• Title/Summary/Keyword: information security system

Search Result 6,599, Processing Time 0.041 seconds

Analysis and Design of Security Feature in IMT-2000 (IMT-2000 이동통신시스템의 보안기능 요구 분석 및 설계)

  • 권수근;신경철;김진업;김대식
    • Proceedings of the IEEK Conference
    • /
    • 2000.11a
    • /
    • pp.469-472
    • /
    • 2000
  • Security-related issues in mobile communications are increasing. The security requirements of mobile communications for the mobile users include authentication of the mobile user, the data confidentiality, the data confidentiality and the location privacy of mobile user. These services require security features compatible with the wireline networks. However, wireless networks have many restrictions compare to wireline networks such as the limited computational capability of mobile equipment and limited resource(bandwidth) between a mobile user and a fixed network. So, security features for IMT-2000 are designed to meet the limited capacity. In this paper, we analyze the required security features and mechanism, and design network access security feature effective for IMT-2000 Systems. The design includes security functions allocation to each system. Finally, discuss the computational power of each system based on at]coated functions to it

  • PDF

A Study on the Remove Use-After-Free Security Weakness (소프트웨어 개발단계 Use-After-Free 보안약점 제거방안 연구)

  • Park, Yong Koo;Choi, Jin Young
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.6 no.1
    • /
    • pp.43-50
    • /
    • 2017
  • Use-After-Free security problem is rapidly growing in popularity, especially for attacking web browser, operating system kernel, local software. This security weakness is difficult to detect by conventional methods. And if local system or software has this security weakness, it cause internal security problem. In this paper, we study ways to remove this security weakness in software development by summarize the cause of the Use-After-Free security weakness and suggest ways to remove them.

Comprehensive Study on Security and Privacy Requirements for Retrieval System over Encrypted Database (암호화된 데이터베이스 검색 시스템의 보안 요구사항에 대한 통합적 관점에서의 연구)

  • Park, Hyun-A;Lee, Dong-Hoon;Chung, Taik-Yeong
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.22 no.3
    • /
    • pp.621-635
    • /
    • 2012
  • Although most proposed security schemes have scrutinized their own security models for protecting different types of threats and attacks, this naturally causes a problem as follows-- if a security analysis tool would fit a certain scheme, it may not be proper to other schemes. In order to address this problem, this paper analyzes how security requirements of each paper could be different by comparing with two schemes: Agrawal et al.'s scheme OPES (Order Preserving Encryption Scheme) and Zdonik et al.'s FCE (Fast Comparison Encryption). Zdonik et al. have formally disproved the security of Agrawal et al.'s scheme OPES. Thereafter, some scholars have wondered whether the OPES can guarantee its applicability in a real world for its insecurity or not. However, the analysis by Zdonik et al. does not have valid objectivity because they used the security model INFO-CPA-DB for their scheme FCE to analyze Agrawal et al.'s scheme OPES, in spite of the differences between two schemes. In order to analyze any scheme correctly and apply it to a real world properly, the analysis tool should be comprehensively standardized. We re-analyze Zdonik et al.'s analysis for OPES and then propose general formalizations of security and privacy for all of the encrypted retrieval systems. Finally, we recommend the minimum level of security requirements under our formal definitions. Additional considerations should be also supplemented in accordance with the conditions of each system.

Design of a Ransomware Detection System Utilizing Data Analytics (데이터 분석을 활용한 랜섬웨어 탐지 시스템 설계)

  • Jinwook Kim;Youngjae Lee;Jeonghoon Yoon;Kyungroul Lee
    • Proceedings of the Korean Society of Computer Information Conference
    • /
    • 2024.01a
    • /
    • pp.105-108
    • /
    • 2024
  • 랜섬웨어는 Ransom(몸값)과 Software(소프트웨어)의 합성어로, 데이터를 암호화하여 이를 인질로 금전을 요구하는 악성 프로그램이다. 블랙캣(BlackCat)과 같은 랜섬웨어가 스위스 항공 서비스 기업의 시스템을 마비시키는 공격을 시도하였으며, 이와 같은 랜섬웨어로 인한 피해는 지속적으로 발생하고 있다. 랜섬웨어에 의한 피해 감소 및 방지를 위하여, 다양한 랜섬웨어 탐지방안이 등장하였으며, 최근 행위 기반 침입탐지 시스템에 인공지능 기술을 결합하여 랜섬웨어를 탐지하는 방안이 연구되는 실정이다. 인공지능 기술은 딥러닝 및 하드웨어의 발전으로 데이터를 처리할 수 있는 범위가 넓어지면서, 다양한 분야와 접목하여 랜섬웨어 탐지를 위한 시스템에 적용되고 있지만, 국내는 국외만큼 활발하게 연구되지 않고 연구 개발 단계에 머물러 있다. 따라서 본 논문에서는 랜섬웨어에 감염된 파일에서 나타나는 특징 중 하나인 엔트로피를 데이터 분석에 활용함으로써, 랜섬웨어를 탐지하는 시스템을 제안하고 설계하였다.

