecting personal information for customer Contact Center" that complies with current ISO/IEC JTC 1 ISMS 27000 series standards.

• Smart Media Journal
• /
• v.13 no.3
• /
• pp.45-52
• /
• 2024

In today's growing threat environment, rapid and effective detection and response to security events is essential. To solve these problems, many companies and organizations respond to security threats by introducing security control systems. However, existing security control systems are experiencing difficulties due to the complexity and diverse characteristics of security events. In this study, we propose an automated integrated security control system model based on artificial intelligence. It is based on deep learning, an artificial intelligence technology, and provides effective detection and processing functions for various security events. To this end, the model applies various artificial intelligence algorithms and machine learning methods to overcome the limitations of existing security control systems. The proposed model reduces the operator's workload, ensures efficient operation, and supports rapid response to security threats.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.2
• /
• pp.363-374
• /
• 2015

Instrumentation and control(I&C) system has been mainly designed and operated based on analog technologies in existing Nuclear Power Plants(NPPs). However, As the development of Information Technology(IT), digital technologies are gradually being adopted in newly built NPPs. I&C System based on digital technologies has many advantages but it is vulnerable to cyber threat. For this reason, cyber threat adversely affects on safety and reliability of I&C system as well as the entire NPPs. Therefore, the software equipped to NPPs should be developed with cyber security attributes from the initiation phase of software development life cycle. Moreover through cyber security assessment, the degree of confidence concerning cyber security should be measured and if managerial, technical and operational work measures are implemented as intended should be reviewed in order to protect the I&C systems and information. Currently the overall cyber security program, including cyber security assessment, is not established on I&C systems. In this paper, we propose cyber security assessment methods in the Software Development Life Cycle by drawing cyber security activities and assessment items based on regulatory guides and standard technologies concerned with NPPs.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.5
• /
• pp.919-939
• /
• 2021

As a next-generation communication technology, 5G networks are capable of handling large amounts of traffic based on higher speeds, shorter communication delays, and higher connectivity compared to 4G networks. In this 5G network environment, base stations are installed all over the city at high density due to their characteristics, and are connected to user terminals to provide services. Therefore, if the base station is damaged by a malicious attacker, it is expected to cause great damage to users and society as a whole. So the need for secure communication equipment such as 5G base stations has emerged. Therefore, in this paper, we propose the security functional requirements derived using threat modeling, a systematic methodology for 5G base stations, and the security assurance requirements at the level that can cope with the backdoor issues. The security requirements proposed in this paper can be used for base station design and development to construct a secure network environment as a security evaluation standard for 5G base stations.

• Information Systems Review
• /
• v.19 no.3
• /
• pp.69-89
• /
• 2017

In the information age, the rapid development of information technology provides people with an enriching experience yet also causes them harm because of information security (IS) issues. The IS of smartphones faces great challenges. Although many studies on IS awareness have been conducted, most of them have focused on PCs and do not consider the security issues of smartphones. In this study, we focus on those factors that affect IS awareness for both PCs and smartphones. We also analyze the differences in the impacts of certain factors on PCs and smartphones based on the proposed research model. The results are summarized as follows. First, the understanding of security technique, understanding of IS threat, and IS education have significant impacts on IS awareness for PCs and smartphones, while IS intention has a significant impact on IS awareness for PCs but not for smartphones. Moreover, IS policy has no significant impact on IS awareness. Second, PCs and smartphones show no significant differences in IS awareness, IS threat, and IS intention, but show significant differences in understanding of security technique, IS education, and IS policy.

• Journal of the Korea Society of Computer and Information
• /
• v.21 no.1
• /
• pp.85-90
• /
• 2016

In this paper, the biometric data is transmitted in real time from the IoT environment is runoff, forgery, alteration, prevention of the factors that can be generated from a denial-of-service in advance, and the security strategy for the biometric data to protect the biometric data secure from security threats offer. The convenience of living in our surroundings to life with the development of ubiquitous computing and smart devices are available in real-time. And is also increasing interest in the IOT. IOT environment is giving the convenience of life. However, security threats to privacy also are exposed for 24 hours. This paper examines the security threats to biological data to be transmitted in real time from IOT environment. The technology for such security requirements and security technology according to the analysis of the threat. And with respect to the biometric data transmitted in real time on the IoT environment proposes a security strategy to ensure the stability against security threats and described with respect to its efficiency.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2019.10a
• /
• pp.491-494
• /
• 2019

The results from the analysis of recent security breach cases of industrial control systems revealed that most of them were caused by the employees of a partner company who had been managing the control system. For this reason, the majority of the current company security management systems have been developed focusing on their performances. Despite such effort, many hacking attempts against a major company, public institution or financial institution are still attempted by the partner company or outsourced employees. Thus, the institutions or organizations that manage Industrial Control Systems (ICSs) associated with major national infrastructures involving traffic, water resources, energy, etc. are putting emphasis on their security management as the role of those partners is increasingly becoming important as outsourcing security task has become a common practice. However, in reality, it is also a fact that this is the point where security is most vulnerable and various security management plans have been continuously studied and proposed. A system that enhances the security level of a partner company with a Virtual Desktop Infrastructure (VDI) has been developed in this study through research on the past performances of partner companies stationed at various types of industrial control infrastructures and its performance outcomes were statistically compiled to propose an appropriate model for the current ICSs by comparing vulnerabilities, measures taken and their results before and after adopting the VDI.

• Review of KIISC
• /
• v.15 no.1
• /
• pp.17-22
• /
• 2005

웜, 바이러스, 해킹 등 아직 일어나지 않은 사이버 위협을 예측하여 소기 예·경보를 통해 능동적으로 방어할 수 있는 위협관리시스템(TMS; Threat Management System)이 보안업계의 새로운 관심분야로 떠오르고 있다. 본 논문에서는 이 위협관리시스템의 개념과 기능에 대해 선명하고, 이를 통한 조기 경보의 방법을 논의하고자 한다.