• Proceedings of the KAIS Fall Conference
• /
• 2009.12a
• /
• pp.61-65
• /
• 2009

본 논문에서는 정보시스템에서 시스템이 연동될 때 일어나는 잔여 취약점을 분석하고, 그 검증방법에 대해 연구하였다. 광범위하고 정밀한 정보 침해 공격은 정보시스템으로 하여금 시스템끼리 연동하게하였고, 미리 취약점 검증을 받은 시스템이라 할지라도 서로 다른 시스템이 연동되게 되면 잔여 취약점이 발생할 수 있다. 따라서 안전한 정보자산의 사용을 위해서는 정보보호제품과 연동된 정보시스템에 대한 보안성을 평가할 필요할 필요가 있다. 이와 같은 보안성을 평가하기 위해, 시스템 연동 시 어떠한 일이 발생하는지 분석하고 예상되는 잔여 취약점을 추출한다. 그리고 그것을 검증하는 방법에 대해 알아보기로 한다.

• Journal of Information Technology Services
• /
• v.13 no.2
• /
• pp.55-69
• /
• 2014

As Korea's global IT sourcing is sluggish and supply of qualified IT personnel does not meet the demand, IT developers currently do not worry about their job security. The sluggish global sourcing is attributed to the lack of system design and analysis skills as well as lack of communication skills of IT personnel. Most of big Korean IT service firms operate in captive market. This is also attributed to the cause of the sluggish global sourcing. Some IT managers, especially in global IT service firms, concerned about the negative long term effect of the sluggish global sourcing on competitiveness and human infra capability of Korea's IT service industry. Managers in IT service firms expect skill requirement changes in the future when global sourcing becomes active. The skills and knowledge that they wish to retain in-house is business knowledge, system analysis and design knowledge, customer relation management skills, project management skills and industry knowledge. The jobs with the above knowledge usually involve customers.

• Proceedings of the Korean Society of Precision Engineering Conference
• /
• 2000.11a
• /
• pp.140-143
• /
• 2000

This research presents new type of remote monitoring and control solution of PLC that can be used bi-directional and efficient management of factory automation through internet. This system has client/server architect for information handling between PLC and remote computer where a user can control and monitor target PLC. Actually the authors redirect RS232C connection between PLC and server computer into Internet connection between PLC and remote client computer using supplied PLC tool program So user feel like in front of PLC panel when he operates remote PLC through Internet. Each client/server program is constructed with Java language for security. In this paper the internet-based remote control system was proposed and proved validity by being applied to redirection of PLC control for factory automation.

• Review of KIISC
• /
• v.25 no.5
• /
• pp.37-44
• /
• 2015

산업제어 시스템의 통신 프로토콜 중 하나인 MODBUS/TCP는 오늘날 산업체에서 높은 점유율로 사용되고 있다. 단순한 구조로 다양한 기능을 가지고 있어 "hard real system"에서 주로 사용되고 있는 MODBUS/TCP의 보안 적용 방안 또한 많은 연구로 진행되어 왔다. DNP3, SSL, SCTP와 같은 프로토콜을 연동하거나 공개키를 이용한 전자서명 적용 등의 방법이 대표적인 MODBUS/TCP의 보안 방법은 충분한 메모리 크기, 고속 공개키 연산을 위한 하드웨어 가속기 등을 요구로 한다. 하지만 I/O 디바이스 등 열악한 환경에 이는 부담스러운 요소로 작용될 수 있다. 따라서, 본 논문에서는 이러한 열악한 환경에서 안전한 MODBUS/TCP 통신과 기존의 MODBUS/TCP와의 호환성을 고려한 보안 적용 방안을 소개한다. 또한 측정한 결과를 통해 본 논문에서 제시하는 E-ModbusSec가 "hard real system"에서 충분히 제 역할을 수행할 수 있음을 보이고자 한다.

• Proceedings of the IEEK Conference
• /
• 2000.11b
• /
• pp.144-147
• /
• 2000

Data security is an important issue in today's computer networks. In order to construct a safe infra in the open communication network, a cryptography is necessarily applied to several communication application fields like a high-speed networking system supporting real-time operation. A cryptography which has already realized by a software is designed by using a hardware to improve a throughput. In this paper, we design hardware architecture of IDEA by using a single iterative round method to improve a encryption throughput. In addition, we intend to develop a hardware design methodology that a specific cryptography operate with high-speed. The hardware model is described in VHDL and synthesized by the Samsung KG 80 Library in the Synopsys development software tool. With a system clock frequency 20MHz, this hardware permits a data conversion rate of more than 116 Mbit/s.

