• East Asian Economic Review
• /
• v.17 no.1
• /
• pp.27-53
• /
• 2013

In this paper, we look at the relationship between international trade and the rule of law, using the World Justice Project Rule of Law Index, which include index figures on human rights, limits on government powers, transparency and regulatory efficiency. Based on regression analyses using the rule of law index figures and international trade figures (merchandise trade, service trade, exports and imports as percentage of GDP,) international trade and basic human rights seem to have little relationship; but trade has a close positive relationship with strong order and security. Somewhat surprisingly, regulatory transparency and effective implementation seems to have little or no effect on international trade and vice versa. International trade shows a clear positive relationship with the country's criminal justice system, but the relationship with the civil justice system is not as clear as such. For regulatory implementation and civil justice, services trade positively affect these institutions, but these institutions in turn affect exports more strongly than services trade. Finally, the effect of trade on rule of law is stronger on a medium to long term (10-20 year) time horizon.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.3
• /
• pp.79-88
• /
• 2008

On the internet, the NIDS(Network Intrusion Detection System) has been widely deployed to protect the internal network. The NIDS builds a set of rules with analysis results on illegal packets and filters them using the rules, thus protecting the internal system. The number of rules is ever increasing as the attacks are becoming more widespread and well organized these days. As a result, the performance degradation has been found severe in the rule application fer the NIDS. In this paper, we propose a multiple pattern matching scheme to improve rule application performance. Then we compare our algorithm with Wu-Mantel algorithm which is known to do high performance multi-pattern matching.

• Convergence Security Journal
• /
• v.15 no.4
• /
• pp.83-90
• /
• 2015

Recent, Cyber attacks such as hacking and malicious code techniques are evolving very rapidly changing cyber a ttacks are increasing, the number of malicious code techniques vary accordingly become intelligent. In the case of m alware because of the ambiguity in the number of malware have increased rapidly by name or classified as maliciou s code may have difficulty coping with. This paper investigated the naming convention of the vaccine manufacturer s in Korea to solve this problem, the analysis and offers a naming convention for security control event detection r ule analysis to compare the pattern of the detection rule out based on this current.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.8
• /
• pp.39-45
• /
• 2020

Despite the increasing interest in cyber security in recent years, the emergence of new technologies has led to a shortage of professional personnel to efficiently perform the cyber security. Although various methods such as cyber rage are being used to cultivate cyber security experts, there are problems of limitation of virtual training system, scenario-based practice content development and operation, unit content-oriented development, and lack of consideration of learner level. In this paper, we develop a fuzzy rule-based user-customized training scenario automatic generation system for improving user's ability to respond to infringement. The proposed system creates and provides scenarios based on advanced persistent threats according to fuzzy rules. Thus, the proposed system can improve the trainee's ability to respond to the bed through the generated scenario.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.3
• /
• pp.537-552
• /
• 2024

Domestic nuclear power plants operate under the establishment of the "Information System Security Regulations" in accordance with the Nuclear Safety Act, introducing and implementing a cybersecurity system that encompasses organizational structure as well as technical, operational, and managerial security measures for assets. Despite attempts such as phased approaches and alternative measures for physical protection systems, the reduction in managed items has not been achieved, leading to an increased burden on security capabilities due to limited manpower at the site. In the main text, an analysis is conducted on Type A1 assets performing nuclear safety functions using Maintenance Rules (MR) and EPRI Technical Assessment Methodology (TAM) from both a maintenance perspective and considering device characteristics. Through this analysis, approaches to re-evaluate the impact of cyber intrusions on asset functionality are proposed.

