• Title/Summary/Keyword: information security system

Search Result 6,598, Processing Time 0.029 seconds

Design of Security Policy-based Intrusion Detection System Model (보안정책 기반 침입탐지 시스템 모델 설계)

  • Kim, Kang;Jeon, Jong-Sik
    • Journal of the Korea Society of Computer and Information
    • /
    • v.8 no.4
    • /
    • pp.81-86
    • /
    • 2003
  • Computer security is considered important due to the side effect generated from the expansion of computer network and rapid increase of the use of internet. Therefore, Intrusion Detection System has been an active research area to reduce the risk from intruders. Especially, The paper proposes a new Security Policy-based Intrusion Detection System Model, which consists of several computer with Intrusion Detection System, based on Intrusion Detection System and describes design of the Security Policy-based Intrusion Detection System model and prototype implementation of it. The Security Policy-based Intrusion Detection Systems are distributed and if any of distributed Security Policy- based Intrusion Detection Systems detect anomaly system call among system call sequences generated by a privilege process, the anomaly system call can be dynamically shared with Security Policy-based Intrusion Detection Systems, This makes the Security Policy - based Intrusion Detection Systems improve the ability of countermeasures for new intruders.

  • PDF

An Efficient Management Model of Security Policy in the Unified Threat Management System (통합 보안 시스템에서의 효율적인 보안 정책 관리 모델)

  • Joo, Heon-Sik;Kim, Jong-Wan
    • Journal of the Korea Society of Computer and Information
    • /
    • v.15 no.9
    • /
    • pp.99-107
    • /
    • 2010
  • This paper showed that the integrated system to fortify security was much more efficient than the respective system through the analysis of problems from Firewall and IPS system in the existing security systems. The results of problem analysis revealed that there were the delay of processing time and lack of efficiency in the existing security systems. Accordingly, their performance was evaluated by using the separated Firewall, IPS system, and the integrated system. The result of evaluation shows that the integrated security system this paper suggested is five times faster than the existing one in terms of processing speed of response. This paper demonstrated the excellence of the proposed security system is also more than fivefold in session handling per second and six times process speeding in the CPU processing performance. In addition, several security policies are applied, and it provided a fact that it gave an excellent performance when it comes to protecting from harmful traffic attacks. In conclusion, this paper emphasized that fortifying the integrated security system was more efficient than fortifying the existing one considering in various respects such as cost, management, time, space and so on.

Integrated Security Management System with Multi Agent (다중 에이전트를 이용한 통합 보안 관리시스템)

  • 이문구
    • Journal of the Korea Computer Industry Society
    • /
    • v.2 no.8
    • /
    • pp.1015-1024
    • /
    • 2001
  • As the internet environment has been rapidly changed, the scale of internet network that needs to be managed has been magnified. In this way, the recognition for the importance of security became extensive, and numerous security systems for the protection of internal information were introduced. But decentralized security systems because of there use of different user interfaces undergo difficulties in effective security management as well as prompt coping when an obstacle happens causing a corpulence of in the security management part. In this paper, I propose an integrated security management system which can grasp the situation of each system and manage every system in the center so that we can consistently and integrally manage every system. Integrated security management system with multi agents has the advantages of prompt coping with obstacles, and the minimization of weaknesses that different security solutions have, and of consistent control and management for decentralized security systems.

  • PDF

A Design of Evaluation Tool for Information Security System (정보보호 시스템 평가 도구 설계)

  • 정연서;김환국;서동일
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2003.10a
    • /
    • pp.669-672
    • /
    • 2003
  • Computing and Networking technologies are rapidly developed. A lot of hacking events are occurring. As a result, people have a interesting for security in these days. Network security systems have come to be widely used in our networks. But, objective testing method to evaluate network sorority system is not established. Therefore we have difficulties that select a system. In this paper, we investigate evaluation methods for network sorority systems(Firewall, IDS, IPS etc.) and, design a evaluation tool for network security systems.

  • PDF

Countermeasure for Preventing a Secondary Damage of Information Leakage using Financial ISAC (금융 ISAC을 활용한 정보유출 2차피해 방지 방안)

  • Jeong, Gi Seog
    • Convergence Security Journal
    • /
    • v.14 no.5
    • /
    • pp.31-36
    • /
    • 2014
  • As security management center of financial area, financial ISAC monitors financial corporations and provides security services. Financial ISAC minimizes damage by responding quickly to external attack such as hacking, virus but it is poor at handling internal attack. For the efficient management and stable operation of information source, also to respond jointly to online hacking, the necessity of information sharing system increases day by day in and outside country. This paper proposes financial ISAC that can prevent a secondary damage of leakage information as well as providing security services. The proposed financial ISAC provides new password to financial corporation in which the same ID and password as leakage information are used and in case of financial information leakage it warns customers against phishing etc.

