• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.10a
• /
• pp.333-336
• /
• 2022

With the development of IT technology, cybercrime is becoming sophisticated and intelligent. In particular, in the case of BackDoor, which is used in the APT attack (intelligent continuous attack), it is very important to detect malicious behavior and respond to infringement because it is often unaware that it has been damaged by an attacker. This paper aims to build an EDR platform that can monitor, analyze, and respond to malicious behavior in real time by collecting, storing, analyzing, and visualizing logs in an endpoint environment in real time using open source-based analysis solutions ELK Stack and Sysmon.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.04a
• /
• pp.850-852
• /
• 2002

일반 어플리케이션 형태의 커널 백도어가 커널의 일부로 수행되는 커널 모듈 형태의 백도어로 변화함에따라, 기존의 백도어 탐지 기술로는 이에 대처할 수 없게되었다. 이에 최근 커널 백도어에 대웅하여 Chkrootkit, Kstat등의 백도어 탐지 툴이 개발되어 사용되고 있지만, 이러한 툴들은 커널 백도어 설치여부 추정이나 탐지 수준으로 예방이나 발견후의 대응은 어려운 실정이다. 이에 본 논문에서는 커널 백도어의 예방, 탐지 및 복구 기술을 제시하고, 제시한 기술을 바탕으로 구현한 커널 백도어 대응 시스템을 보인다. 이 시스템은 커널 모듈의 선택적 로딩으로 커널 백도어를 예방하며, 커널에 보안 시스템 콜을 추가하여 커널 백도어 행위 탐지 및 복구 기능을 함으로써 커널 백도어에 대해 종합적이고 실시간적인 대응을 가능하게 한다

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.04a
• /
• pp.474-476
• /
• 2015

U-Healthcare는 언제 어디서나 환자의 생체 건강을 관리하고 유지할 수 있도록 하는 정보통신기술이다. U-Healthcare통신은 대부분 무선통신을 사용하여 검진 결과나 위급 시에 감지된 환자의 정보를 병원 서버로 전송한다. 이 때 U-Healthcare기기나 병원 서버에 악의적인 행위자가 DDoS공격을 하면 환자의 정보는 병원서버까지 전송되지 못해 병원의 도움을 받을 수 없는 상황이 발생된다. 이에 대응하기 위하여 본 논문은 U-Healthcare 통신 공격 패턴과 시나리오를 빅데이터로 구축한다. 그 후 악의적인 사용자가 U-Healthcare기기나 서버를 공격하면 DB와 연동하여 일치된 공격을 막을 수 있다. 앞으로 원격의료 서비스에서 나타날 수 있는 보안 위협을 알아보고, 빅데이터를 활용하여 보안 위협에 대응할 수 있는 방법을 제안한다.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2019.01a
• /
• pp.115-118
• /
• 2019

무선 센서 네트워크(Wireless Sensor Network)는 낮은 배터리, 짧은 통신거리 등의 제한된 센서들의 성능에 기인하여 내부자공격(insider attacks)에 취약한 것으로 알려져 있는데, 내부자 공격에 대응하기 위한 대표저인 방법으로 노드들의 행위 관찰하여 신뢰도를 평가하고 낮은 신뢰도를 갖는 노드들을 제거하는 신뢰메커니즘(Trust Mechanism: TM)이 있다. TM은 평가노드 자신의 직접관찰 정보뿐만 아니라 이웃노드의 간접관찰 정보를 함께 고려하도록 발전되어 왔는데, False-Praise 공격은 의도적으로 거짓 관찰 정보를 평가노드에게 제공하여 TM의 신뢰도 평가 프로세스의 신뢰성을 훼손하는 지능적 공격이다. 본 논문에서는 False-Praise 공격에 대응을 위한 합의 알고리즘을 기반의 개선된 TM 제안하고, 실험을 통해 제안 체계의 성능과 효과를 검증한다.

• Journal of Digital Convergence
• /
• v.12 no.6
• /
• pp.23-34
• /
• 2014

The objective for this research is to analyze the origin of the outbreak of a policy dilemma in the government's pursuance of policy aimed at tackling internet addiction among teenagers, as well as analyzing responsive strategy. Therefore, within this research and as the model of the dilemma being the analytical frame, the aspect of the dilemma has been analyzed through the transformation of contexts, conditions, policy values, alternatives, policy actors and policy decision makers. The major research results are as follows. First, each and every dilemma of 'transformation of context and condition', 'policy value and alternatives', 'policy actors' and 'policy decision makers' in processes of policy in preventing and resolving adolescent internet addiction, it acted as a decisive cause in forming the general dilemma of the policy. Second, the government's strategy in policy response within the policy dilemma conditions turned out to be a duplication of policy, occurrence of contradictions, typical response strategy and cyclical choices. Given these factors, the following characteristics have shown up as a result. First, as the problems in duplication of policy and contradictions occurred within a single policy, the government responded to this dilemma in a typical way, which brought about an even more serious dilemma. Second, the government put in effort to re-regulate two values (protection of adolescents and promotion of the video game industry), which are included in the response policy of adolescent Internet addiction. As a result, the policy dilemma has weakened with respect to the past. However, it has not solved the fundamental problems. This research, taking the results as a background, strives to provide implications for establishing a self-consistent groundwork, which combines policy values and vision for the government to pursue effective responsive policy on adolescent internet addiction, which is becoming more and more severe in the information society in which we live.

