• Convergence Security Journal
• /
• v.17 no.2
• /
• pp.69-80
• /
• 2017

Due to the advanced IT environment, the role of Security Monitoring & Control becomes more important as the cyber-crime is becoming intelligent, diversified, and advanced. In contrast to the way it relied solely on security devices such as Firewall and IDS in the past, Security Monitoring & Control tasks responding to cyber attacks through real-time monitoring have become wide spread and their role is also important. In response to current cyber threats, since security equipment alone can not be guaranteed a stable defense, the task of Security Monitoring & Control became essential to operate and monitor security equipment and to respond in real time. In this study, we will discuss how to configure network security system effectively and how to improve the real-time Security Monitor & Control.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.10
• /
• pp.1369-1374
• /
• 2021

Recently, controversy has been raised over the security and safety of Chinese-made network equipment (Huawei 5G), apps (TikTok, etc.). In particular, according to the results of the Ministry of Defense investigation in 2020, malicious codes were found in CCTVs made in China that were delivered as military surveillance equipment used as a coast guard system, and specific information was remotely transmitted to a Chinese server. The safety issues of these Chinese security products can be questioned as being systematically led by the state rather than by companies or individuals. In this paper, we perform network and process level analysis of 360 Total Security(360 TS), a Chinese antivirus software. In addition, it compares and analyzes the domestic cloud-based vaccine V3 Lite product. Through this, the safety of Chinese security solutions is checked and information leakage and risks are suggested.

• International Journal of Computer Science & Network Security
• /
• v.22 no.2
• /
• pp.261-271
• /
• 2022

The study aimed to identify the impact of the application of technical equipment for infrastructure to achieve the quality of e-learning for students in the faculties at Northern Border University, in Arar city. The study applied the analytical survey study method. To achieve the study purpose, the researcher prepared a study tool which is a questionnaire to measure the impact o of applying technical instrument for the infrastructure to achieve the quality of e-learning for students. The study sample size reached (218) students from both groups from the university faculties in Arar city. The results of the study revealed a tendency in the study sample's responses to the availability of the majority of the questionnaire criteria significantly. This indicates the positive impact of the application of technical equipment on the infrastructure to achieve the application quality of e-learning at Northern Border University, the study recommended the following: The need to pay attention to measuring the quality of electronic courses every two years in addition to the need to adjust the quality standards of e-content provided through e-learning platforms. Also, there is the gradual application of e-learning at the university in addition to spreading the culture of e-learning quality among all groups of the university community. Also, it is necessary to direct them towards benefiting from the advantages of e-learning that observes quality standards.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2003.10a
• /
• pp.661-664
• /
• 2003

Trade-off of sorority and speed always exists in the latest network environment. Recently, developed security processors is improved very performance, and sorority connection algorithms of a lot of part were embodied by hardware. This high speed security processor is essential ingredient in string network security solution equipment development that require very big band width. In this paper, we wish to describe about design and implementation of 10 Giga VPN equipments. In this system, embodied 10 Giga to use Cavium company's Nitrox-II processor, and supports two SP14-2 interface and PCI interface. All of the password algorithm that password algorithm that support is used in common use VPN equipment for compatibility with common use VPN equipment are supported and support SEED algorithm developed in domestic. Designed to support IPsec and SSL protocol, and supports all of In-Line structure that is profitable in high speed transaction and the Look-Aside structure that is profitable in practical use degree of NPU(Network Processor Unit).

