• Title/Summary/Keyword: information security system

Search Result 6,598, Processing Time 0.032 seconds

Key Management and Recovery Scheme over SCADA System Using ID-based Cryptosystem (ID 기반 암호 기법을 이용한 SCADA 시스템에서 비밀 키 관리 및 복구 방안)

  • Oh, Doo-Hwan;Choi, Doo-Sik;Na, Eun-Sung;Kim, Sang-Chul;Ha, Jae-Cheol
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.22 no.3
    • /
    • pp.427-438
    • /
    • 2012
  • The SCADA(Supervisory Control and Data Acquisition) systems are used to control some critical national infrastructures such as electricity, gas, and water distribution systems. Recently, there are many researches on key management scheme for secure communication due to change to the open network environment. We propose a new key management method which is established on ID-based cryptosystem using pairing on MTU(Master Terminal Unit), Sub-MTU, and RTU(Remote Terminal Unit). Furthermore, we present a redistribution protocol of private key of each device and a system recovery protocol as a countermeasure of exposure of KMS(Key Management System) master key which is occurred by some unexpected accidents or malicious attacks.

A Study on the Security Vulnerability for Android Operating System (안드로이드 운영체제의 보안 취약점에 관한 연구)

  • Cho, Hee-Hoon;Kim, Jong-Bae
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2015.05a
    • /
    • pp.224-226
    • /
    • 2015
  • Recently, Android-based mobile devices has increased. Thus increasing market share of the Android operating system. However, in the case of the Android operating system, it has the relatively large number of security vulnerabilities Unlike other closed operating systems. Most Android application requires the identity of the mobile device or over-authorization approval. This information can be a security threat. In addition, in the event of a security problem because obtaining the user's consent during the installation of the application is the user responsible. If these problems persist, loss of reliability of the user operating system, as well as to feel a resistance when using an Android application. In this paper, we investigate a security vulnerability in the Android operating system, and proposed countermeasures.

  • PDF

Implementing the ESES for Secure Electronic Commerce Platform (안전한 전자상거래 플랫폼 개발을 위한 ESES의 구현)

  • Lee, Joo-Young;Kim, Ju-Han;Lee, Jae-Seung;Moon, Ki-Young
    • The KIPS Transactions:PartC
    • /
    • v.8C no.5
    • /
    • pp.551-556
    • /
    • 2001
  • The ESES system has been developed to supply a digital signature function, an encryption function, and a library of cryptographic primitives and algorithm for securing an XML document and the existing non-XML documents that are exchanged in the electronic commerce. In this paper, we will introduce the overview of ESES system and explain how the ESES processes to offer security services Finally we\`ll conclude our talk by presenting the summary and further works.

  • PDF

Study on the near-real time DNS query analyzing system for DNS amplification attacks (DNS 증폭 공격 탐지를 위한 근실시간 DNS 질의 응답 분석 시스템에 관한 연구)

  • Lee, Ki-Taek;Baek, Seung-Soo;Kim, Seung-Joo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.25 no.2
    • /
    • pp.303-311
    • /
    • 2015
  • DNS amplification is a new type of DDoS Attack and nowadays the attack occurs frequently. The previous studies showed the several detection ways such as the traffic analysis based on DNS queries and packet size. However, those methods have some limitations such as the uncertainty of packet size which depends on IP address type and vulnerabilities against distributed amplification attack. Therefore, we proposed a novel traffic analyzing algorithm using Success Rate and implemented the query analyzing system.

A Study on the Data Security for Cloud Computing Infrastructure Development (클라우드 컴퓨팅 서비스 도입에 따른 데이터보안에 관한 연구)

  • Kyung, ji-hun;Jung, Sung-Jae;Bae, Yu-Mi;Park, Jeong-Su;Sung, Kyung
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2012.10a
    • /
    • pp.736-739
    • /
    • 2012
  • Cloud Computing is attracting attention are activated and rapidly spread to companies and public institutions, etc. have been introduced are getting. Spotlighted these effects due to the utilization and integration of information system using cloud computing technology resources, and the resulting data security issue has been. In this paper, the side lights on due to the introduction of a cloud computing system, the resources of information systems, data security, and knowledge to provide the foundation for cloud computing infrastructure.

