• The Journal of the Korea Contents Association
• /
• v.20 no.7
• /
• pp.618-628
• /
• 2020

The purpose of this paper is to propose a new security orchestration service model by combining various security solutions that have been introduced and operated individually as a basis for cyber security framework. At present, in order to respond to various and intelligent cyber attacks, various single security devices and SIEM and AI solutions that integrate and manage them have been built. In addition, a cyber security framework and a security control center were opened for systematic prevention and response. However, due to the document-oriented cybersecurity framework and limited security personnel, the reality is that it is difficult to escape from the control form of fragmentary infringement response of important detection events of TMS / IPS. To improve these problems, based on the model of this paper, select the targets to be protected through work characteristics and vulnerable asset identification, and then collect logs with SIEM. Based on asset information, we established proactive methods and three detection strategies through threat information. AI and SIEM are used to quickly determine whether an attack has occurred, and an automatic blocking function is linked to the firewall and IPS. In addition, through the automatic learning of TMS / IPS detection events through machine learning supervised learning, we improved the efficiency of control work and established a threat hunting work system centered on big data analysis through machine learning unsupervised learning results.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.5
• /
• pp.871-883
• /
• 2014

New types of attacks that mainly compromise the public, portal and financial websites for the purpose of economic profit or national confusion are being emerged and evolved. In addition, in case of 'drive by download' attack, if a host just visits the compromised websites, then the host is infected by a malware. Website falsification detection system is one of the most powerful solutions to cope with such cyber threats that try to attack the websites. Many domestic CERTs including NCSC (National Cyber Security Center) that carry out security monitoring and response service deploy it into the target organizations. However, the existing techniques for the website falsification detection system have practical problems in that their time complexity is high and the detection accuracy is not high. In this paper, we propose website falsification detection system based on image and code analysis for improving the performance of the security monitoring and response service in CERTs. The proposed system focuses on improvement of the accuracy as well as the rapidity in detecting falsification of the target websites.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.10a
• /
• pp.583-585
• /
• 2015

도시농촌을 대상으로 스마트팜(Smart-Farm) 솔루션은 현재 많이 출시되어 운용되고 있다. 하지만, 대부분의 스마트팜 제품들은 시설재배의 유형, 재배대상 작물의 특성 및 시설재배관리자(사용자)의 요구를 반영할 수 있는 개방형 시스템과는 거리가 멀다. 본 연구팀에서는 대규모의 시설 농가를 대상으로 통합관제기술과 스마트제어, 센서기술을 적용한 단동형 스마트팜 관리시스템을 개발 및 상용화를 목표로 하고 있으며, 이는 각 작물의 특징과 사용자의 요구에 따라 관리시스템의 유연성 및 확장성을 고려하여 설계하고 있다. 본 논문에서는 해당 연구의 일환으로 단일시설재배작물로는 세계 최대 생산지인 경상북도 성주참외를 대상으로 사용자 편의성이 증진된 단동형 농작물관리시스템을 설계하였다.

• Journal of the Korean Society for Railway
• /
• v.16 no.5
• /
• pp.430-438
• /
• 2013

An empirical study on railway controller and railway engineer who work in a domestic railway corporation was undertaken to verify the effects of emotional burnout and empowerment and organizational commitment on cooperation and safety behavior. The results of the analysis confirmed that the relations between emotional burnout, empowerment and organizational commitment as well as the relations between cooperation and safety behavior had negative effects. In contrast, the results of the analysis confirmed that empowerment and organizational commitment had positive effects on safety behavior and cooperation, and were effective because of all interactions among emotional burnout, safety behavior and cooperation. In conclusion this study convincingly demonstrates that emotional control, empowerment and organizational commitment of controller and engineer are important factors to secure safe operation of trains based on high safety behavior and cooperation behavior.

• Journal of Advanced Navigation Technology
• /
• v.22 no.5
• /
• pp.367-374
• /
• 2018

A trajectory-based scheduling system is proposed for air traffic management using next generation aviation data communication link. Based on the service concept of 4-dimensional trajectory data link (4DTRAD) using air traffic serveices (ATS) datalink Baseline 2, a procedure for trajectory-based operation of an en-route flight is established and described in detail. To mitigate air traffic controllers' workload which might be caused by various and complicated data utilization, a prototype of the scheduling system, which predicts the aircraft trajectory based on the flight intents received by air traffic service system and provides advisory information for air traffic control, was developed. The simulation environment for trajectory based operation was built to validate the scheduling functionality of the prototype.