• Proceedings of KOSOMES biannual meeting
• /
• 2007.11a
• /
• pp.61-67
• /
• 2007

With an entering into force of OPRC-HNS started in June 14th 2007, establishment of response system in a nationwide scale to take care of accidents is required to respond rapidly and effectively. This necessities drove us to analyze national contingency plan for chemicals including national response system against accidents, which is in operation in the US. Main characteristics of the system are well described as an integrated incident command system with a cooperation of responsibilities facilities, manpower, and technical support. In addition, state anψor local authorities tend to have responsibilities on management of disaster with its response activities. Polluters are also charged to pay expenses 3 times expensive provided state or local authorities are conducted. In general, response activities are conducted by private sectors. However, the government will take action with Superfund if the response capacity is over than the polluters can. However, safety are regarded as a primary factor to be considered in the response activities, and try not to recover any pollutants. Personals belonging to USCG and EPA are required to complete specialized courses to promαe professional skills, and are also welcomed to participate in "certification program"

• (The) Research of the performance art and culture
• /
• no.18
• /
• pp.103-136
• /
• 2009

This study analyzed the aspect of action and mean in Japsaeknorum. Secondly, this study contrasted Japsaeknorum with Mime. Thirdly, the characteristics of gestures in Japsaeknorum were analyzed. The results, obtained by those steps are subordination, hostility, cultural control, the comic characteristics by situation, functional role, the sublation of competition and conflict, the variation of subordination and deviation, the end of subordination and deviation. The korean mime is a heritage of Western culture. But in the history of korean mime, it make every effort to seek the korean form of mime. Therefore, this study is very helpful to seek such a way.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.5
• /
• pp.177-183
• /
• 2012

There occur various crimes in cyber space hiding behind anonymity to avoid punishment by criminal law. One of the most serious crimes committed in cyber space is defamation against others under the cloak of freedom of expression. The infringements by defamations in cyber space are made all of a certain and widespread that the victims have no time to react, and for that reason, the shocks by the defamation are much serious and severe compared with that committed in off line. However, press and publication shouldn't infringe on other's honors, right, public order or social ethics in liberal democrat society which values much the human dignities and values as stipulated in Article 21 section 4 of the Constitution. Protection of personal honor is also the basic rights guaranteed by the Constitution as much as the freedom of expression, and by extension, such harmful behaviour shouldn't be included in the freedom of expression area. In this way, slander can be considered as the minimum limitation of the freedom of expression.

• Journal of KIISE
• /
• v.42 no.3
• /
• pp.295-306
• /
• 2015

MOnCa2 is a framework for building intelligent smartphone applications based on smartphone sensors and ontology reasoning. In previous studies, MOnCa determined and inferred user situations based on sensor values represented by ontology instances. When this approach is applied, recognizing user space information or objects in user surroundings is possible, whereas determining the user's physical context (travel behavior, travel destination) is impossible. In this paper, MOnCa2 is used to build recognition models for travel behavior and routes using smartphone sensors to analyze the user's physical context, infer basic context regarding the user's travel behavior and routes by adapting these models, and generate high-level context by applying ontology reasoning to the basic context for creating intelligent applications. This paper is focused on approaches that are able to recognize the user's travel behavior using smartphone accelerometers, predict personal routes and destinations using GPS signals, and infer high-level context by applying realization.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.5
• /
• pp.103-117
• /
• 2009

In MANET(Mobile Ad-Hoc Network), providing security to routing has been a significant issue recently. Existing studies, however, focused on either of secure routing or packet itself where malicious operations occur. In this paper, we propose SRPPnT(A Secure Routing Protocol in MANET based on Malicious Pattern of Node and Trust Level) that consider both malicious behavior on packet and secure routing. SRPPnT is identify the node where malicious activities occur for a specific time to compose trust levels for each node, and then to set up a routing path according to the trust level obtained. Therefore, SRPPnT is able to make efficient countermeasures against malicious operations. SRPPnT is based on AODV(Ad-Hoc On-Demand Distance Vector Routing). The proposed SRPPnT, from results of the NS-2 network simulation. shows a more prompt and accurate finding of malicious nodes than previous protocols did, under the condition of decreased load of networks and route more securely.