• Nuclear Engineering and Technology
• /
• v.49 no.3
• /
• pp.517-524
• /
• 2017

Cyber security is an important issue in the field of nuclear engineering because nuclear facilities use digital equipment and digital systems that can lead to serious hazards in the event of an accident. Regulatory agencies worldwide have announced guidelines for cyber security related to nuclear issues, including U.S. NRC Regulatory Guide 5.71. It is important to evaluate cyber security risk in accordance with these regulatory guides. In this study, we propose a cyber security risk evaluation model for nuclear instrumentation and control systems using a Bayesian network and event trees. As it is difficult to perform penetration tests on the systems, the evaluation model can inform research on cyber threats to cyber security systems for nuclear facilities through the use of prior and posterior information and backpropagation calculations. Furthermore, we suggest a methodology for the application of analytical results from the Bayesian network model to an event tree model, which is a probabilistic safety assessment method. The proposed method will provide insight into safety and cyber security risks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.449-456
• /
• 2018

Many organizations divide the network to manage the network in order to prevent the leakage of internal data between separate organizations / departments by sending and receiving unnecessary traffic. The most fundamental network separation method is based on physically separate equipment. However, there is a case where a network is divided and operated logically by utilizing a virtual LAN (VLAN) network access control function that can be constructed at a lower cost. In this study, we first examined the possibility of bypassing the logical network separation through VLAN ID scanning and double encapsulation VLAN hopping attack. Then, we showed and implemented a data leak scenario by utilizing the acquired VLAN ID. Furthermore, we proposed a simple and effective technique to detect and prevent the double encapsulation VLAN hopping attack, which is also implemented for validation. We hope that this study improves security of organizations that use the VLAN-based logical network separation by preventing internal data leakage or external cyber attack exploiting double encapsulation VLAN vulnerability.

• International Journal of Computer Science & Network Security
• /
• v.22 no.4
• /
• pp.394-400
• /
• 2022

The radio resources available in a wireless network system are limited. Therefor, job of managing resources is not easy task. Because the resources are shared among the UEs that are connected, the process of assigning resources must be carefully controlled. The packet scheduler in an LTE network is in charge of allocating resources to the user equipment (UE). Femtocells networks are being considered as a promising solution for poor channel performance for mulitple environments. The implementation of femtocells into a macrocell (traditional base station) would boost the capacities of the cellular network. To increase femtocells network capacity, a reliable Packet Scheduler mechanism should be implemented. The Packet Scheduler technique is introduced in this paper to maximize capacity of the network while maintaining fairness among UEs. The proposed solution operates in a manner consistent with this principle. An analysis of the proposed scheme's performance is conducted using a computer simulation. The results reveal that it outperforms the well-known PF scheduler in terms of cell throughput and average throughput of UEs.

• Journal of Service Research and Studies
• /
• v.5 no.1
• /
• pp.57-70
• /
• 2015

This paper develop curnel based high speed packet filtering imbedded gateway and firewall using cloud database. This study develop equipment include of predict function through bigdata analysis using cloud system. This equipment include intrusion prevention for network attack, and include system security function of L7 switch based contents. This study can improve security level of little company and general family. This study can pioneer a new market. This study can develop high perfomance switch and replacement of existing security equipment. This study proposed new next generation algorithm for constuction of high performance system from low specifications.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2003.10a
• /
• pp.712-715
• /
• 2003

The rapid progress of computer networking technology is changing the environment of today's business and its influence is spreading out widely. Although the practical use of business system using the internet technology is providing easy going infrastructures, many security problems of data or equipment in the open field will be exposed if we do not give serious considerations to their securities. In this paper, we suggest advanced methods to measure the network security capability with considerations for the security of data or equipments.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.3
• /
• pp.137-144
• /
• 2004

3GPP(3rd Generation Project Partnership)-WLAN(Wireless Local Area Network) interworking refers to the utilization of resources and access to services within the 3GPP system by the WLAN UE(User Equipment) and user respectively. The intent of 3GPP-WLAN Interworking is to extend 3GPP services and functionality to the WALN access environment. We propose an efficient mechanism for the setup of UE-initiated tunnels in 3GPP-WLAN interworking. The proposed mechanism is based on a secret key which is pre-distributed in the process of authentication and key agreement between UE and 3GPP AAA(Authentication, Authorization Accounting) server. Therefore it can avoid modular exponentiation and public key signature which need a large amount of computation in UE. Also the proposed scheme provides mutual authentication and session key establishment between UE and PDGW(Packet Data Gateway).