• The KIPS Transactions:PartD
• /
• v.9D no.6
• /
• pp.1063-1070
• /
• 2002

With a remarkable growth and expansion of Internet, the security issues emerged from intrusions and attacks such as computer viruses, denial of services and hackings to destroy information have been considered as serious threats for Internet and the private networks. To protect networks from intrusions and attacks, many vendors have developed various security systems such as firewalls and intrusion detection systems. However, managing these systems individually demands too much work and high cost. Thus, integrated and autonomous security management for various security products has become more important. In this paper, we present the architecture of the WISMSF (Web-based Integrated Security Management System for Firewalls) and the merits of centralized approach for managing heterogeneous firewalls and implement the prototype of the central policy database that is a component of the WISMSF engine. The WISMSF engine supports an integrated view for policies, the integrity of polities and the easy recovery and addition of policies. And also, we define the policy conflicts of WISMSF and present the policy recovery process to support to the policies consistence.

• Convergence Security Journal
• /
• v.23 no.4
• /
• pp.33-41
• /
• 2023

In recent years, advanced persistent threat (APT) attack organizations have exploited various vulnerabilities and attack techniques to target companies and institutions with national core technologies, distributing ransomware and demanding payment, stealing nationally important industrial secrets and distributing them on the black market (dark web), selling them to third countries, or using them to close the technology gap, requiring national-level security preparations. In this paper, we analyze the attack methods of attack organizations such as Kimsuky and Lazarus that caused industrial secrets leakage damage through APT attacks in Korea using the MITRE ATT&CK framework, and derive 26 cybersecurity-related administrative, physical, and technical security requirements that a company's security system should be equipped with. We also proposed a security framework and system configuration plan to utilize the security requirements in actual field. The security requirements presented in this paper provide practical methods and frameworks for security system developers and operators to utilize in security work to prevent leakage of corporate industrial secrets. In the future, it is necessary to analyze the advanced and intelligent attacks of various APT attack groups based on this paper and further research on related security measures.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.5
• /
• pp.847-857
• /
• 2020

As IoT equipment is commercialized, Bluetooth or wireless networks will be built into general living devices such as IP cameras, door locks, cars and TVs. Security for IoT equipment is becoming more important because IoT equipment shares a lot of information through the network and collects personal information and operates the system. In addition, web-based attacks and application attacks currently account for a significant portion of cyber threats, and security experts are analyzing the vulnerabilities of cyber attacks through manual analysis to secure them. However, since it is virtually impossible to analyze vulnerabilities with only manual analysis, researchers studying system security are currently working on automated vulnerability detection systems, and Firm-AFL, published recently in USENIX, proposed a system by conducting a study on fuzzing processing speed and efficiency using a coverage-based fuzzer. However, the existing tools were focused on the fuzzing processing speed of the firmware, and as a result, they did not find any vulnerability in various paths. In this paper, we propose IoTFirmFuzz, which finds more paths, resolves constraints, and discovers more crashes by strengthening the mutation process to find vulnerabilities in various paths not found in existing tools.

• Journal of Korea Multimedia Society
• /
• v.9 no.12
• /
• pp.1596-1606
• /
• 2006

There has been more increased the development of 3D technique since many 3D contents of 3D graphic model, 3D mobile/computer game, and 3D CAD have been serviced in Web or industry fields. Therefore, the watermarking system is more required to protect the copyright for 3D contents. Currently there has been researched about the watermarking for 3D graphic model of mesh or NURBS. However, watermarking technique based on CAD design drawing leaves something to be desired yet. This paper proposed the watermarking technique for 3D CAD design drawing using Line and Arc components. After drawing out Line and Arc components from designed drawing, we embed the watermark into both the length of Line component and the radius of Arc component. Experimental results verified that the proposed algorithm satisfies the transparency about watermarked drawing and also has the robustness against several attacks by using public CAD tool.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.12 no.5
• /
• pp.237-242
• /
• 2012

Cyber attacks have rapidly increased by exploiting the underlying vulnerabilities in the target software. However, identifying and correcting these vulnerabilities are extremely difficult and time consuming tasks. To address these problems efficiently, we propose a systematic methodology for security vulnerability assessment process on binary code in the paper. Specifically, we first classified the existing vulnerabilities based on whether the target software run in a Web environment and features of the software. Based on the classification, we determined the list and scope of the vulnerabilities. As our future research direction, we need to further refine and validate our methodology.

