• THE INTERNATIONAL COMMERCE & LAW REVIEW
• /
• v.54
• /
• pp.45-80
• /
• 2012

Since the 9.11 terror attack, the event which caused supply chain disruption, supply chain security has become more important than ever before. With this as a momentum, a customs supply chain security paradigm emerged intended to guarantee secure flow of cargo across boarder. Under this circumstances Incoterms(R) 2010 rules have allocated obligations between the buyer and seller to obtain or to render assistances in obtaining security clearances. Thus, security related obligations such as providing advance manifest information is the mandatory requirements for any export and import. The impact on the seller and buyer of security related obligations under the Incoterms(R) 2010 rules environment is obvious. Assistance to provide the security information in advance has become indispensable obligations to the seller and buyer. As such assistances is at the cost and risk of the party responsible for the clearances of the goods, the choice of recognised partner and compliance with the relevant security program, in order to enjoy the relevant benefits, becomes paramount.

• Journal of Digital Convergence
• /
• v.12 no.8
• /
• pp.351-359
• /
• 2014

The log data generated by security equipment have been synthetically analyzed on the ESM(Enterprise Security Management) base so far, but due to its limitations of the capacity and processing performance, it is not suited for big data processing. Therefore the another way of technology on the big data platform is necessary. Big Data platform can achieve a large amount of data collection, storage, processing, retrieval, analysis, and visualization by using Hadoop Ecosystem. Currently ESM technology has developed in the way of SIEM (Security Information & Event Management) technology, and to implement security technology in SIEM way, Big Data platform technology is essential that can handle large log data which occurs in the current security devices. In this paper, we have a big data platform Hadoop Ecosystem technology for analyzing the security log for sure how to implement the system model is studied.

• Convergence Security Journal
• /
• v.13 no.5
• /
• pp.129-135
• /
• 2013

The revised security industry law revised 17 provisions among 31 provisions in order to root out the violent event. The main contents of the revised security industry law is the intensitfication of the required condition of permission, intensitfication of the obligation, management strengthening of the public resentment of group field, official, reason of expansion of the expenses instructor and guard, dress and equipment, vehicle, intensitfication of the managing director, intensitfication of the punishment, and etc. However, there is the problem including the putting under an obligation of the arrangement new appointment education, cause provider punishment of the service company violence, awareness of the police to the security company, excessive regulation, intensification of punishment problem, supervision power intensitfication of the revised security industry law is excessive the police, and etc. The individual responsibility education completion method and public resentment of group field in addition to is thought in order to solve this that exclusion of the prior education obligation, revision of the security industry law, burden on tax payers of the extra charge, punishment of the violence request contract trader, introduction of the guard qualification certificate system, and etc. are needed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.3
• /
• pp.667-678
• /
• 2016

Due to a development of the cable/wireless network infra, the traffic as big as unable to compare with the past is being served through the internet, the traffic is increasing every year following the change of the network paradigm such as the object internet, especially the traffic of about 1.6 zettabyte is expected to be distributed through the network in 2018. As the network traffic increases, the performance of the security infra is developing together to deal with the bulk terabyte traffic in the security equipment, and is generating hundreds of thousands of security events every day such as hacking attempt and the malignant code. Efficiently analyzing and responding to an event on the attack attempt detected by various kinds of security equipment of company is one of very important assignments for providing a stable internet service. This study attempts to overcome the limit of study such as the detection of Tor network traffic using the existing low-latency by classifying the anonymous network by means of the suggested algorithm about the event detected in the security infra.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.14 no.2
• /
• pp.369-376
• /
• 2019

This paper studies desirable form of future e-government in terms of intelligent government research in response to new intelligent cyber security services in the fourth industrial revolution. Also, the strategic planning of the future e-government has been contemplated in terms of the centralization and intellectualization which are significant characteristics of the fourth industrial revolution. The new system construction which is applied with security analysis technology using big data through advanced relationship analysis is suggested in the paper. The establishment of the system, such as SIEM(Security Information & Event Management), which anticipatively detects security threat by using log information through big data analysis is suggested in the paper. Once the suggested system is materialized, it will be possible to expand big data object, allow centralization in terms of e-government security in the fourth industrial revolution, boost data process, speed and follow-up response, which allows the system to function anticipatively.