Design and Implementation of a Hadoop-based Efficient Security Log Analysis System (하둡 기반의 효율적인 보안로그 분석시스템 설계 및 구현)

  • Ahn, Kwang-Min;Lee, Jong-Yoon;Yang, Dong-Min;Lee, Bong-Hwan
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.19 no.8
    • /
    • pp.1797-1804
    • /
    • 2015
  • Integrated log management system can help to predict the risk of security and contributes to improve the security level of the organization, and leads to prepare an appropriate security policy. In this paper, we have designed and implemented a Hadoop-based log analysis system by using distributed database model which can store large amount of data and reduce analysis time by automating log collecting procedure. In the proposed system, we use the HBase in order to store a large amount of data efficiently in the scale-out fashion and propose an easy data storing scheme for analysing data using a Hadoop-based normal expression, which results in improving data processing speed compared to the existing system.

Design and Implementation of the Semi-automated Evaluation Workflow Management System(Sa-EWMS) (반자동화 평가워크플로우 관리 시스템 설계 및 구현)

  • Kang Yeon-hee;Kim Jung-dae;Lee Gang-soo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.15 no.4
    • /
    • pp.39-50
    • /
    • 2005
  • An evaluation demand and a market growth regarding evaluation and certification are increasing because the importance of information Security is gradually rising to solve the information disfunction. Therefore, it is necessary the cost-effect evaluation management of the Information Security System(ISS). In this paper, we propose the Semi-automated Evaluation Workflow Management System(Sa-EWMS) based on the Common Criteria(CC) which performs and manages evaluation work through the procedure when evaluator evaluates the Information Security System(ISS). The Sa-EWMS is solving a problem of consumption of time and effort and performing efficient evaluation, it is playing a significant role that traces workflow process of each work of the Engines and controls performance. It will be able to use useful the private evaluation enterprise which confront in an evaluation demand and a market growth.

A Study of Pre-inspection for Information Security in Information System (정보시스템의 정보보호를 위한 사전점검에 관한 연구)

  • Lee, Keun-Ho
    • Journal of Digital Convergence
    • /
    • v.12 no.2
    • /
    • pp.513-518
    • /
    • 2014
  • According to the development of IT technology, various new technologies are being produced. As the complexity of the information system like using the network and convergence devices is increasing, threat and vulnerability against various security problems are increasing even though new IT services provide the convenience of users' accessibility to services. In order to secure the safety of information system, the weakness is being removed through the information protection vulnerability analysis starting from information and communication service construction stage and the system is being prepared for pre-inspection activities about whether the information protection measures were established and applied. In this paper, introduction and current status of each country about advanced check-up systems in the information system are to be identified. Progress direction about the advanced pre-inspection system which is driven by Korea Internet Security Agency and its activation plan to secure the safety are to be suggested.

Introduction of Security Certification System for Shared Growth and Co-prosperity of Small and Medium Businesses (대·중소기업 동반성장과 상생을 위한 중소 협력업체의 보안인증 제도 도입 방안)

  • Shin, Hyungoo
    • Korean Security Journal
    • /
    • no.61
    • /
    • pp.203-234
    • /
    • 2019
  • The damages from security accidents continue to increase as technology leaks from suppliers cause risks to the management of large companies, which are their customers, and their image and reliability to fall. However, the current industrial structure is practically impossible for large companies to form their own businesses and strategic alliances with business partners are essential, but it is changing into an industrial structure where the exchange of information is increased and the dependence of the information system is maximized, as well as legal demands and demands from stakeholders are increasing due to the complexity of the work process and the strengthening of security-related laws. The status of technology protection of small and medium-sized enterprises shows that they are not equipped with a security system due to relatively poor environment and financial difficulties compared to large enterprises, whereas the industrial structure between large and small business partners is indispensable for sharing the IT system, and the security system of large business, which is a customer company, should be improved by considering the fact that it is impossible to maintain security system between large businesses. Thus, the government intends to examine the system for shared growth of small businesses and the model for evaluating the capabilities of various agencies for information protection, and propose measures to introduce the certification system for small business partners.

A Study on Open Based Network Security System Architecture (개방형 네트워크 보안 시스템 아키텍처에 관한 연구)

  • Kim, Chang-Su;Kim, Tak-Chen;Jung, Hoe-Kyung
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2007.06a
    • /
    • pp.782-785
    • /
    • 2007
  • If existing system need to expand security part, the security was established after paying much cost, processing of complicated installation and being patient with inconvenience at user's view because of closed structure. In this thesis, those defects could be overcome by using open security tools and constructing security server, which is firewall of 'bastion' form including proxy server, certification server and so on. Also each security object host comes to decide acceptance or denial where each packet comes from, then determines security level each hosts. Precisely it is possible choosing the packets from bastion host or following at the other policies. Although an intruder enter into inside directly, it is constructed safely because encryption algorithm is applied at communication with security object host. This thesis suggests more flexible, independent and open security system, which improves existing security through systematic linkage between system security and network security.

  • PDF