• The Journal of Korean Institute of Information Technology
• /
• v.17 no.12
• /
• pp.125-134
• /
• 2019

As the limitations of the passive recognition domain, which is not guaranteed transparency of the operation process, AI technology has a vulnerability that depends on the data. Human error is inherent because raw data for artificial intelligence learning must be processed and inspected manually to secure data quality for the advancement of AI learning. In this study, we examine the necessity of learning data management before machine learning by analyzing inaccurate cases of AI learning data and cyber security attack method through the approach from cyber security perspective. In order to verify the learning data integrity, this paper presents the direction of data-preserving artificial intelligence system, a blockchain-based learning data environment model. The proposed method is expected to prevent the threats such as cyber attack and data corruption in providing and using data in the open network for data processing and raw data collection.

• Annual Conference of KIPS
• /
• 2017.04a
• /
• pp.309-311
• /
• 2017

점차 늘어나는 클라우드 서비스 이용률과 더불어 보안 위협 또한 증가하고 공격 방법 또한 다양해지고 있다. 하지만 클라우드 환경에서 보안사고가 발생했을 시 대응을 위한 조치나 정책은 여전히 미흡한 실정이다. 보안사고 대응을 위한 디지털 포렌식에 대한 연구를 통해 많은 해결 방법이 제시되고 있으나 클라우드 환경에서는 가상화 기술이 적용되어 있어 기존의 방법으로 증거의 수집 및 보관에 대한 무결성 증명이 까다롭다. 본 논문에서는 클라우드 서비스 이용자가 제공자로부터 서비스를 제공받는 클라우드 환경에서 보안사고 사후 대응을 위한 신뢰성 있는 데이터 수집 구조를 제안한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.4
• /
• pp.587-596
• /
• 2024

Cyber Attack and Cyber Threat are getting confused and evolved. Therefore, using AI(Artificial Intelligence), which is the most important technology in Fourth Industry Revolution, to build a Cyber Threat Detection System is getting important. Especially, Government's SOC(Security Operation Center) is highly interested in using AI to build SOAR(Security Orchestration, Automation and Response) Solution to predict and build CTI(Cyber Threat Intelligence). In this thesis, We introduce the Cyber Threat Detection System by analyzing Network Traffic and Web Application Firewall(WAF) Log data. Additionally, we apply the well-known TF-IDF(Term Frequency-Inverse Document Frequency) method and AutoML technology to classify Web traffic attack type.

• The Journal of the Convergence on Culture Technology
• /
• v.2 no.4
• /
• pp.77-82
• /
• 2016

IoT technology was selected as one of IT 10 strategic technologies by gartner from 2013 to 2015, and implements advanced smart society while enabling interaction between people and things. Because IoT devices are connected to the Internet, they are involved in issues including exposure of private lives, for example, hacking to result in wireless signal interference, data theft, data modification and forgery and service denial, and critical security issues including threat to national confidential information and facilities. This study aims to suggest a method for examining threats to security through IP exposure of IoT devices and examining related problems to minimize threats to security through IP exposure including exposure of private lives or damages to the national infrastructure system.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.05a
• /
• pp.192-194
• /
• 2022

This paper analyzes the attack method of pastejacking and proposes a clip toaster that can effectively defend it. When programming, developers often copy and paste code from GitHub, Stack Overflow, or blogs. Pastejacking is an attack that injects malicious data into the clipboard when a user copies code posted on the web, resulting in security threats by executing malicious commands that the user does not intend or by inserting dangerous code snippets into the software. In this paper, we propose clip toaster to visualize and alertusers of threats to defend pastejacking that threatens the security of the developer's terminal and program code. Clip Toaster can visualize security threat notifications and effectively detect and respond to attacks without interfering with user actions.

