• Title/Summary/Keyword: information security system

Search Result 6,599, Processing Time 0.03 seconds

A Study on Security Hole Attack According to the Establishment of Policies to Limit Particular IP Area (특정 IP 영역 제한정책 설정에 따른 보안 취약점 공격에 관한 연구)

  • Seo, Woo-Seok;Jun, Moon-Seog
    • The Journal of the Korea institute of electronic communication sciences
    • /
    • v.5 no.6
    • /
    • pp.625-630
    • /
    • 2010
  • With regard to the examples of establishing various sorts of information security, it can be seen that there are gradual, developmental procedures including Firewall and VPN (Virtual Private Network), IDS (Intrusion Detection System), or ESM(Enterprise Security Management). Each of the security solutions and equipments analyzes both defense and attack for information security with the criteria of classifying the problems of security policies by TCP/IP layers or resulted from attack patterns, attack types, or invasion through specialized security technology. The direction of this study is to examine latency time vulnerable to invasion which occurs when L2-stratum or lower grade equipments or policies are applied to the existing network through TCP/IP layer's L3-stratum or higher grade security policies or equipments and analyze security holes which may generate due to the IP preoccupation in the process of establishing policies to limit particular IP area regarding the policies for security equipments to figure out technological problems lying in it.

An Analysis of Security Vulnerabilities Using 5G NAS COUNT (5G NAS COUNT 취약점을 이용한 보안 위협 분석)

  • Kim, Min-Jae;Park, Jong-Geun;Shin, Ji-Soo;Moon, Dae-Sung
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.32 no.3
    • /
    • pp.565-573
    • /
    • 2022
  • Current mobile communication system is in the mid-process of conversion from 4G LTE to 5G network. According to the generalization of mobile communication services, personal information such as user's identifiers and location information is transmitted through a mobile communication network. The importance of security technology is growing according to the characteristics of wireless mobile communication networks, the use of wireless shared channels is inevitable, and security technology cannot be applied to all network system elements in order to satisfy the bandwidth and speed requirements. In particular, for security threat analysis, researches are being conducted on various attack types and vulnerability analysis through rogue base stations or attacker UE to make user services impossible in the case of 5G networks. In this paper, we established a 5G network testbed using open sources. And we analyzed three security vulnerabilities related to NAS COUNT and confirmed the validity of two vulnerabilities based on the testbed or analyzing the 3GPP standard.

Face Recognition Using a Facial Recognition System

  • Almurayziq, Tariq S;Alazani, Abdullah
    • International Journal of Computer Science & Network Security
    • /
    • v.22 no.9
    • /
    • pp.280-286
    • /
    • 2022
  • Facial recognition system is a biometric manipulation. Its applicability is simpler, and its work range is broader than fingerprints, iris scans, signatures, etc. The system utilizes two technologies, such as face detection and recognition. This study aims to develop a facial recognition system to recognize person's faces. Facial recognition system can map facial characteristics from photos or videos and compare the information with a given facial database to find a match, which helps identify a face. The proposed system can assist in face recognition. The developed system records several images, processes recorded images, checks for any match in the database, and returns the result. The developed technology can recognize multiple faces in live recordings.

An Auto-Verification Method of Security Events Based on Empirical Analysis for Advanced Security Monitoring and Response (보안관제 효율성 제고를 위한 실증적 분석 기반 보안이벤트 자동검증 방법)

  • Kim, Kyu-Il;Park, Hark-Soo;Choi, Ji-Yeon;Ko, Sang-Jun;Song, Jung-Suk
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.24 no.3
    • /
    • pp.507-522
    • /
    • 2014
  • Domestic CERTs are carrying out monitoring and response against cyber attacks using security devices(e.g., IDS, TMS, etc) based on signatures. Particularly, in case of public and research institutes, about 30 security monitoring and response centers are being operated under National Cyber Security Center(NCSC) of National Intelligence Service(NIS). They are mainly using Threat Management System(TMS) for providing security monitoring and response service. Since TMS raises a large amount of security events and most of them are not related to real cyber attacks, security analyst who carries out the security monitoring and response suffers from analyzing all the TMS events and finding out real cyber attacks from them. Also, since the security monitoring and response tasks depend on security analyst's know-how, there is a fatal problem in that they tend to focus on analyzing specific security events, so that it is unable to analyze and respond unknown cyber attacks. Therefore, we propose automated verification method of security events based on their empirical analysis to improve performance of security monitoring and response.