• Korean Security Journal
• /
• no.34
• /
• pp.233-258
• /
• 2013

In the early days of the Goryeo Dynasty, the royal guard was comprised of the central regular army in the 2-gun-6-wi system, and Nasungeomgun was in charge of the security inside the palace. However, the military system became disorganized during the period of military rule and the royal guard had to rely on military subjects. The military officials suppressed the civil ministers centering on Jungbang, the guarding organization close to the King to incapacitate the royal authority and control the state affairs. When the rule of the three leaders of the military rule became short-lived and Dae-seung Gyeong is raised to the ruler, he organized a do-or-die squad comprised of a hundred and more people for his personal safety, and this became the first dobang. Dobang was disassembled after Dae-seung Gyeong died of disease, but under the rule of Chung-heon Choe, Dae-seung Gyeong's dobang was revived and reinforced into 'Yukbeon Dobang' to provide the ruler with personal protection and intensify the ruling system, and it was quite a large organization with more refined system. Yukbeon Dobang was expanded and reinforced into Naeoedobang under the rule of Woo Choe, the son of Chung-heon Choe, and it was enhanced even more into Dobang Samsipyukbeon System under the rule of the grandson, Hang Choe. Dobang can be considered as the guard organization in modern sense, and it collected information and surveyed the area where guarding is required and house troops that belonged to Naedobang eliminated the risks that may follow afterwards to make assurance doubly sure for guarding. The Choe's regime established Mabyeolcho as a private guard organization in addition to dobang, and this formed the cavalry and infantry units with dobang. Yabyeolcho organized by Woo Choe in the reign of King Gojong was divided into Joabyeolcho and Ubyeolcho, and later Sineuigun was integrated with them to form Sambyeolcho. Originally, Yabyeolcho was established under the rule of Woo Choe to prevent crime in the evening, but after Sineuigun was organized with the ones who were captured by Mongolian army but escaped, in other words when Sambyeolcho was organized, the organization displayed much broader influence by covering military and police affairs as well as punishment and imprisonment. The guarding organization during the Period of Military Rule in the Goryeo Dynasty did not have strict distinction between official guard and personal guard. The private guard in modern days which is the equivalent of personal guard is characterized by its commerciality, however, house troops and the members of dobang did not seem to pursued profit. The guard organization during the period of military rule started from dobang which was organized for personal safety but gradually developed publicness through the participation of civil ministers and expansion, and later it played the pivotal role for social security serving official purpose up to the level where the distinction between official and private activities was blurred during the period of Sambyeolcho.

• Review of KIISC
• /
• v.5 no.2
• /
• pp.32-48
• /
• 1995

Our paper describes an Intrusion Detection Parallel System(IDPS) which detects an anomaly activity corresponding to the actions that interaction between near detection events. IDES uses parallel inductive approaches regarding the problem of real-time anomaly behavior detection on rule-based system. This approach uses sequential rule that describes user's behavior and characteristics dependent on time. and that audits user's activities by using rule base as data base to store user's behavior pattern. When user's activity deviates significantly from expected behavior described in rule base. anomaly behaviors are recorded. Observed behavior is flagged as a potential intrusion if it deviates significantly from the expected behavior or if it triggers a rule in the parallel inductive system.

• Korean small business review
• /
• v.42 no.1
• /
• pp.57-77
• /
• 2020

In Korea, various schemes have been implemented to prevent the outflow of technology, but they do not bring practical effects. In general, we focus on follow-up measures such as strong punishment in case of violation of the law. In terms of proactive prevention, it is not shown to have any real preventive effect, even though it includes such matters as imposing security measures on companies or conducting a survey. this paper examines the need to strengthen the protection of business secrets by reviewing the employment rules between companies and workers presented in the Labor Relations Act and the Labor Standards Act as a realistic alternative. In most companies, even though the employment rule is the highest standard of private regulations, the employment rule has no matters on the prevention and protection of technology leakage. The employment rules require all employees working for companies to agree and notify in the Labor Standards Act, so it is necessary to reflect them as standards in the standard employment rules because it shows that all employees of the company can have a common sense of security and present legal compliance with security-related documents, such as security pledges and security-related guidelines and procedures.

• Journal of the Korea Computer Industry Society
• /
• v.5 no.8
• /
• pp.781-790
• /
• 2004

This paper describes intrusion detection rule mangement using mobile agents. Intrusion detection can be divided into anomaly detection and misuse detection. Misuse detection is best suited for reliably detecting known use patterns. Misuse detection systems can detect many or all known attack patterns, but they are of little use for as yet unknown attack methods. Therefore, the introduction of mobile agents to provide computational security by constantly moving around the Internet and propagating rules is presented as a solution to misuse detection. This work presents a new approach for detecting intrusions, in which mobile agent mechanisms are used for security rules propagation. To evaluate the proposed appraoch, we compared the workload data between a rules propagation method using a mobile agent and a conventional method. Also, we simulated a rules management using NS-2(Network Simulator) with respect to time.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.1
• /
• pp.57-70
• /
• 1999

Since a hybrid firewall filters packets at a network layer along with providing gateway functionalities at an application layer, it has a better performance than an If filtering firewall. In addition, it provides both the various kinds of access control mechanisms and transparent services to users. However, the security policies of a network layer are different from those of an application layer. Thus, the user interfaces for managing a hybrid firewalls in a consistent manner are needed. In this paper, we implement a graphical user interface to provide access control mechanisms and management facilities for a hybrid firewall such as log analysis, a real-time monitor for network traffics, and the statisics on traffics. And we also propose a new rule script language for specifying access control rules. By using the script language, users can generate the various forma of access control rules which are adapted by the existing firewalls.