• Journal of Navigation and Port Research
• /
• v.42 no.6
• /
• pp.453-458
• /
• 2018

The analysis of maritime traffic refers to the processes that are used to analyze the environmental characteristics of the target area and, based on this analysis, predict the traffic pattern of the vessels. In recent years, maritime traffic analysis has become significant with increase maritime traffic volume and expansion of VTS coverage area. In addition, maritime traffic analysis is also applicable in the safety assessment of port facilities and the VTS (Vessel Traffic Service). In this paper, we propose a method to analyze the vessels' traffic pattern by using the heat map and the centroid method. This method is efficient for the analysis of the vessel trajectory data where spatial characteristics change with time. In the experiments, the traffic density and centroid by time have were analyzed. Trajectory data collected at Mokpo harbor was adopted. Finally, we reviewed the experimental results to verify the feasibility of the proposed method as a maritime traffic analysis method.

• Proceedings of the Korean Information Science Society Conference
• /
• 1999.10c
• /
• pp.176-178
• /
• 1999

우편 처리상황 실시간 모니터링 시스템은 우폄 물류처리의 효율적인 인프라를 제공하는 통합 우편물류 실시간 관제 시스템의 구성요소로서, 우편 집중국 및 운송교환센터를 대상으로 우편물량 정보와 운송경로 및 차량추적 정보를 실시간으로 제공한다. 이 논문에서는 우편 처리상황 실시간 모니터링 시스템의 세부 기능과 구조 및 성능에 대하여 설명한다.

• Convergence Security Journal
• /
• v.11 no.6
• /
• pp.3-8
• /
• 2011

Advanced Persistent Threat (APT), aims a specific business or political targets, is rapidly growing due to fast technological advancement in hacking, malicious code, and social engineering techniques. One of the most important characteristics of APT is persistence. Attackers constantly collect information by remaining inside of the targets. Enterprise Security Management (EMS) system can misidentify APT as normal pattern of an access or an entry of a normal user as an attack. In order to analyze this misidentification, a new system development and a research are required. This study suggests the way of forecasting APT and the effective countermeasures against APT attacks by categorizing misidentified data in data-mining through threshold ratings. This proposed technique can improve the detection of future APT attacks by categorizing the data of long-term attack attempts.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2022.11a
• /
• pp.73-75
• /
• 2022

본 논문에서는 자율운항선박의 예측 가능한 운항 경로 상에 잠재된 비상상황을 인식하기 위하여 운항 해역의 항적 정보를 활용한 방안과 이를 기반으로 충돌 위험과 같은 비상위험을 식별하는 프레임워크를 설계하였다. 설계한 프레임워크는 크게 항적 특성 분석 모듈, 항로예측 모듈, 위험 식별 모듈로 구성된다. 항적 특성 분석 모듈에서는 자율운항선박의 운항 해역에 관한 선박들의 항적 정보를 활용하기 위하여, 대상 VTS 관제 영역 내에서 취합된 누적 선박자동식별장치(AIS) 데이터를 이용하여 선박의 항적 특성을 분석하여 데이터베이스(DB)를 생성하였다. 그리고 운항 경로 예측 모듈에서는 누적된 항적 정보와 자율운항선박의 현재 운항 정보를 기반으로 특정 시간 동안의 운항 경로를 예측하기 위한 학습 네트워크 모델을 구성하였다. 마지막으로, 위험 식별 모듈에서는 예측한 운항 경로 상에 최근접점과 최근접점 거리 정보를 이용하여 충돌 위험 가능성이 있는 충돌위험영역을 식별하였다. 설계한 프레임워크는 자율운항선박의 육상 관제소에서 원격 제어를 통해 위험상황을 인지하고 회피할 수 있는 정보를 제공할 수 있음을 실제 항적 데이터를 활용하여 그 결과를 검증하였다.

• Journal of the Korean Society for Railway
• /
• v.13 no.4
• /
• pp.419-424
• /
• 2010

Through the process of state estimation in the electric railway substation, this paper presents a new method for improving the reliability of the measurements corrupted by gauge error. Unlike the case of commercial power systems, it has been difficult to perform the state estimation by using the usual methods in the electric railway substation. At some of the monitoring points in the substation, most often, it is hard to define the measurement functions by use of the states or as we set up a new states set with the change of system topology, some of the measurement functions become part of the states themselves, which leads to poor results. To resolve the problems in the existing method caused by the relations between the states and the measurement functions at the monitoring points, the proposed method in this paper exploits the equality constraints. They can be derived numerously and concisely from the current and the voltage attributes of the Scott transformer and the buses connecting conditions, etc. We have proofed the effectiveness of the proposed method by the test on a standard sample substation.