Design of a Security System to Defeat Abnormal IPSec Traffic in IPv6 Networks (IPv6 환경에서 비정상 IPSec 트래픽 대응 보안 시스템 설계)

  • Kim Ka-Eul;Ko Kwang-Sun;Gyeong Gye-Hyeon;Kang Seong-Goo;Eom Young-Ik
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.16 no.4
    • /
    • pp.127-138
    • /
    • 2006
  • The IPSec is a basic security mechanism of the IPv6 protocol, which can guarantee an integrity and confidentiality of data that transmit between two corresponding hosts. Also, both data and communication subjects can be authenticated using the IPSec mechanism. However, it is difficult that the IPSec mechanism protects major important network from attacks which transmit mass abnormal IPSec traffic in session-configuration or communication phases. In this paper, we present a design of the security system that can effectively detect and defeat abnormal IPSec traffic, which is encrypted by the ESP extension header, using the IPSec Session and Configuration table without any decryption. This security system is closely based on a multi-tier attack mitigation mechanism which is based on network bandwidth management and aims to counteract DDoS attacks and DoS effects of worm activity.

A Framework Development for Total Management of Various Embedded Devices (여러 임베디드 장치의 통합 관리를 위한 프레임워크 개발)

  • Bae, HyunChul;Kim, SangWook
    • IEMEK Journal of Embedded Systems and Applications
    • /
    • v.1 no.2
    • /
    • pp.56-63
    • /
    • 2006
  • In this paper, we propose the integrated security management framework supporting the trust for the ubiquitous environments. The proposed framework provides the gathering and analysis of the security related information including the location of mobile device and then dynamically configures the security policy and adopts them. More specially, it supports the authentication and delegation service to support the trusted security management for the ubiquitous networks. This system also provides the visible management tools to give the convenient view for network administrator.

  • PDF

A Novel Abnormal Behavior Detection Framework to Maximize the Availability in Smart Grid

  • Shin, Incheol
    • Smart Media Journal
    • /
    • v.6 no.3
    • /
    • pp.95-102
    • /
    • 2017
  • A large volume of research has been devoted to the development of security tools for protecting the Smart Grid systems, however the most of them have not taken the Availability, Integrity, Confidentiality (AIC) security triad model, not like CIA triad model in traditional Information Technology (IT) systems, into account the security measures for the electricity control systems. Thus, this study would propose a novel security framework, an abnormal behavior detection system, to maximize the availability of the control systems by considering a unique set of characteristics of the systems.

Design and Implementation of App Control System for Improving the Security of the Mobile Application (모바일 애플리케이션의 보안성 향상을 위한 App 제어 시스템 설계 및 구현)

  • Lee, Yu-Jun;Jang, Young-Hwan;Park, Seok-Cheon
    • The Journal of the Korea Contents Association
    • /
    • v.16 no.2
    • /
    • pp.243-250
    • /
    • 2016
  • Recently, with the rise of the mobile device, from mobile devices the user who owns the security, speed up the implementation of the guarantee management environment as businesses and individual equipment for the effcient management of the existing system, but the introduction of the MDM MDM App management features administrators to register the App until you can't prvent the security threat. Therefore, this paper addresses these issues in order to improve the security of your application for the control system. The proposed system is a function of the MDM authentication technology to design analysis, and system architecture to help prevent information disclosure within the design and implementation of Mobile-based application control system. Implementation of the control system to assess the security of the international common criteria security evaluation complete the test scenarios on the basis of the test items. An average of 40% of the test results to verify the results of this enhanced security.

A Study on Threat Analysis of PC Security and Countermeasures in Financial Sector (금융권 PC보안 위협 분석 및 대응방안에 관한 연구)

  • Han, Kyung-Hee;Kim, In-Seok
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.15 no.6
    • /
    • pp.283-290
    • /
    • 2015
  • As society has evolved to the knowledge and information society, the importance of internal information of the company has increased gradually. Especially in financial institutions which must maintain the trust of customers, the disclosure of inside information is a big problem beyond the a company's business information disclosure level to break down sales-based businesses because it contains personal or financial transaction information. Recently, since massive outflow of internal information are occurring in several enterprises, many companies including financial companies have been working a lot in order to prevent the leakage of customer information. This paper describes the internal information leakage incidents occurred in the finance companies, the PC security vulnerabilities exists despite the main security system and internal information leakage prevention and suggests countermeasures against increasing cyber infringement threats.

A Study on Anomaly Detection Model using Worker Access Log in Manufacturing Terminal PC (제조공정 단말PC 작업자 접속 로그를 통한 이상 징후 탐지 모델 연구)

  • Ahn, Jong-seong;Lee, Kyung-ho
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.29 no.2
    • /
    • pp.321-330
    • /
    • 2019
  • Prevention of corporate confidentiality leakage by insiders in enterprises is an essential task for the survival of enterprises. In order to prevent information leakage by insiders, companies have adopted security solutions, but there is a limit to effectively detect abnormal behavior of insiders with access privileges. In this study, we use the Unsupervised Learning algorithm of the machine learning technique to effectively and efficiently cluster the normal and abnormal access logs of the worker's work screen in the manufacturing information system, which includes the company's product manufacturing history and quality information. We propose an optimal feature selection model for anomaly detection by studying clustering methods.