• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.05a
• /
• pp.295-297
• /
• 2008

Session Initiation Protocol (SIP) has become the call control protocol of choice for Voice over IP (VoIP) networks because of its open and extensible nature. However, the integrity of call signaling between sites is of utmost importance, and SIP is vulnerable to attackers when left unprotected. Currently a hop-by-hop security model is prevalent, wherein intermediaries forward a request towards the destination user agent server (UAS) without a user agent client (UAC) knowing whether or not the intermediary behaved in a trusted manner. This paper presents an integrated security model for SIP-based VoIP network by combining hop-by-hop security and end-to-end security.

• Journal of Advanced Navigation Technology
• /
• v.16 no.2
• /
• pp.307-317
• /
• 2012

Rapid development of the IT technology and mobile communications has increasingly improved many kinds of digital devices arise, as well as the mobile technology. However, the attacks (virus, hacking and Ip spoofing etc) have also increasingly grown dogged on any region including the society security. As the visual data is prone to copy, delete and move etc, it is necessary that attesting to the integrity of forensics evidence is crucial, as well as data transmission security. This paper presents a framework model using digital forensics method and the results of its performance evaluation for mobile security. The results show that the integrity of the visual data can be obtain with high security and make a proposal refer to prevention of Mobile IP Spoofing attack using our hashing data.

• Journal of the military operations research society of Korea
• /
• v.27 no.1
• /
• pp.89-100
• /
• 2001

Information technology has been made remarkable progress and most of computer systems are connected with internet over the world. We have not only advantages to access them easy, but also disadvantages to misuse information, abuse, crack, and damage privacy. We should have safeguards to preserve confidentiality, integrity and availability for our information system. Even tough the security is very important for the defense information system, we should not over limit users availability. BS7799, a British standard, is an evaluation criteria for information security management. In this paper we propose an audit model to manage and audit information security using control items of BS7799, which could be useful to mange the defence information system security. We standardize audit items, and classify them by levels, and degrees by using appropriate audit techniques / methods / processes.

• Advances in nano research
• /
• v.15 no.6
• /
• pp.513-520
• /
• 2023

The exponential proliferation of cutting-edge computing technologies has spurred organizations to outsource their data and computational needs. In the realm of cloud-based computing environments, ensuring robust security, encompassing principles such as confidentiality, availability, and integrity, stands as an overarching imperative. Elevating security measures beyond conventional strategies hinges on a profound comprehension of malware's multifaceted behavioral landscape. This paper presents an innovative paradigm aimed at empowering cloud service providers to adeptly model user behaviors. Our approach harnesses the power of a Particle Swarm Optimization-based Probabilistic Neural Network (PSO-PNN) for detection and recognition processes. Within the initial recognition module, user behaviors are translated into a comprehensible format, and the identification of malicious nano-structures behaviors is orchestrated through a multi-layer neural network. Leveraging the UNSW-NB15 dataset, we meticulously validate our approach, effectively characterizing diverse manifestations of malicious nano-structures behaviors exhibited by users. The experimental results unequivocally underscore the promise of our method in fortifying security monitoring and the discernment of malicious nano-structures behaviors.

• Journal of the Korean Institute of Telematics and Electronics S
• /
• v.35S no.4
• /
• pp.1-9
• /
• 1998

This paper developments asecurity system for transmission data in the internetwork. Intermediate system of our model does not fulfill security service of confidentiality but authentication and integrity. Thus this model knows whether the transmission data on the intermediate system is authentic and integral or not, and it is practical and easy to be developmented. This system is developmented using a ONP of USL which prvides environments of the open system.

• Proceedings of the KSRS Conference
• /
• 2004.10a
• /
• pp.91-94
• /
• 2004

Ubiquitous sensor network is to manage and collect information autonomously by communicating user around device. Security requirements in Ubiquitous based on sensor network are as follows: a location of sensor, a restriction of performance by low electric power, communication by broadcasting, etc. We propose new mutual authentication protocol using a low power of sensor node. This protocol solved a low power problem by reducing calculation overload of sensor node using two steps, RM(Register Manager) and AM(Authentication Manager). Many operations performing the sensor node itself have a big overload in low power node. Our protocol reduces the operation number from sensor node. Also it is mutual authentication protocol in Ubiquitous network, which satisfies mutual authentication, session key establishment, user and device authentication, MITM attack, confidentiality, integrity, and is safe the security enemy with solving low electric power problem.

• International Journal of Computer Science & Network Security
• /
• v.22 no.2
• /
• pp.175-184
• /
• 2022

Voice over Internet Protocol (VoIP) has grown in popularity as a low-cost, flexible alternative to the classic public switched telephone network (PSTN) that offers advanced digital features. However, additional security vulnerabilities are introduced by the VoIP system's flexibility and the convergence of voice and data networks. These additional challenges add to the normal security challenges that a VoIP system's underlying IP data network infrastructure confront. As a result, the VoIP network adds to the complexity of the security assurance task faced by businesses that use this technology. It's time to start documenting the many security risks that a VoIP infrastructure can face, as well as analyzing the difficulties and solutions that could help guide future efforts in research & development. We discuss and investigate the challenges and requirements of VoIP security in this research. Following a thorough examination of security challenges, we concentrate on VoIP system threats, which are critical for present and future VoIP deployments. Then, towards the end of this paper, some future study directions are suggested. This article intends to guide future scholars and provide them with useful guidance.

• Convergence Security Journal
• /
• v.19 no.5
• /
• pp.55-61
• /
• 2019

This paper studied security measures to protect the SCADA network from the increasingly sophisticated threats. Currently, SCADA system security uses methods that are almost like regular IT security systems. While there may be some common security techniques, security techniques are needed only for SCADA systems that are different from typical IT systems. Therefore, this paper will explore the security techniques currently used in SCADA systems, and the problems that arise when the current security techniques are used will be identified through the damage cases resulting from attacks in SCADA systems. Finally, as a new solution to ensure the availability and integrity required for current SCADA systems, we proposed linking Blockchain and SCADA systems.

• Journal of Korea Society of Industrial Information Systems
• /
• v.4 no.4
• /
• pp.149-153
• /
• 1999

This paper proposes a new security system for the next generation mobile telecommunication system The system is based on the network domain security of the 3GPP. The system provides confidentiality and integrity services in the RLC layer, the second layer of 3GPP. Our system has merits in that it can provide security services without any modification to the 3GPP protocol and has low transmission voerhead. Security algorithm and mode are controlled by the RRC layer, the third layer of 3GPP.

• Convergence Security Journal
• /
• v.2 no.2
• /
• pp.59-66
• /
• 2002

The access controls are the methods which are generally used in such systems as computer operating systems, workflow systems, information security systems and etc.. In the paper, is proposed a role-based access control model which not only has fundamental security functions such as security, integrity and flow control, but also meets the access control requirements of role-based social organizations. The proposed role-based access control model is designed in order to perform its functions in simple and secure way, largely in the environment of web-based applications.