• Convergence Security Journal
• /
• v.24 no.3
• /
• pp.153-163
• /
• 2024

Despite the increasing hacking threats and security threats as IT technology advances and many companies adopt security solutions, cyberattacks and threats still persist for years. APT attack is a technique of selecting a specific target and continuing to attack. The threat of an APT attack uses all possible means through the electronic network to perform APT for years. Zero-day attacks, malicious code distribution, and social engineering techniques are performed, and some of them directly invade companies. These techniques have been in effect since 2000, and are similarly used in voice phishing, especially for social engineering techniques. Therefore, it is necessary to study countermeasures against APT attacks. This study analyzes the attack cases of Korean-based APT groups in Korea and suggests the correct method of using intelligence to analyze APT attack groups.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.1
• /
• pp.155-167
• /
• 2012

Cloud computing service is a next generation IT service which has pay-per-use billing model and supports elastically provisioning IT infra according to user demand. However it has many potential threats originating from outsourcing/supporting service structure that customers 'outsource' their own data and provider 'supports' infra, platform, application services, the complexity of applied technology, resource sharing and compliance with a law, etc. In activation of Cloud service, we need objective assessment standard to ensure safety and reliability which is one of the biggest obstacles to adopt cloud service. So far information security management system has been used as a security standard for a security management and IT operation within an organization. As for Cloud computing service it needs new security management and assessment different from those of the existing in-house IT environment. In this paper, to make a Information Security Management System considering cloud characteristics key components from threat management system are drawn and all control domain of existing information security management system as a control components are included. Especially we designed service security management to support service usage in an on-line self service environment and service contract and business status.

• Convergence Security Journal
• /
• v.23 no.1
• /
• pp.109-115
• /
• 2023

The future outlook for defense faces various and challenging environments such as the acceleration of uncertainty in the global security landscape and limitations in domestic social and economic conditions. In response, the Ministry of National Defense seeks to address the problems and threats through defense innovation based on scientific and technological advancements such as artificial intelligence, drones, and robots. To introduce advanced AI-based technology, it is essential to integrate and utilize data on IT environments such as cloud and 5G. However, existing traditional security policies face difficulties in data sharing and utilization due to mainly system-oriented security policies and uniform security measures. This study proposes a paradigm shift to a data value-based security policy based on theoretical background on data valuation and life-cycle management. Through this, it is expected to facilitate the implementation of scientific and technological innovations for national defense based on data-based task activation and new technology introduction.

• Proceedings of the Korean Information Science Society Conference
• /
• 2001.04a
• /
• pp.865-867
• /
• 2001

최근 활발하게 이루어지고 있는 정보 보안에 관한 연구 및 개발 중 보안 API는 보안 서비스를 제공하는 인터페이스 규격으로서의 중요성이 증대되고 있다. 그러나 대표적인 기존 보안 구조들인 CryptoKi, CryptoAPI, CSSM API, GSS-API, 및 GCS-API등의 보안 API는 응용개발자와 보안 장비 개발자의 편리성 및 독립성 보장 측면에서 다양한 문제점들을 가지고 있는 실정이다. 따라서 본 논문에서는 인터넷 응용환경에서의 신분위장, 통신내용의 도청 및 변조, 의도적인 업무 방해 등 수 많은 위협 요소들로부터의 정보 보호를 위한 사용자 인증, 데이터 기밀성 및 무결성 서비스를 제공하는 다중구조의 CAPI(Cryptographic Application Programming Interface) 보안 서비스 모듈을 설계한다. 설계된 다중구조 CAPI는 사용자 인증, 접근통제 등 상위 어플리케이션 계층에 보안 시스템 서비스 체계를 적용하여 운용 시스템 환경에 따라서 다양하게 개발 및 적용될 수 있다.

• Convergence Security Journal
• /
• v.24 no.1
• /
• pp.3-9
• /
• 2024

Currently, cyberattacks and security threats are constantly evolving, and organizations need quick and efficient security response methods. This paper proposes ways to strengthen internal network security by utilizing Unified Threat Management (UTM) equipment to improve network security and effectively manage and analyze the log data of the internal network collected through these equipment using Elastic Stack (Elasticsearch, Logstash, Kibana, hereinafter referred to as ELK Stack).