• Korean Journal of Artificial Intelligence
• /
• v.11 no.1
• /
• pp.9-15
• /
• 2023

As mobile devices such as smartphones, tablets, and kiosks become increasingly prevalent, there is growing interest in developing alternative input systems in addition to traditional tools such as keyboards and mouses. Many people use their own bodies as a pointer to enter simple information on a mobile device. However, methods using the body have limitations due to psychological factors that make the contact method unstable, especially during a pandemic, and the risk of shoulder surfing attacks. To overcome these limitations, we propose a simple information input system that utilizes gaze-tracking technology to input passwords and control web surfing using only non-contact gaze. Our proposed system is designed to recognize information input when the user stares at a specific location on the screen in real-time, using intelligent gaze-tracking technology. We present an analysis of the relationship between the gaze input box, gaze time, and average input time, and report experimental results on the effects of varying the size of the gaze input box and gaze time required to achieve 100% accuracy in inputting information. Through this paper, we demonstrate the effectiveness of our system in mitigating the challenges of contact-based input methods, and providing a non-contact alternative that is both secure and convenient.

• Journal of Intelligence and Information Systems
• /
• v.13 no.3
• /
• pp.119-140
• /
• 2007

Recommender systems enable a user to decide which information is interesting and valuable in our world of information overload. As the recent studies of distributed computing environment have been progressing actively, recommender systems, most of which were centralized, have changed toward a peer-to-peer approach. Collaborative Filtering (CF), one of the most successful technologies in recommender systems, presents several limitations, namely sparsity, scalability, cold start, and the shilling problem, in spite of its popularity. The move from centralized systems to distributed approaches can partially improve the issues; distrust of recommendation and abuses of personal information. However, distributed systems can be vulnerable to attackers, who may inject biased profiles to force systems to adapt their objectives. In this paper, we consider both effective CF in P2P environment in order to improve overall performance of system and efficient solution of the problems related to abuses of personal data and attacks of malicious users. To deal with these issues, we propose a multi-agent framework for a distributed CF focusing on the trust relationships between individuals, i.e. web of trust. We employ an agent-based approach to improve the efficiency of distributed computing and propagate trust information among users with effect. The experimental evaluation shows that the proposed method brings significant improvement in terms of the distributed computing of similarity model building and the robustness of system against malicious attacks. Finally, we are planning to study trust propagation mechanisms by taking trust decay problem into consideration.

• Convergence Security Journal
• /
• v.19 no.2
• /
• pp.83-89
• /
• 2019

In accordance with information security compliance and security regulations, there is a need to develop regular and real-time concepts for cyber-infringement attacks against network system vulnerabilities in branch and periodic forms. Vulnerability Analysis Analysis It is judged that it will be a countermeasure against new hacking attack in case of concept validation by interworking with TOOL. Vulnerability check module is standardized in event attribute management and ease of operation. Opening in terms of global sharing of vulnerability data, owasp zap / Angry ip Etc. were investigated in the SIEM system with interlocking design implementation method. As a result, it was proved that the inspection events were monitored and transmitted to the SIEM console by the vulnerability module of web and network target. In consideration of this, ESM And SIEM system In this paper, we propose a new vulnerability analysis method based on the existing information security consultation and the results of applying this study. Refer to the integrated interrelationship analysis and reference Vulnerability target Goal Hacking It is judged to be a new active concept against invasion attack.

• Journal of Digital Convergence
• /
• v.11 no.3
• /
• pp.273-277
• /
• 2013

Phishing attacks have been implemented in smarter, more advanced ways with the passage of time. Hackers use intelligent phishing attacks to take over computers and to penetrate internal networks in major organizations. So, in this paper, a model for a prevention of phishing attack spread is conceptual designed in order to protect internal users and sensitive or important information from sophisticated phishing attacks. Internal users simultaneously utilize both external web and organizational mail services. And hackers can take the both side equally as a vector. Thus, packets in each service must be monitored and stored to recognize threatening elements from both sides. The model designed in this paper extends the mail server based security structure used in conventional studies for the protection of Internet mail services accessed by intranet users. This model can build a list of phishing sites as the system checks e-mails compared to that of the method that directly intercepts accesses to phishing sites using a proxy server, so it represents no standby time for request and response processes.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.16 no.1
• /
• pp.79-92
• /
• 2020

As the number of systems increases and the network size increases, automated attack prediction systems are urgently needed to respond to cyber attacks. In this study, we developed four types of information gathering sensors for collecting asset and vulnerability information, and developed technology to automatically generate attack graphs and predict attack targets. To improve performance, the attack graph generation method is divided into the reachability calculation process and the vulnerability assignment process. It always keeps up to date by starting calculations whenever asset and vulnerability information changes. In order to improve the accuracy of the attack target prediction, the degree of asset risk and the degree of asset reference are reflected. We refer to CVSS(Common Vulnerability Scoring System) for asset risk, and Google's PageRank algorithm for asset reference. The results of attack target prediction is displayed on the web screen and CyCOP(Cyber Common Operation Picture) to help both analysts and decision makers.