• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1239-1246
• /
• 2013

Recently, The cloud computing technology is emerging as an important issue in the world, and In technology and services, has attracted much attention. However, the positive aspects of cloud computing unlike the includes several vulnerabilities. For this reason, the Hacking techniques according to the evolution of a variety of attacks and damages is expected. Therefore, this paper will be analyzed management models through case studies and experiments to the threats and vulnerabilities of the cloud computing. and In the future, this is expected to be utilized as a basis for the security design and performance improvement.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.05a
• /
• pp.650-653
• /
• 2011

In this paper, we describe Bluetooth system and Bluetooth security. And we analyze the structure of information security and vulnerability, introduced one of Bluetooth hacking techniques. We show a demo of the attack process to inject arbitrary hands-free voice messages and save the file information, recording a conversation through hands-free device.

• Convergence Security Journal
• /
• v.13 no.6
• /
• pp.17-24
• /
• 2013

Recently, the cloud computing technology is emerging as an important issue in the world, and In the technology and services has attracted much attention. However, the positive aspects of cloud computing unlike the includes several vulnerabilities. For this reason, the hacking techniques according to the evolution of a variety of attacks and damages is expected. Therefore, this paper will be analyzed through case studies and experiments to the security technology trends of the cloud computing. and In the future, this is expected to be utilized as a basis for the security system design and corresponding technology development.

• Convergence Security Journal
• /
• v.19 no.3
• /
• pp.3-12
• /
• 2019

BGP is the most important protocol among routing protocols that exchange routing information to create routing tables and update changed information so that users on the Internet can send information to destination systems. This paper analyzes how to prevent malicious attacks and problems caused by network administrator's mistakes by using vulnerabilities in BGPv4 that are currently used. We analyzed the attack methods by performing the actual attack experiment on the AS-PATH attack, which is the attack method for BGP's representative security vulnerability, and proposed the algorithm to identify the AS-PATH attack.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.61 no.8
• /
• pp.1186-1192
• /
• 2012

In Jeju Smart Grid field test, Zigbee technology is being used as one of customer side solutions for AMI. Although Zigbee networks that provides effective connectivity and control among devices are advantages in ease of implementation and use, the data can be exposed to cyber attacks such as eavesdrop, unauthorized data dissemination and forgery. Currently authentication and confidentiality services are provided with the network and link keys generated based on public key pairs that are pre-installed in offline. However, the network is vulnerable once a hacker intrudes into a local network because operation and management policies for the generated keys are not well-established yet. In this paper, the vulnerability of the Zigbee security system in the customer side environment of Jeju Smart Grid field test is analyzed. Then, two-way authentication with the unique identifiers of devices and user-specific group management policies are proposed to resolve the vulnerability.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.169-170
• /
• 2014

Most of the attacks will attempt to exploit the vulnerability of the application website(SW). Cases are also frequently at home and abroad, and to be hacked. In this paper, S/W Development Security sees the main issues dealt with. Security-related laws and regulations to look at the system.

• International Journal of Computer Science & Network Security
• /
• v.22 no.1
• /
• pp.234-240
• /
• 2022

One of the most discussed topics is cyber security when it comes to web application and how to protect it and protect databases. One of the most widely used and widespread techniques is SQLI, and it is used by hackers and hackers. In this research, we touched on the concept of SQLI and what are its different types, and then we detected a SQLI vulnerability in a website using SQLMAP. Finally, we mentioned different ways to avoid and protect against SQLI.

• International Journal of Internet, Broadcasting and Communication
• /
• v.15 no.4
• /
• pp.128-133
• /
• 2023

Satellite based communication is networks in which users in a wide area can access without wired-based ground infrastructure. In particular, the need is emerging due to the recent Ukraine-Russia war. Satellite network systems acquire data that is difficult to observe on Earth as well as communication networks and are also used for research and development, which allows additional data to be produced. However, due to the nature of communication networks existing in outer space, certain vulnerabilities are revealed, and attacks based on them can be exposed. In this paper, we analyze vulnerabilities that may arise due to the nature of satellite communication networks and describes current research, countermeasures, and future research directions.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.12 no.5
• /
• pp.237-242
• /
• 2012

Cyber attacks have rapidly increased by exploiting the underlying vulnerabilities in the target software. However, identifying and correcting these vulnerabilities are extremely difficult and time consuming tasks. To address these problems efficiently, we propose a systematic methodology for security vulnerability assessment process on binary code in the paper. Specifically, we first classified the existing vulnerabilities based on whether the target software run in a Web environment and features of the software. Based on the classification, we determined the list and scope of the vulnerabilities. As our future research direction, we need to further refine and validate our methodology.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.13 no.6
• /
• pp.1106-1112
• /
• 2010

One of the considerations in weapon systems procurement is the objective of maximizing the current force. Also, offensive effects, rather than defense are valued in weapons system development and procurement. Especially, the survivability of a naval ship is equally important as the offensive effect of onboard weapons. In case of naval ships, development of attack tactics and research regarding damage minimization must be conducted through live fire exercise against actual targets in order to minimize damage from the enemy. However, it is difficult to conduct such adequate measures due to realistic limitations such as time and budget in order to verify and calculate a weapon system's attack and damage effects along with the lack of practical studies in this subject despite numerous interests. Research are being conducted utilizing M&S to estimate attack effects and study damages due to such reason, but the lack of authoritative data and development ability are limiting calculation of reliable results. Therefore, this study will propose a measure to increase survivability of a weapon system(ship/vessel) utilizing research of vulnerability from enemy attacks analysis method against a naval ship(Craft Air Cushion).