• KIPS Transactions on Software and Data Engineering
• /
• v.8 no.6
• /
• pp.223-234
• /
• 2019

Cyber attacks are an important factor that determines the victory and defeat of Network-centric wars in which advanced weapon systems are highly interlinked. In addition the increasing dependability on software as its develop as the latest fighter is demanding enhanced security measures for fighter software to Cyber attacks. In this paper, we apply the DO-326A, which is an airworthiness security certification standard, to design a risk-based security threat assessment process by reflecting characteristics and operational environment of fighter aircraft. To do this, we add the following steps in security threat assessment stage of DO-326A's airworthiness security certification process. First, we derive security threats of fighter. And then, we scored the security threat in terms of possibility and impact on the fighter. Finally, we determine the security risk severity.

• International Journal of Computer Science & Network Security
• /
• v.22 no.7
• /
• pp.191-198
• /
• 2022

With the ever-increasing frequency of public sector and smalls-cale industries going live on the internet in developing countries, their security of which, while crucial, is often overlooked in most cases. This is especially true in Government services, whilst essential, are poorly monitored if at all. This is due to lack of funds and personnel. Most available software which can help these organizations monitor their services are either expensive or very outdated. Thus, there is a need for any developing country to develop a networking monitoring system. However, developing a network monitoring system is still a challenge and expensive and out sourcing network monitoring system to third party is a security threat. Therefore, in this article we propose a method to anonymize network logs and outsource networking monitoring system to third-party without breach in integrity of their network logs.

• KIPS Transactions on Computer and Communication Systems
• /
• v.4 no.9
• /
• pp.271-282
• /
• 2015

In the business environment BYOD(Bring Your Own Device) is used and being expanded continuously. According to a survey conducted by Cisco in 2012 on 600 companies, 95% of them are already permitting the use of BYOD in their work environments so that productivity of their employees has improved as a result. Gartner predicted that the use of BYOD will be caused new security threat. They also suggested to introduce NAC(Network Access Control) to resolve this threat, to separate network zone based on importance of their business, to establish the policy to consider user authority and device type, and to enforce the policy. The purpose of this paper is to design and implement the NAC for granular access control based on IEEE(Institute of Electrical and Electronics Engineers) 802.1X and DHCP(Dynamic Host Configuration Protocol) fingerprinting, and to analyze the performance on BYOD environment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.4
• /
• pp.763-773
• /
• 2017

In recent years, personal information leakage and technology leakage accidents are frequently occurring. According to the survey, the most important part of this spill is the 'insider' within the organization, and the leakage of technology by insiders is considered to be an increasingly important issue because it causes huge damage to the organization. In this paper, we try to learn the normal behavior of employees using machine learning to prevent insider threats, and to investigate how to detect abnormal behavior. Experiments on the detection of abnormal behavior by implementing an Autoencoder composed of Recurrent Neural Network suitable for learning time series data among the neural network models were conducted and the validity of this method was verified.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.1
• /
• pp.71-77
• /
• 2006

Several network attacks, such as distributed denial of service (DDoS) attack, present a very serious threat to the stability of the internet. The threat posed by network attacks on large networks, such as the internet, demands effective detection method. Therefore, a simple intrusion detection system on large-scale backbone network is needed for the sake of real-time detection, preemption and detection efficiency. In this paper, in order to discriminate attack traffic from legitimate traffic on backbone links, we suggest a relatively simple statistical measure, entropy, which can track value frequency. Den is conspicuous distinction of entropy values between attack traffic and legitimate traffic. Therefore, we can identify what kind of attack it is as well as detecting the attack traffic using entropy value.

• Smart Media Journal
• /
• v.12 no.5
• /
• pp.122-122
• /
• 2023

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2003.05a
• /
• pp.800-803
• /
• 2003

Recently the number of internet users has very fast increased, and the number of intrusions has also increased very much. Hence, Security production developed to prevent systems and network from being hacked and intruded. However, hacking and virus getting on automation, intelligence, decentralization, large-scale and concealment. Therefore, Network security service necessary to deal with such threat. In this paper, we investigate about new network security services of trace-back, recovery, network vulnerability analysis, attack prediction and consideration for these services.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.3
• /
• pp.605-612
• /
• 2011

Recently, cyber attacks against public communications networks are getting more complicated and varied. Moreover, in some cases, one country could make systematic attacks at a national level against another country to steal its confidential information and intellectual property. Therefore, the issue of cyber attacks is now regarded as a new major threat to national security. The conventional way of operating individual information security systems such as IDS and IPS may not be sufficient to cope with those attacks committed by highly-motivated attackers with significant resources. In this paper, we discuss the technologies and standard trends about actual cyber threat and response methods, design the collaborative response framework based on the security information sharing in the inter-domain environments. The computation method of network threat level based on the collaborative response framework is proposed. The network threats are be quickly detected and real-time response can be executed using the proposed computation method.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.14 no.5
• /
• pp.19-26
• /
• 2014

The advent of smart phones brought adverse effect between devices recently. For example, adverse effects of info-communication with advent of computer. Also, hacking threat aiming cyber space that is getting more advanced is spreading in terms of range and danger, so that it reaches the level that the nation has to concern. In this circumstance, crimes involving info-technology is now problem in society. As internet technology advances, it enlarges the range of hacker's threat to not only smart phones, but ships, aircrafts, buildings, and cars. It could be seen as social threat of between human and human, between machine and machine, and between human and machine. This study discuss these problems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.3
• /
• pp.491-498
• /
• 2014

Recently, cyber terror has been occurred frequently based on advanced persistent threat(APT) and it is very difficult to detect these attacks because of new malwares which cannot be detected by anti-virus softwares. This paper proposes and verifies the algorithms to detect the advanced persistent threat previously through real-time network monitoring and combinatorial analysis of big data log. In the future, APT attacks can be detected more easily by enhancing these algorithms and adapting big data platform.