  • PDF

The Method for Data Acquisition on a Live NAS System (활성 상태의 NAS 시스템 상에서 내부 데이터 수집 기법 연구)

  • Seo, Hyeong-Min;Kim, Dohyun;Lee, Sang-Jin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.25 no.3
    • /
    • pp.585-594
    • /
    • 2015
  • As the storage market has been expanded due to growing data size, the research on various kinds of storages such as cloud, USB, and external HDD(Hard Disk Drive) has been conducted in digital forensic aspects. NAS(Network-Attached Storage) can store the data over one TB(Tera Byte) and it is well used for private storage as well as for enterprise, but there is almost no research on NAS. This paper selects three NAS products that has the highest market share in domestic and foreign market, and suggests the process and method for data acquisition in live NAS System.

Method to Extract Communication History in Instant Messenger (인터넷 메신저의 통신내역 수집기술)

  • Lee, Jin-Kyung;Han, Ji-Sung;Lee, Sang-Jin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.21 no.2
    • /
    • pp.49-60
    • /
    • 2011
  • Instant Messenger is one of the most popular communication service when translating message or data each other through Internet. For digital crime investigation, therefore, it is obviously important to obtain communication trace and contents derived from Instant Messenger. This is because that gathering traditional communication histories also have been important until now. However, extracting communication trace and contents are not easy because they are generally encrypted or obfuscated in local system, futhermore, sometimes they are located at server computer for Instant Messenger. This paper researches on extracting communication histories against NateOn, BuddyBuddy, Yahoo! messenger and Mi3 messenger, and obtaining user password or bypassing authentication system to Instant Messenger Service when a user use auto-login option.

Using Machine Learning Techniques for Accurate Attack Detection in Intrusion Detection Systems using Cyber Threat Intelligence Feeds

  • Ehtsham Irshad;Abdul Basit Siddiqui
    • International Journal of Computer Science & Network Security
    • /
    • v.24 no.4
    • /
    • pp.179-191
    • /
    • 2024
  • With the advancement of modern technology, cyber-attacks are always rising. Specialized defense systems are needed to protect organizations against these threats. Malicious behavior in the network is discovered using security tools like intrusion detection systems (IDS), firewall, antimalware systems, security information and event management (SIEM). It aids in defending businesses from attacks. Delivering advance threat feeds for precise attack detection in intrusion detection systems is the role of cyber-threat intelligence (CTI) in the study is being presented. In this proposed work CTI feeds are utilized in the detection of assaults accurately in intrusion detection system. The ultimate objective is to identify the attacker behind the attack. Several data sets had been analyzed for attack detection. With the proposed study the ability to identify network attacks has improved by using machine learning algorithms. The proposed model provides 98% accuracy, 97% precision, and 96% recall respectively.

The Design of Military Security Audit based on the M-ISMS Model (M-ISMS 모델 기반의 군(軍) 보안감사 설계에 관한 연구)

  • Kim, Dae Gyu;Cho, Hee Joon;Kim, Chang Soo
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.18 no.3
    • /
    • pp.761-769
    • /
    • 2014
  • We propose an improved M-ISMS(Military-ISMS) model which is based on common ISMS model for regarding military's unique characteristics. Our model focuses on 'Internal Security Audit' and 'Management of external activity' as military circumstances. So, we added the six control new items as internal security audits. Because the confidentiality is more important than availability in military service as compared with private sectors. In addition, we propose some control suggestions for establishing security management standards and keeping level maintenance when it will becomes to lose a value as confidential. The M-ISMS model in this paper has effectiveness which prevents security incidents in advance rapidly throughout a variety of common ISMS's advantages and security incidents of private sectors in consideration of military characteristics.

Analysis of the Cryptosystem of the Korean Government Public-Key Infrastructure and Ways to Improve It (행정전자서명 암호체계 기술 현황 분석 및 고도화 방향)

  • Younghoon Jung;Dongyoung Roh;Bonwook Koo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.33 no.1
    • /
    • pp.13-31
    • /
    • 2023
  • Korean Government-PKI (GPKI) is a public-key infrastructure which provides authentication and security functions for information system used by central government, local governments, and public institutions of the Republic of Korea to provide their own administrative and public services. The current cryptosystem of GPKI was established in the early 2000s, and more than ten years have passed since the last improvement in 2010. Over the past decade or so, the information security, including cryptography, has undergone many changes and will continue to face many changes. Therefore, for the sustainable security of GPKI, it is necessary to review the security of the cryptosystem at this point. In this paper, we analyze the current status and the security of technologies and standards used in the system. We identify cryptographic algorithms with degraded security, international standards which are obsoleted or updated, and cryptographic parameters that should be revised for the high security level. And based on this, we make several suggestions on the reorganization of cryptographic algorithms and related technologies for the security enhancement of GPKI.