• Korean Security Journal
• /
• no.10
• /
• pp.15-34
• /
• 2005

1. There was significant relationship between personality traits and coping behavior. (1) Type A Group used more problem-focused and emotion-focused coping style than Type B Group (2) Non-sociable group used more emotion-focused coping style especially 'escape-avoidance' behavior than sociable group (3) Emotionally unstable group used more emotion-focused coping style especially 'distancing' and 'escape-avoidance behavior than stable group. 2. There was no significant relationship between personality traits and stress coping effect except emotional stability. 3. There was same inter-correlations among personality, coping style, and coping effect, (1) Type A was significantly correlated with sociability but not with emotional stability. (2) Problem-focused coping style was positively correlated with emotion-focused coping style. (3) Coping effect was not significantly correlated with coping style and personality traits accept emotional stability. 4. There was significant relationship between cognitive appraisal and coping style. (1) When they appraised the event 'could change or did something about it,' that used more problem-focused coping style than appraised 'had to accept.' (2) When they appraised the event ' could control before it occures.' they used more problem-focused and emotion-focused coping style than appraised it 'could not control'. (3) When they appraised the event 'had to gold back.' they used more problem-focused and emotion-focused coping style than appraised it 'had not to hold back.' (4) When they appraised the event 'happened by me.' they used more problem-focused coping style than appraised it 'happened by others.' (5) When they appraised the event 'needed to know more, 'they did not significantly use more coping behavior than appraised it 'needed not to know more.' 5. There was no significant difference except two cases in cognitive appraisal to the problem according to the personality. The two cases were as follows: (1) Sociability group appraised the event 'had to accept.' while non-sociability group appraised it 'could change or did some thing about.' (2) Emotionally stable group appraised the event 'happened by others.' while emotionally unstable group appraised it "happened by me".

• Journal of Information Technology Services
• /
• v.10 no.4
• /
• pp.243-258
• /
• 2011

With increasing interest in ubiquitous computing technology, an infrastructure for the short-distance wireless communication has been extended socially, bringing spotlight to the security system using the image or location. In case of existing security system, there have been issues such as the occurrences of blind spots, difficulty in recognizing multiple objects and storing of the unspecified objects. In order to solve this issue, zone-based location-estimation search system for the image have been suggested as an alternative based on the real-time location determination technology combined with image. This paper intends to suggest the search service for the image zone-based location-estimation. For this, it proposed the location determination algorism using IEEE 802.15.4/ZigBee's RSSI and for real-time image service, the RTP/RTCP protocol was applied. In order to combine the location and image, at the event of the entry of the specified target, the record of the time for image and the time of occurrence of the event on a global time standard, it has devised a time stamp, applying XML based meta data formation method based on the media's feature data based in connection with the location based data for the events of the object. Using the proposed meta data, the service mode which can search for the image from the point in time when the entry of the specified target was proposed.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.12
• /
• pp.4909-4926
• /
• 2020

Cyberattacks penetrate the server and perform various malicious acts such as stealing confidential information, destroying systems, and exposing personal information. To achieve this, attackers perform various malicious actions by infecting endpoints and accessing the internal network. However, the current countermeasures are only anti-viruses that operate in a signature or pattern manner, allowing initial unknown attacks. Endpoint Detection and Response (EDR) technology is focused on providing visibility, and strong countermeasures are lacking. If you fail to respond to the initial attack, it is difficult to respond additionally because malicious behavior like Advanced Persistent Threat (APT) attack does not occur immediately, but occurs over a long period of time. In this paper, we propose a technique that detects an unknown attack using an event log without prior knowledge, although the initial response failed with anti-virus. The proposed technology uses a combination of AutoEncoder and 1D CNN (1-Dimention Convolutional Neural Network) based on semi-supervised learning. The experiment trained a dataset collected over a month in a real-world commercial endpoint environment, and tested the data collected over the next month. As a result of the experiment, 37 unknown attacks were detected in the event log collected for one month in the actual commercial endpoint environment, and 26 of them were verified as malicious through VirusTotal (VT). In the future, it is expected that the proposed model will be applied to EDR technology to form a secure endpoint environment and reduce time and labor costs to effectively detect unknown attacks.

• Proceedings of the KSR Conference
• /
• 2007.11a
• /
• pp.1428-1432
• /
• 2007

One of the most important targets of transportation is to transport human and commodities to the destination safely. Railway has low risk, compared with land, ocean and flight route and it assures high security as well as high speed driving, since it runs on regular track. However, train accident may result in tragic accident due to small carelessness, so special event recorder is preferably used in order for clarity of responsibility in case of accident, maintenance of signal device and defect analysis. JRU(Juridical Recorder Unit) for ATC/ATS/ATP can be more advanced event recorder. Event recorder of KTX-I which is running now is installed one by one on each leading car and last car, and operation plan of event recorder in case of single trainset is suggested. But regarding train operation of multi-coupled trainset operation such as KTX-II, more detailed study is required for event recorder revitalization and record data process method. Therefore, this research aims at operation plan used in existing event recorder, and suggests effective operation and management plan of event recorder in multi-coupled trainset such as new High Speed Train.

• Journal of the Korea Convergence Society
• /
• v.9 no.7
• /
• pp.55-62
• /
• 2018

Recently, as the threat of cyber crime increases, the importance of security control to cope with cyber attacks on the information systems in the first place such as real-time detection is increasing. In the name of security control center, cyber terror response center and infringement response center, institutional control personnel are making efforts to prevent cyber attacks. Especially, we are detecting infringement accident by using network security equipment or utilizing control system, but it's not enough to prevent infringement accident by just controlling based on device-driven simple patterns. Therefore, the security control system is continuously being upgraded, and the development and research on the detection method are being actively carried out by the prevention activity against the threat of infringement. In this paper, we have defined the method of detecting infringement of major component module in order to improve the problem of existing infringement detection method. Through the performance tests for each module, we propose measures for effective security control and study effective infringement threat detection method by upgrading the control system using Security Information Event Management (SIEM).