• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.05a
• /
• pp.317-320
• /
• 2016

The NH-NongHyup network and servers were paralyzed in 2011, in the 2013 3.20 cyber attack happened and Classified documents of Korea Hydro & Nuclear Power Co. Ltd were leaked on December in 2015. All of them were conducted by a foreign country. These attacks were planned for a long time compared to the script kids attacks and the techniques used were very complex and sophisticated. However, no successful solution has been implemented to defend an APT attack thus far. Therefore, we will use big data analytics to analyze whether or not APT attack has occurred in order to defend against the manipulative attackers. This research is based on the data collected through ISAC monitoring among 3 hierarchical Korean defense system. First, we will introduce related research about big data analytics and machine learning. Then, we design two big data analytics models to detect an APT attack and evaluate the models' accuracy and other results. Lastly, we will present an effective response method to address a detected APT attack.

• Journal of KIISE:Computing Practices and Letters
• /
• v.16 no.1
• /
• pp.125-129
• /
• 2010

Stateless computing supports a mobility of computing environment easily. It is becoming a major technology for securing personal user's information on shared computing environment. With the advance of virtualization technology and cloud computing, stateless computing is an essential part of personal computing environment connectivity (user's setting and data is stored in remote server or some storage, and it can be restored at any computing environment) In this paper, we propose uPC player that supports stateless computing execution environment on Windows. uPC player provides Windows operating system to user by using an uPC OS virtualization module. In this paper, we leverage how uPC player is designed and implemented for supporting a stateless computing execution environment. uPC player provides a desktop switch between host-system execution environment and uPC virtual execution environment. And it needs just one second for loading uPC virtual execution environment by using OS virtualization-based technique.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.2
• /
• pp.107-114
• /
• 2022

Delegation is a powerful mechanism that allocates access rights to users to provide flexible and dynamic access control decisions. It is also particularly useful in a distributed environment. Among the representative delegation models, the RBDM0 and RDM2000 models are role delegation as the user to user delegation. However, In RBAC, the concept of inheritance of the role class is not well harmonized with the management rules of the actual corporate organization. In this paper, we propose an Adding Attributes on Permission-Based Delegation Model (ABDM) that guarantees the permanence of delegated permissions. It does not violate the separation of duty and security principle of least privilege. ABDM based on RBAC model, supports both the role to role and user to user delegation with an attribute. whenever the delegator wants the permission can be withdrawn, and A delegator can give permission to a delegatee.

• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.12
• /
• pp.445-452
• /
• 2022

Class distribution of unbalanced data is an important part of the digital world and is a significant part of cybersecurity. Abnormal activity of unbalanced data should be found and problems solved. Although a system capable of tracking patterns in all transactions is needed, machine learning with disproportionate data, which typically has abnormal patterns, can ignore and degrade performance for minority layers, and predictive models can be inaccurately biased. In this paper, we predict target variables and improve accuracy by combining estimates using Synthetic Minority Oversampling Technique (SMOTE) and Light GBM algorithms as an approach to address unbalanced datasets. Experimental results were compared with logistic regression, decision tree, KNN, Random Forest, and XGBoost algorithms. The performance was similar in accuracy and reproduction rate, but in precision, two algorithms performed at Random Forest 80.76% and Light GBM 97.16%, and in F1-score, Random Forest 84.67% and Light GBM 91.96%. As a result of this experiment, it was confirmed that Light GBM's performance was similar without deviation or improved by up to 16% compared to five algorithms.

• Journal of Internet Computing and Services
• /
• v.25 no.1
• /
• pp.177-188
• /
• 2024

As technology evolves, Internet usage continues to grow, resulting in a geometric increase in network traffic and communication volumes. The network path selection process, which is one of the core elements of the Internet, is becoming more complex and advanced as a result, and it is important to effectively manage and analyze it, and there is a need for a representation and visualization method that can be intuitively understood. To this end, this study designs a framework that analyzes network data using BGP, a network path selection method, and applies it to the cyber common operating picture for situational awareness. After that, we analyze the visualization elements required to visualize the information and conduct an experiment to implement a simple visualization. Based on the data collected and preprocessed in the experiment, the visualization screens implemented help commanders or security personnel to effectively understand the network situation and take command and control.

• Journal of Digital Convergence
• /
• v.19 no.6
• /
• pp.239-250
• /
• 2021

When considering the introduction of a new technology, it is important to accurately grasp and selectively apply the technical characteristics related to the technology in order to fully utilize the advantages of the technology. In this study, the technical characteristics of high relative importance were analyzed in order to increase the efficiency of new application of blockchain technology by companies. The technical characteristics of the blockchain identified through previous research were reclassified from the perspective of the system hierarchy, and sub-factors of the technical characteristics were derived. In addition, a questionnaire survey on the relative importance of technical characteristics was conducted for internal experts and SI experts using the Analytical Hierarchy Process (AHP) technique. As a result of the analysis, respondents evaluated data protection as the most important factor in the threat of hacking related to security. In addition, it was different that the comparison results of the importance of the technical characteristics between the experts in the company and the SI experts and the priority of the technical characteristics between the expert groups by industry. It is expected that the results of this study will be usefully utilized when using blockchain technology in enterprises in line with the upcoming changes of the 4th industrial revolution. An empirical analysis of the internal and external factors required for adoption of blockchain technology by industry and the effect of technology introduction will be a meaningful study.