  • PDF

Electric Vehicle Circulating Parking System (전기차 순환 주차 시스템)

  • Sang-Hoon Han;Ji-Yun Lee;Seok-Bin Yoon;Seung-Min Hong;Won-Bin Im
    • Proceedings of the Korean Society of Computer Information Conference
    • /
    • 2024.01a
    • /
    • pp.485-488
    • /
    • 2024
  • 본 논문에서는 전기차 시장의 성장 및 수요 증가로 인한 충전 인프라 부족에 대한 문제를 해소하기 위한 방안으로, 센서를 활용한 각 자리별 빈 주차 자리 확인 기능과 전기차 충전 자리의 남은 대기 시간에 대한 정보를 실시간 모니터링 할 수 있는 시스템을 구현하였다. 기존의 LED 표시등의 정보를 웹사이트를 통해 시각적으로 전달하며, 실시간으로 주차 여유 공간과 전기차 충전 자리의 대기 시간을 확인할 수 있게 하였다. 더불어 발레 파킹 서비스와의 융합을 통해 충전 완료 후 차량 이동의 불편함 및 인프라 운영의 효율을 늘리는 방안을 제안해본다.

  • PDF

The implementation of Access Control System using Biometric System (Biometric System(fingerprint Reader)을 이용한 Access Control System 구현에 관한 연구)

  • 김광환;김영길
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2003.05a
    • /
    • pp.439-442
    • /
    • 2003
  • In this paper, a system that implementation of Access Control System Using Biometric System. Biometrics is science which deals with verifying or recognizing using physiological or behavioral characteristic Access Control System uses Biometric system to make an access control system. Biometrics goes under the study of bio-recognition or bio-measurement. It is a technology or study that identifies individuals using one's Biometric character. Access control system is a system used to identify one's entrance and exit, personal management, and security. Access control system can be joined with Biometric system to produce easier use and more sufficient effects. Access control system using Wiegand (Data Format) signal output, can replace earlier RF Card systems and make an access control (security) system. It uses RS-232, Rs-422 or TCP/IP type communication with the computer so an embedded system can be controlled using the software.

  • PDF

Implementation of MAC address based illegal node IDS(Intrusion detection system) in Wireless Sensor Networks (무선 센서 네트워크에서 MAC 주소기반의 불법 노드의 침입탐지시스템 구현)

  • Seong, Ki-Taek;Kim, Gwan-Hyung
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2011.05a
    • /
    • pp.727-730
    • /
    • 2011
  • 본 논문에서는 무선 센서네트워크 환경에 적용할 수 있는 외부 노드의 침입을 탐지하는 방법을 제안하였다. 센서노드의 무선통신을 지원하는 네트워크 장치에 고유하게 부여된 MAC 주소를 이용하여 외부로부터의 허락되지 않는 노드의 네트워크 내부로의 침입을 감지하는 방안을 제안하였다. 실제 센서노드를 이용한 침입탐지 시스템을 개발, 실험을 통하여 효율성을 확인하였다.

  • PDF

Awareness of Personal Information Protection for Service Users among Small and Mid-Sized Security Companies (중.소민간경비업체의 서비스 이용자 개인정보보호에 관한 인식)

  • Kim, Il Gon;Choi, Kee Nam
    • Convergence Security Journal
    • /
    • v.14 no.3_2
    • /
    • pp.3-12
    • /
    • 2014
  • The government was fully aware of the gravity of a recent massive leak of personal information of credit card users. Meanwhile, the government just took a light disciplinary action by imposing a fine, but it showed its intention to strengthen the regulations by taking the severest disciplinary action. The tightened regulations against personal information leak will be applied to the private security industry without exception to protect individual people's property and lives if such an incident occurs in that industry that deals with a wide variety of personal information such as CCTV data or privacy information all the time. The purpose of this study was to examine the state of the protection and management of personal information for service users among private security firms in an effort to suggest some reform measures. The findings of the study were as follows: First, administrators or managers who are involved with personal information protection should make a full-fledged effort to gather information. Second, counseling or related programs should be provided for small and mid-sized security firms to guarantee thorough personal information protection. Third, Korea Security Association should improve the educational system related to personal information protection to resolve problems with this education currently provided for managers and employees of these companies.

Privacy Analysis and Comparison of Pandemic Contact Tracing Apps

  • Piao, Yanji;Cui, Dongyue
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.15 no.11
    • /
    • pp.4145-4162
    • /
    • 2021
  • During the period of epidemic prevention and control, contact tracing systems are developed in many countries, to stop or slow down the progression of COVID-19 contamination. However, the privacy issues involved in the use of contact tracing apps have also attracted people's attention. First, we divide contact tracing techniques into two types: Bluetooth Low Energy (BLE) based and Global Positioning System (GPS) based techniques. In order to clear understand the system structure and its elements, we create data flow diagram (DFD) of each types. Second, we analyze the possible privacy threats contained in various types of contact tracing apps by applying LINDDUN, which is a threat modeling technique for personal information protection. Third, we make a comparison and analysis of various contact tracing techniques from privacy point of view. These studies can facilitate improve tracing and security performance to contact tracing apps through comparisons between different types.

An Application of Negative Selection Process to Building An Intruder Detection System

  • Kim, Jung W.;Park, Jong-Uk
    • Proceedings of the Korea Institutes of Information Security and Cryptology Conference
    • /
    • 2001.11a
    • /
    • pp.147-152
    • /
    • 2001
  • This research aims to unravel the significant features of the human immune system, which would be successfully employed for a novel network intrusion detection model. Several salient features of the human immune system, which detects intruding pathogens, are carefully studied and the possibility and the advantages of adopting these features for network intrusion detection are reviewed and assessed.

  • PDF