• Title/Summary/Keyword: information security system

Search Result 6,599, Processing Time 0.031 seconds

SYN Flood DoS Detection System Using Time Dependent Finite Automata

  • Noura AlDossary;Sarah AlQahtani;Reem Alzaher;Atta-ur-Rahman
    • International Journal of Computer Science & Network Security
    • /
    • v.23 no.6
    • /
    • pp.147-154
    • /
    • 2023
  • Network intrusion refers to any unauthorized penetration or activity on a computer network. This upsets the confidentiality, integrity, and availability of the network system. One of the major threats to any system's availability is a Denial-of-Service (DoS) attack, which is intended to deny a legitimate user access to resources. Therefore, due to the complexity of DoS attacks, it is increasingly important to abstract and describe these attacks in a way that will be effectively detected. The automaton theory is used in this paper to implement a SYN Flood detection system based on Time-Dependent Finite Automata (TDFA).

The Study of Safety and Trust Certification Evaluation Model of Electronic Commerce System (안전하고 신뢰할 수 있는 전자상거래 정보시스템 인증.평가모델에 관한 연구)

  • 조영훈;김석우
    • Proceedings of the Korea Institutes of Information Security and Cryptology Conference
    • /
    • 2002.11a
    • /
    • pp.117-120
    • /
    • 2002
  • 이 논문에서는 전자상거래에서의 안전하고 신뢰할 수 있는 이용여건을 마련하기 위해 자율규제로 추진되고 있는 국내외 인터넷 평가모델에 대한 분석과 효율적인 전자상거래 인증· 평가모델을 제시한다.

  • PDF

A study on Designs and Analysis of Stream Cipher System (스트림 암호 시스템의 설계 및 비도 분석에 관한 연구)

  • 박흥근;남길현
    • Proceedings of the Korea Institutes of Information Security and Cryptology Conference
    • /
    • 1995.11a
    • /
    • pp.141-150
    • /
    • 1995
  • 스트림 암호 시스템의 가장 핵심이 되는 것은 랜덤 수열 발생기이다. 본 연구는 기존의 랜덤 수열 발생기를 연구, 분석하여 선형 복잡도와 랜덤성을 향상시킨 랜덤 수열 발생기를 설계, 구현하여 효율적인 스트림 암호 시스템으로 사용할 수 있는 방안을 제시하였다.

  • PDF

Access Control System for The Network Resource (네트워크 자원에 대한 액세스 제어 시스템)

  • 박형선;임병렬;김석우;김동규
    • Proceedings of the Korea Institutes of Information Security and Cryptology Conference
    • /
    • 1994.11a
    • /
    • pp.245-254
    • /
    • 1994
  • 본 논문은 네트워크에서 불법적 사용자에 의한 정보의 보호를 위해, 강제적 액세스제어 정책(MAC)과 임의적 액세스 제어 정책(DAC)에 기초하여 네트워크에서의 액세스 제어 정책을 수립하고 이를 UNIX하에서 액세스 제어 리스트(ACL)와 보안 레이블에 기초하여 수행될 수 있도록 설계하고 구현하였다.

  • PDF

A Tuning of Intrusin Detection Model With Fuzzy Set

  • KIM Young-Soo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.7 no.4
    • /
    • pp.11-21
    • /
    • 1997
  • This paper introduces a statistical approach of intrusion detection and tunes an intrusion detection model using fuzzy ste. We describel the method of applying fuzzy set for NIDES intensity measure. By using fuzzy set, we improve the algorithm for evaluating score value of NIDES, and present a possibility of intrusion detection system.

A Security Reference Model for the Construction of Mobile Banking Services based on Smart Phones

  • Shin, Yong-Nyuo;Shin, Woo-Chang
    • International Journal of Fuzzy Logic and Intelligent Systems
    • /
    • v.11 no.4
    • /
    • pp.229-237
    • /
    • 2011
  • As smart phones have become widely adopted, they have brought about changes in individual lifestyles, as well as significant changes in the industry. As the mobile technology of smart phones has become associated with all areas of industry, it is not only accelerating innovation in other industries such as shopping, healthcare service, education, and finance, but is also creating new markets and business opportunities. The preparation of thorough security measures for smart phones is increasing in demand. While offering excellent mobility and convenience, smart phones can be exposed to a range of violation threats. In particular, it is necessary to make efforts to develop a security system that can preemptively cope with potential security threats in the banking service area, which requires a high level of reliability. This paper suggests a security reference model that is considered for the smart phone-based joint mobile banking development project being undertaken by the Bank of Korea in 2010. The purpose of this study is to make a security reference model for a reliable smart phone-based mobile financial service, by recognizing the specific security threats directed toward smart phones, and providing countermeasures to these security threats. The proposed mobile banking security reference model is useful in improving system security by systematically analyzing information security threats to the mobile financial service, and by presenting the guideline for the preparation of countermeasures.

