• Title/Summary/Keyword: cyber infrastructure

Search Result 217, Processing Time 0.215 seconds

A study on the detection of DDoS attack using the IP Spoofing (IP 스푸핑을 통한 DDoS 공격 탐지 방안에 대한 연구)

  • Seo, Jung-Woo;Lee, Sang-Jin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.25 no.1
    • /
    • pp.147-153
    • /
    • 2015
  • Since the DoS(Denial of Service) attack is still an important vulnerable element in many web service sites, sites including public institution should try their best in constructing defensive systems. Recently, DDoS(Distributed Denial of Service) has been raised by prompting mass network traffic that uses NTP's monlist function or DoS attack has been made related to the DNS infrastructure which is impossible for direct defense. For instance, in June 2013, there has been an outbreak of an infringement accident where Computing and Information Agency was the target. There was a DNS application DoS attack which made the public institution's Information System impossible to run its normal services. Like this, since there is a high possibility in having an extensive damage due to the characteristics of DDoS in attacking unspecific information service and not being limited to a particular information system, efforts have to be made in order to minimize cyber threats. This thesis proposes a method for using TTL (Time To Live) value in IP header to detect DDoS attack with IP spoofing, which occurs when data is transmitted under the agreed regulation between the international and domestic information system.

A Study on Cyber Security Threat and Security Requirements for Industrial Wireless Communication Devices (산업용 무선통신기기 사이버 보안위협 및 보안요구사항에 관한 연구)

  • Lee, Jiseop;Park, Kyungmi;Kim, Sinkyu
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.30 no.4
    • /
    • pp.757-770
    • /
    • 2020
  • Industrial Control System(ICS) is a system that measures, monitors, and controls various distributed assets, and is used in industrial facilities such as energy, chemical, transportation, water treatment, and manufacturing plants or critial infrastructure. Because ICS system errors and interruptions can cause serious problem and asset damage, research on prevention and minimization of security threats in industrial control systems has been carried out. Previously wireless communication was applied in limited fields to minimize security risks, but the demand for industrial wireless communication devices is increasing due to ease of maintenance and cost advantages. In this paper, we analyzed the security threats of industrial wireless communication devices supporting WirelessHART and ISA100.11a. Based on the analysis results, we proposed the security requirements for adopting and operating industrial wireless communication devices. We expect that the proposed requirements can mitigate security threats of industrial wireless devices in ICS.

Marine Contents Use and Service Plans for the Educational Purpose (교육용 해양 콘텐츠 활용 및 서비스 방안)

  • Youn, Jae-Hong;Choi, Hyo-Seung;Jeong, Seung-Moon
    • The Journal of the Korea Contents Association
    • /
    • v.12 no.3
    • /
    • pp.480-486
    • /
    • 2012
  • There has been an increasing interest in new industry and demand creations by the convergence and integration between IT and infrastructure and BT, NT, and CT and the convergence of IT and spread of cloud computing have changed the IT service environment. Even in the educational field, the convergence and integration of contents with various IT have rapidly emerged and learning equipments for the educational purpose have expanded to the mobile media platform from PCs so that learning without limitations to time, place and equipment has become possible. Contents necessary for the smart education are under way by research development utilizing cyber reality and simulation, and 3D technologies. The purpose of this study is to propose marine contents use and service plans for the educational purpose in order to produce various types of contents for the marine life and environment, to improve the school achievement by stimulating interest and to provide individually customized learning.

Proactive Network Optimizer for Critical Applications (크리티컬한 응용을 위한 능동형 네트워크 최적화기)

  • Park, Bongsang;Park, Pangun
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.22 no.9
    • /
    • pp.1250-1256
    • /
    • 2018
  • Recently, wireless networks are becoming an important infrastructure for the critical large-scale applications such as cyber-physical systems and next generation industrial automations. However, the fundamental performance uncertainty of wireless networks may incur the serious instability problem of the overall systems. This paper proposes the proactive network optimizer to guarantee the application demands without any real-time link monitoring information of the networks. In particularly, the proposed proactive optimizer is the cross-layer approach to jointly optimize the routing path and traffic distribution in order to guarantee the performance demand within a maximum k number of link faults. Through the simulations, the proposed proactive network optimizer provides better robustness than the traditional existing reactive networks. Furthermore, the proactive network does not expose to the major weakness of the reactive networks such as the performance degradation due to the erroneous link monitoring information and the network reconfiguration cost.

OTP-Based Dynamic Authentication Framework for Virtual Machine Migration (가상머신 마이그레이션을 위한 OTP 기반 동적인증 프레임워크)

  • Lee, Eun-Ji;Park, Choon-Sik;Kwak, Jin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.27 no.2
    • /
    • pp.315-327
    • /
    • 2017
  • Security threats such as unauthorized access and data tampering can occur during the virtual machine migration process. In particular, since virtual machine migration requires users to transfer important data and infrastructure information, it is relatively risky to other cloud services in case of security threats. For this reason, there is a need for dynamic authentication for virtual machine migration. Therefore, this paper proposes an OTP-based dynamic authentication framework to improve the vulnerabilities of the existing authentication mechanism for virtual machine migration. It consists of a virtual machine migration request module and an operation module. The request module includes an OTP-based user authentication process and a migration request process to a data center when a user requests a migration. The operation module includes a secure key exchange process between the data centers using SPEKE and a TOTP-based mutual authentication process between the data center and the physical server.