• Journal of KIISE:Software and Applications
• /
• v.34 no.7
• /
• pp.635-645
• /
• 2007

Component technology has been widely accepted as an effective way for building software systems with reusable components, and Microsoft (MS) .NET is one of the recent representative component technologies. Model Driven Architecture (MDA) is a new development paradigm which generates software by transforming design models automatically and incrementally. Transformation of structural models in MDA has been successfully applied. However, transformation of dynamic models and pervasive services, such as transaction service, security service, synchronization service and object pooling are largely remains as an area for further research. The recent enterprise system has multi tier distributed architecture, and the functionality of early mentioned pervasive services is essential for this architecture. .NET platform can implement Component Object Model+ (COM+) component for supporting pervasive services by specify Attribute code. In this paper, we specify the functionalities of the COM+ component offering pervasive services, and then those functionalities are defined by UML profile. By using the profile, the Platform Specific Model (PSM) for .NET/C# is specified, and .NET components are automatically generated through our tool. The development productivity, extensibility, portability, and maintenance of software can be dramatically improved by using of the proposed methods.

• Informatization Policy
• /
• v.30 no.4
• /
• pp.40-61
• /
• 2023

The adoption of smart factories and smart manufacturing as strategies to enhance competitiveness and stimulate growth in the manufacturing sector is vital for a country's future competitiveness and industrial transformation. The government has consistently pursued smart manufacturing innovation policies starting with the Manufacturing Innovation 3.0 strategy in the Ministry of Industry. This study aims to identify policy areas for smart factories and smart manufacturing based on technical standards. Analyzing policy areas at the current stage where the establishment and support of domestic standards aligning with international technical standards are required is crucial. By prioritizing smart manufacturing process areas within the industry, policymakers can make well-informed decisions to advance smart manufacturing without blindly following international standardization in already well-established areas. To achieve this, the study utilizes a hierarchical analysis method including expert interviews and importance-performance analysis for the five major process areas. The findings underscore the importance of proactive participation in standardization for emerging technologies, such as data and security, instead of solely focusing on areas with extensive international standardization. Additionally, policymakers need to consider carbon emissions, energy costs, and global environmental challenges to address international trends in export and digital trade effectively.

• Journal of the Institute of Electronics Engineers of Korea SP
• /
• v.41 no.4
• /
• pp.9-21
• /
• 2004

In this paper, we proposed the image hiding method which decreases calculation amount by encrypt partial data using discrete wavelet transform and linear scale quantization which were adopted as the main technique for frequency transform in JPEG2000 standard. Also we used the chaotic system which has smaller calculation amount than other encryption algorithms and then dramatically decreased calculation amount. This method operates encryption process between quantization and entropy coding for preserving compression ratio of images and uses the subband selection method and the random changing method using the chaotic system. For ciphering the quantization index we use a novel image encryption algerian of cyclically shifted in the right or left direction and encrypts two quantization assignment method (Top-down/Reflection code), made change of data less. Also, suggested encryption method to JPEG2000 progressive transmission. The experiments have been performed with the proposed methods implemented in software for about 500 images. consequently, we are sure that the proposed are efficient image encryption methods to acquire the high encryption effect with small amount of encryption. It has been shown that there exits a relation of trade-off between the execution time and the effect of the encryption. It means that the proposed methods can be selectively used according to the application areas. Also, because the proposed methods are performed in the application layer, they are expected to be a good solution for the end-to-end security problem, which is appearing as one of the important problems in the networks with both wired and wireless sections.

• Korean Security Journal
• /
• no.56
• /
• pp.9-30
• /
• 2018

Crime prevention strategies are introduced to reduce the loss caused by crimes, and Target hardening against domestic burglary attacks is broadly accepted as one of such physical security strategies. In terms of business and home security, target hardening is one of the suite of protective measures that are included in crime prevention through environmental design(CPTED). This can include ensuring all doors and windows are sourced and fitted in such a way that they can resist forcible and surreptitious from the attack of intruder. Target hardening with certified security doors, security windows and secure locks are revealed to be much more effective to deter burglary attacks than other security devices, such as CCTV, lightings and alarms which have largely psychological and indirect impact. A pilot program of target hardening utilizing certified security window and locks was carried out in Ansan city, South Korea in 2016. This study is based on the quasi-experimental design of this program for a residential area. The researchers tried to verify the crime displacement effect of the target hardening program and the diffusion effects of crime prevention benefits by analysing the crime statistics. The evaluation utilized WDQ(Weighted Displacement Quotient) technique to analyze whether the crime displacement occurred, compared the crime statistics of the experimental area with that of buffer zone and controlled areas. The result showed that the target hardening program was significantly effective in crime prevention. The number of burglary in the experimental site with target hardening intervention reduced by 100%, although the areas without the intervention showed reduction in the burglary. The crime displacement was not found at all, and the number of burlary at the buffer zone also reduced significantly.