• ETRI Journal
• /
• v.41 no.5
• /
• pp.574-584
• /
• 2019

A new Mirai variant found recently was equipped with a dynamic update ability, which increases the level of difficulty for DDoS mitigation. Continuous development of 5G technology and an increasing number of Internet of Things (IoT) devices connected to the network pose serious threats to cyber security. Therefore, researchers have tried to develop better DDoS mitigation systems. However, the majority of the existing models provide centralized solutions either by deploying the system with additional servers at the host site, on the cloud, or at third party locations, which may cause latency. Since Internet service providers (ISP) are links between the internet and users, deploying the defense system within the ISP domain is the panacea for delivering an efficient solution. To cope with the dynamic nature of the new DDoS attacks, we utilized an unsupervised artificial neural network to develop a hierarchical two-layered self-organizing map equipped with a twofold feature selection for DDoS mitigation within the ISP domain.

• Convergence Security Journal
• /
• v.22 no.2
• /
• pp.77-90
• /
• 2022

Domestic and foreign automakers compete to lead the autonomous vehicle industry through continuously developing self-driving technologies. These self-driving technologies are evolving with dependencies on the connection between vehicles and other objects such as the environment of cars and roads. Therefore, cyber security vulnerabilities become more likely to occur in the self-driving environment, so it is necessary to prepare for them carefully. In this paper, we model the threats in autonomous vehicles and make the checklist to securely countermeasure them.

• International Journal of Advanced Culture Technology
• /
• v.12 no.2
• /
• pp.309-317
• /
• 2024

The conflict between Iran and Israel has been a major source of instability and security threats in the Middle East. This study analyzes the historical background and modern aspects of the Israel-Iran conflict, examining its root causes, nuclear issues, proxy wars, cyber warfare, economic sanctions, and the role of the United States. The research employs qualitative methods, including literature review and case analysis, using various sources such as academic papers, government reports, and media articles. The findings suggest that the conflict is deeply rooted in historical, religious, and political factors, and has escalated since the 1979 Iranian Revolution. The study highlights the need for dialogue, negotiation, and international mediation to resolve the conflict and maintain regional stability. The Israel-Iran conflict also provides valuable lessons for addressing the North Korean nuclear issue, emphasizing the importance of dialogue, international cooperation, and confidence-building measures.

• Annual Conference of KIPS
• /
• 2024.05a
• /
• pp.333-336
• /
• 2024

스마트팩토리는 기존 제조산업에 ICT 기술이 융합된 지능형 공장이다. 이는 IT(Information Technology)영역과 OT(Operation Technology)으로 구분되고, 영역 간 연결을 통해 제조공정 자동화 및 지능화를 수행한다. IT영역은 외부 네트워크와 연결되어 스마트팩토리의 전사업무 관리를 수행하며, OT영역은 폐쇄망 네트워크로 구성되어 직접적인 제조과정을 수행한다. 이는 2개의 영역으로 구분되어 자동화 및 지능화된 제조공정 과정을 수행함에 따라 구조가 복잡해지고 있으며, 이로 인해 스마트팩토리 보안위협이 발생 가능한 공격 표면이 증가하고 있다. 이에 대응하기 위해서는 스마트팩토리 IT영역과 OT영역의 특징을 분석하고, 영역별 적합한 보안위협 대응체계를 수립해야 한다. 이에 따라, 본 논문에서는 다수의 장치에 대한 학습이 용이하고, 세부적으로 학습기법을 구분할 수 있는 연합학습을 활용하여 스마트팩토리 영역별 적합한 보안위협 대응방안을 제안한다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2007.10a
• /
• pp.717-720
• /
• 2007

With the convergence of mobile devices and the Internet ubiquitous computing promises to revolutionalize the way that we access services and run application. However, ubiquitous computing environments, in particular, mobile and wireless environments interfaced with the Internet, currently possess security vulnerabilities that are ripe for attack from cyber-threats. Thus, this paper discusses the Limitation of current security mechanisms in ubiquitous computing environments

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.6
• /
• pp.287-294
• /
• 2016

APT attack aimed at the interruption of information and communication facilities and important information leakage of companies. it performs an attack using zero-day vulnerabilities, social engineering base on collected information, such as IT infra, business environment, information of employee, for a long period of time. Fragmentary response to cyber threats such as malware signature detection methods can not respond to sophisticated cyber-attacks, such as APT attacks. In this paper, we propose a cyber intrusion detection model for countermeasure of APT attack by utilizing heterogeneous system log into big-data. And it also utilizes that merging pattern-based detection methods and abnormality detection method.

• The Journal of Society for e-Business Studies
• /
• v.19 no.4
• /
• pp.195-204
• /
• 2014

Recent, Secure the small and medium-sized enterprises from advanced and intelligence cyber threat, 24 hours of prevention, detection and analysis is essential. Small and Medium Business monitoring center is operated by government financial support to protect and prevent these threats. Currently it provides security to about 900 small and medium-sized enterprises. This paper studies abnormal and attack packets from small and medium-sized businesses[enterprises] which is monitored by Small and Medium Business monitoring center and provides improvement of security control for small and medium-sized enterprises.

• Convergence Security Journal
• /
• v.17 no.2
• /
• pp.69-80
• /
• 2017

Due to the advanced IT environment, the role of Security Monitoring & Control becomes more important as the cyber-crime is becoming intelligent, diversified, and advanced. In contrast to the way it relied solely on security devices such as Firewall and IDS in the past, Security Monitoring & Control tasks responding to cyber attacks through real-time monitoring have become wide spread and their role is also important. In response to current cyber threats, since security equipment alone can not be guaranteed a stable defense, the task of Security Monitoring & Control became essential to operate and monitor security equipment and to respond in real time. In this study, we will discuss how to configure network security system effectively and how to improve the real-time Security Monitor & Control.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.8 no.9
• /
• pp.1313-1318
• /
• 2013

In order to actively respond to cyber attacks, not only the security systems such as IDS, IPS, and Firewalls, but also ESM, a system that detects cyber attacks by analyzing various log data, are preferably deployed. However, as the attacks be come more elaborate and advanced, existing signature-based detection methods start to face their limitations. In response to that, researches upon symptom detection technology based on attack modeling by employing big-data analysis technology are actively on-going. This symptom detection technology is effective when it can accurately extract features of attacks and manipulate them to successfully execute the attack modeling. We propose the ways to extract attack features which can play a role as the basis of the modeling and detect intelligent threats by carrying out scenario-based modeling.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.1
• /
• pp.229-239
• /
• 2018

This paper analyzes the problems of existing CCTV and discusses cyber security problems of IP-CCTV in cloud computing environment. In order to reduce the risk of simply removing the risk associated with the provision of cloud services, the risk analysis and counter-measures need to be carried out effectively. Therefore, the STRIDE model as the Threat Risk Modeling is used to analyze the risk factors, and Analytic Hierarchy Process(AHP) is used to measure risk priorities based on the analyzed threats.