Problem Analysis and Countermeasures Research through Security Threat Cases of Physical Security Control Systems (물리보안 관제시스템의 보안위협 사례를 통한 취약점 분석 및 대응방안 연구)

  • Ko, Yun Seong;Park, Kwang Hyuk;Kim, Chang Soo
    • Journal of Korea Multimedia Society
    • /
    • v.19 no.1
    • /
    • pp.51-59
    • /
    • 2016
  • Physical security protecting people from physical threats, such as a person or vehicle, has received a great attention. However, it has many risks of hacking and other security threats because it is highly dependent on automated management systems. In addition, a representative system of physical security, a CCTV control system has a high risk of hacking, such as video interceptions or video modulation. So physical security needs urgent security measures in accordance with these threats. In this paper, we examine the case of security threats that have occurred in the past, prevent those from threatening the physical security, and analyze the security problem with the threats. Then we study the countermeasures to prevent these security threats based on the problems found in each case. Finally we study for the method to apply these countermeasures.

Development of Security Level Evaluation Tool(ISSPET) Based on Information Security System (정보보호 시스템기반의 보안 수준 평가 도구(ISSPET) 개발)

  • Soh, Woo-Young;Kim, Wan-Kyung;Kim, Seak-Soo
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.10 no.8
    • /
    • pp.1911-1919
    • /
    • 2009
  • Currently, the evaluation technology for the security systems of risk analysis level measurement is maintained by only the developed countries including U.S and U.K, and the evaluation technology and its infrastructure are insufficient for the evaluation technology of security threat analysis level measurement in Korea. Therefore this paper presents the development of the security control items and the evaluation tool(ISSPET) for the security level performance. It is expected to evaluate the security management level of the current system and its security environment through analyzing the security management level of security systems using ISSPET.

Improvement Method of Forensic Accounting Using Characteristics of Accounting Programs Used in Windows System (윈도우 시스템에서 사용되는 회계 프로그램의 특성을 이용한 포렌식 어카운팅 기법 개선 방안)

  • Lee, Seung-ju;Lee, Kuk-heon;Lee, Sang-jin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.27 no.5
    • /
    • pp.1099-1105
    • /
    • 2017
  • Enterprises use different accounting programs to process vast amounts of accounting data. Due to the characteristic of the accounting program, in addition to the accounting data used by the accounting program, there is a variety of information to help detect accounting fraud. Existing forensic accounting techniques have limited scope of analysis because they analyze only accounting data like accounting ledger without using such information. When you do accounting fraud detection, information obtained from characteristics of accounting program can be used to obtain various information that can not be obtained by accounting data analysis alone. In this paper, we try to contribute to effective accounting fraud investigation by suggesting a technique to effectively detect accounting fraud by using other data obtained from characteristics of accounting program used in Windows system.

A Novel Redundant Binary Montgomery Multiplier and Hardware Architecture (새로운 잉여 이진 Montgomery 곱셈기와 하드웨어 구조)

  • Lim Dae-Sung;Chang Nam-Su;Ji Sung-Yeon;Kim Sung-Kyoung;Lee Sang-Jin;Koo Bon-Seok
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.16 no.4
    • /
    • pp.33-41
    • /
    • 2006
  • RSA cryptosystem is of great use in systems such as IC card, mobile system, WPKI, electronic cash, SET, SSL and so on. RSA is performed through modular exponentiation. It is well known that the Montgomery multiplier is efficient in general. The critical path delay of the Montgomery multiplier depends on an addition of three operands, the problem that is taken over carry-propagation makes big influence at an efficiency of Montgomery Multiplier. Recently, the use of the Carry Save Adder(CSA) which has no carry propagation has worked McIvor et al. proposed a couple of Montgomery multiplication for an ideal exponentiation, the one and the other are made of 3 steps and 2 steps of CSA respectively. The latter one is more efficient than the first one in terms of the time complexity. In this paper, for faster operation than the latter one we use binary signed-digit(SD) number system which has no carry-propagation. We propose a new redundant binary adder(RBA) that performs the addition between two binary SD numbers and apply to Montgomery multiplier. Instead of the binary SD addition rule using in existing RBAs, we propose a new addition rule. And, we construct and simulate to the proposed adder using gates provided from SAMSUNG STD130 $0.18{\mu}m$ 1.8V CMOS Standard Cell Library. The result is faster by a minimum 12.46% in terms of the time complexity than McIvor's 2 method and existing RBAs.