• Journal of Multimedia Information System
• /
• v.4 no.2
• /
• pp.57-64
• /
• 2017

Numerous software vulnerabilities have been found in the popular operating systems. And recently, robust linear behaviors in software vulnerability discovery process have been noticeably observed among the many popular systems having multi-versions released. Software users need to estimate how much their software systems are risk enough so that they need to take an action before it is too late. Security vulnerabilities are discovered throughout the life of a software system by both the developers, and normal end-users. So far there have been several vulnerability discovery models are proposed to describe the vulnerability discovery pattern for determining readiness for patch release, optimal resource allocations or evaluating the risk of vulnerability exploitation. Here, we apply a linear vulnerability discovery model into Windows operating systems to see the linear discovery trends currently observed often. The applicability of the observation form the paper show that linear discovery model fits very well with aggregate version rather than each version.

• Journal of Korea Multimedia Society
• /
• v.21 no.1
• /
• pp.69-76
• /
• 2018

Augmented Reality (AR) technology has rapidly been applied to various application areas including e-learning and e-education. Focusing on the design and development of android tablet application, this study targeted to develop infant music education using AR technology. We used a tablet instead of personal computer because it is more easily accessible and more convenient. Our system allows infant users to play with teaching aids like blocks or puzzles to mimic musical play like game. The user sets the puzzle piece on the playground in front of the tablet and presses the play button. Then, the system extracts a region of interest among the images acquired by internal camera and separates the foreground image from the background image. The block recognition software analyzes, recognizes and shows the result using AR technology. In order to have reasonably working recognition ratio, we did experiments with more than 5,000 frames of actual playing scenarios. We found that the recognition rate can be secured up to 95%, when the threshold values are selected well using various condition parameters.

• Journal of the Korea institute for structural maintenance and inspection
• /
• v.2 no.3
• /
• pp.176-187
• /
• 1998

The Dismantlement and Construction of the buildings have the characteristic of floating change with repetition within a Time Schedule which has fixed resources, that is, Manpower, Materials and Equipments, and involve many disaster factors in performing each processes. But as these factors are variable, a work supervisor should be able to understand data analysed distinctive factors of each activities systematically, organizationally, and scientifically, and diagrammatic information media so that he can control any complex and situation beyond forecast. Thus this study is intended to be a barometer of weighing if the existing process schedule has taken security into consideration by making the characteristics of organization and action of Work package per process in a building field with more factors like these into a network system and is intended to minimize construction disasters by systematizing this into a Transformational Network.

• International journal of advanced smart convergence
• /
• v.5 no.4
• /
• pp.54-56
• /
• 2016

Code-reuse attacks are very dangerous in various systems. This is because they do not inject malicious codes into target systems, but reuse the instruction sequences in executable files or libraries of target systems. Moreover, code-reuse attacks could be more harmful to IoT systems in the sense that it may not be easy to devise efficient and effective mechanism for code-reuse attack detection in resource-restricted IoT devices. In this paper, we propose a detection scheme with using Kullback-Leibler (KL) divergence to combat against code-reuse attacks in IoT. Specifically, we detect code-reuse attacks by calculating KL divergence between the probability distributions of the packets that generate from IoT devices and contain code region addresses in memory system and the probability distributions of the packets that come to IoT devices and contain code region addresses in memory system, checking if the computed KL divergence is abnormal.

• Journal of the Korea Safety Management & Science
• /
• v.13 no.2
• /
• pp.147-155
• /
• 2011

For an effective energy management in intelligent buildings it is necessary to gather information about position/absence of people and the level of population. In this paper the smart occupancy detection system based on the active RFID is developed to satisfy such a demand. The performance of the developed system is tested and verified through various experiments. Furthermore the feasibility test of the active RFID tag is performed to verify whether it can be used as a location-based occupancy sensor. The developed core technology can be also applied to other fields such as security, healthcare, smart home, etc.