• Convergence Security Journal
• /
• v.14 no.6_2
• /
• pp.53-62
• /
• 2014

This study is aimed what improvement for an illegality detective aagency and messenger office. First, administrators or managers who are involved with personal information protection should make a full-fledged effort to gather information. Second, counseling or related programs should be provided for small and mid-sized security firms to guarantee thorough personal information protection. Third, Korea Security Association should improve the educational system related to personal information protection to resolve problems with this education currently provided for managers and employees of these companies.

• Annual Conference of KIPS
• /
• 2015.10a
• /
• pp.872-874
• /
• 2015

최근 침해사고는 특정 목적을 지닌 공격자들은 자신의 목적을 달성하기 위해 공격을 지속적으로 감행하는 특징을 보인다. 하지만, 기존에 진행된 악성코드 감염 호스트 분석, 네트워크 행위기반 분석 등의 단일 침해사고에 대한 분석은 다른 침해사고와의 관계를 유기적으로 연결하지 못하기 때문에, 타 침해사고와의 연관성 분석, 동일 공격자의 특성 파악을 통한 표적형 공격 및 향후 공격예측을 지원하지 못한다는 단점이 있다. 본 논문에서는 이러한 문제점을 해결하기 위해서, 상용에서 서비스되고 있는 사이버 위협정보 공유 시스템의 정보를 기반으로 이와 연관된 정보의 이력 및 유사관계를 관리하여 침해사고간의 연관성을 파악하는 방법을 제시한다.

• Journal of the Korea Society of Computer and Information
• /
• v.24 no.9
• /
• pp.35-42
• /
• 2019

In this paper, we propose an approach to apply network-based moving target defense into Internet of Things (IoT) networks. The IoT is a technology that provides the high interconnectivity of things like electronic devices. However, cyber security risks are expected to increase as the interconnectivity of such devices increases. One recent study demonstrated a man-in-the-middle attack in the statically configured IoT network. In recent years, a new approach to cyber security, called the moving target defense, has emerged as a potential solution to the challenge of static systems. The approach continuously changes system's attack surface to prevent attacks. After analyzing IPv4 / IPv6-based moving target defense schemes and IoT network-related technologies, we present our approach in terms of addressing systems, address mutation techniques, communication models, network configuration, and node mobility. In addition, we summarize the direction of future research in relation to the proposed approach.

• Annual Conference of KIPS
• /
• 2023.11a
• /
• pp.165-167
• /
• 2023

정부에서는 내·외부 사이버 보안 위협 고도화에 대한 실질적이고 효과적인 대응을 위해 정보보호관리체계(Information Security Management; 이하 ISMS) 인증에 대한 법령을 시행하고 있다. ISMS 인증은 컨설팅과 인증심사를 분리하여 독립성을 확보하였으며, 현장심사 비중을 높여 기존 문서심사에 치중되었던 인증·평가제도와의 차별화를 통해 실효성을 증진시켰다. 그러나 최근 ISMS 인증을 받은 대상자임에도 불구하고 개인정보 정보유출 사고, 대규모 서비스 장애가 유발됨으로써, 다시금 ISMS 인증의 실효성 문제가 제기되고 있다. 현재 제기되고 있는 문제의 요인은 인증기준에 적합한 최소한의 요구사항만 심사·심의하는 ISMS 인증의 한계점에 기인한다. 본 논문에서는 이와 같은 ISMS 인증의 실효적 한계점을 개선하고 인증취득 대상자의 실질적 보안역량 강화시키기 위하여 성숙도 평가모델에 기반한 ISMS 인증제도 운영 방안을 제언한다.

• Annual Conference of KIPS
• /
• 2024.10a
• /
• pp.946-947
• /
• 2024

어두운 밤이나 비가 올 때 포트홀 인식률이 저하되는 문제점을 보완하여 기존 카메라를 이용하여 포트홀을 인식하는 시스템에서 라이더를 추가해 포트홀 인식률을 높였다. 또한 사용자에게 실시간으로 업데이트된 포트홀 정보를 보여준다. 추가적으로 모든 정보는 DB에 저장되기에 추후 언제든 관공서에게 제공가능하다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.6
• /
• pp.2781-2800
• /
• 2016

Emerging attacks aim to access proprietary assets and steal data for business or political motives, such as Operation Aurora and Operation Shady RAT. Skilled Intruders would likely remove their traces on targeted hosts, but their network movements, which are continuously recorded by network devices, cannot be easily eliminated by themselves. However, without complete knowledge about both inbound/outbound and internal traffic, it is difficult for security team to unveil hidden traces of intruders. In this paper, we propose an autonomous anomaly detection system based on behavior profiling and relation mining. The single-hop access profiling model employ a novel linear grouping algorithm PSOLGA to create behavior profiles for each individual server application discovered automatically in historical flow analysis. Besides that, the double-hop access relation model utilizes in-memory graph to mine time-sequenced access relations between different server applications. Using the behavior profiles and relation rules, this approach is able to detect possible anomalies and violations in real-time detection. Finally, the experimental results demonstrate that the designed models are promising in terms of accuracy and computational efficiency.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.1
• /
• pp.39-48
• /
• 2015

As a growing number of people are concerned about the protection of personal information, the use of encryption solution has been increased. In addition, with the end of support for Windows XP and the improvement of operating system, the use of the Full Disk Encryption solution like Bitlocker will be increased. Therefore, it is necessary to consider countermeasures against Full Disk Encryption for the future digital forensic investigation. This paper provides the digital evidence acquisition procedure that responds to the Full Disk Encryption environment and introduces the countermeasures and detection tool against Full Disk Encryption solutions that are widely used.

• The Transactions of the Korean Institute of Electrical Engineers
• /
• v.43 no.2
• /
• pp.197-205
• /
• 1994

Security of a power system refers to its robustness relative to a set of imminent disturbances (contingencies) during operation. The socially optimal solution for the actuall level of generation/consumption has been well-known spot pricing at shot-run marginal cost. The main disadvantage of this approach arises because serious contingencies occur quite infrequently. Thus by establishing contractual obligations for contingency offering before an actual operation time through decision feedback we can obtain socially optimal level of system security. Under probabilistic precontract pricing the operating point is established at equal incremental cost of the expected short-run and collapse cost of each participant. Rates for power generation/consumption and for an offer to use during a contingency, as well as information on the probability distribution of contingency need for each participant, are derived so that individual optimization will lead to the socially optimal solution in which system security is optimized and the aggregate benefit is maxmized.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.3
• /
• pp.549-562
• /
• 2017

In recent years, as the proportion of mobile banking has become bigger with daily usage of mobile banking, security threats are also increasing according to the feeling. Accordingly, the domestic banking system introduces security solution programs in the banking application and sets security check points to ensure the stability of the application in order to check whether it is always executed. This study presents a vulnerability of inactivity bypassing mobile vaccine program operation checkpoints using the intermediate language statically and dynamically analysis when decompiling the android banking applications of major banks in Korea. Also, through the results, it identifies possible attacks that can be exploited and suggest countermeasures.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.4
• /
• pp.137-142
• /
• 2009

By known attacks against cryptographic technology and decline of security, internal and external major institutions have defined their recommendations in kinds, expiration, safe parameters of cryptographic technology and so on. Internal financial fields will change some cryptographic technology to follow these recommendations. To keep strong security of financial systems against sudden security changes of cryptographic technology, this article finds pre-steps : status of applied cryptographic technology, selection of vulnerable cryptographic technology. And plans for management of cryptographic technology in financial fields will be proposed.