The Study on Design and Implementation of Cloud-based Education System: Introducing Hang-Out Education System (클라우드 기반 학습 시스템의 설계 및 구현에 관한 연구: 행아웃 학습시스템 도입사례를 중심으로)

  • Lee, Seong-Chul;Park, Joo-Yeon
    • Journal of Digital Convergence
    • /
    • v.13 no.3
    • /
    • pp.31-36
    • /
    • 2015
  • The Many universities and educational institutions have focused on shifting education paradigm into smart learning using high-tech devices and internet as the level of technology has growing rapidly in every society. Especially, cyber universities and open universities in Korea are trying to develop educational network system and infrastructure corresponding to new convergence technology environment. Therefore, the purpose of this study is to introduce clouded based education system in order to suggest an effective way of using new educational learning system. This study shows the case of Hangout learning system used in K University in Korea to suggest a new educational learning model for real-time lecture and cloud based service platform for improving educational learning environment.

Simulation Analysis of Network Load of Application Level Security Protocol for Smart grid (시뮬레이션을 이용한 스마트 그리드 통신망 상의 응용 계층 보안 프로토콜의 부하 분석)

  • Lee, Kwang-Sik;Han, Seung-Chul
    • Journal of the Korea Society for Simulation
    • /
    • v.24 no.1
    • /
    • pp.17-24
    • /
    • 2015
  • Smart grid is a modernized electrical grid that uses information and communication technologies to gather and act on information, such as information about the behaviors of suppliers and consumers, in an automated fashion to improve the efficiency, reliability, economics, and sustainability of the production and distribution of electricity. However, with the advent of cyber crime, there are also concerns on the security of the infrastructure, primarily that involving communications technologies. In this work, we make an in-depth investigation on the issue of security services and network loads on Smart grid. Through simulation, we analyze the relations between security services and network loads. The experimental results of this study will contribute toward designing an advanced Smart grid system that offers better quality of services. Also, the approach proposed in this study can be utilized to derive new and valuable insights in security aspects.

The Validity Analysis of SDN/NFV Military application (SDN/NFV의 군 적용 타당성 분석)

  • Jang, Ji-Hee;Kwon, Tae-Uk
    • The Journal of the Korea institute of electronic communication sciences
    • /
    • v.15 no.4
    • /
    • pp.687-694
    • /
    • 2020
  • SDN and NFV are next-generation network technologies, and cloud, such as data centers, campuses, and large companies, has been established, or is actively applied by service-oriented communication companies. In particular, the Defense Integrated Data Center will be a prime example for military applications. In order for the Defense Integrated Data Center (DIDC) to become an intelligent center, it is accelerating the promotion of the "Smart Defense Integrated Data Center", which applied the latest information and communication technology (ICT). At the time of the establishment of DIDC, it plans to start building infrastructure such as cloud services at around 30% level, and expand D-Cloud to 75% through 'Cloud First'. In addition, the introduction of SDN/NFV will reduce the operation cost and manpower of DIDC, strengthen the ability to efficiently use information resources and cyber information protection systems, and increase flexibility and agility in using each system to improve efficiency in defense management in the future. Therefore, we will discuss the justification and expected effects of SDN/NFV introduction, focusing on DIDC.

Analysis of Security Requirements on DCU and Development Protection Profile based on Common Criteria Version 3.1 (DCU 보안요구사항 분석 및 CC v3.1 기반의 보호프로파일 개발)

  • Cho, Youngjun;Kim, Sinkyu
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.24 no.5
    • /
    • pp.1001-1011
    • /
    • 2014
  • Smart Grid Devices could have security vulnerabilities that have legacy communication networks because of the fact that Smart Grid employs bi-directional communications and adopted a variety of communication interface. Consequently, it is required to build concrete response processes and to minimize the damage of the cyber attacks including security evaluation and certification methods. DCU is designed to collect meter data from numerous smart meter and send to utility's server so DCU installed between smart meter and utility's server. For this reason, If DCU compromised by attacker then attacker could use DCU to launching point for and attack on other devices. However, DCU's security evaluation and certification techniques do not suffice to be deployed in smart grid infrastructure. This work development DCU protection profile based on CC, it is expected that provide some assistance to DCU manufacturer for development of DCU security target and to DCU operator for help safety management of DCU.

EDISON Platform to Supporting Education and Integration Research in Computational Science (계산과학 분야의 교육 및 융합연구 지원을 위한 EDISON 플랫폼)

  • Jin, Du-Seok;Jung, Young-Jin;Lee, Jong-Suk Ruth;Cho, Kum-Won;Jung, Hoe-Kyung
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2011.10a
    • /
    • pp.466-469
    • /
    • 2011
  • Recently, a new theoretical and methodological approach for computational science is becoming more and more popular for analyzing and solving scientific problems in various scientific disciplines such as Computational fluid dynamics, Chemistry, Physics, Structural Dynamics, Computational Design and applied research. Computational science is a field of study concerned with constructing mathematical models and quantitative analysis techniques and using large computing resources to solve the problems which are difficult to approach in a physical experimentally. In this paper, we present R&D of EDISON open integration platform that allows anyone like professors, researchers, industrial workers, students etc to upload their advanced research result such as simulation SW to use and share based on the cyber infrastructure of supercomputer and network. EDISON platform, which consists of 3 tiers (EDISON application framework, EDISON middleware, and EDISON infra resources) provides Web portal for education and research in 5 areas (CFD, Chemistry, Physics, Structural Dynamics, Computational Design) and user service.

  • PDF