• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 2019.11a
• /
• pp.14-16
• /
• 2019

스마트관제 시스템은 딥러닝 서버내 학습된 백본 네트워크 모델이 실시간으로 스트리밍 되는 CCTV 영상으로부터 이상행동 패턴을 선별적으로 탐지하고 관제요원에게 전달하여, 사전에 사건사고를 예방하거나 즉시 대응 체계의 유연한 운영을 가능케하는 시스템이다. 최근 지능형 CCTV(Closed Circuit Television) 서비스가 일부 지역에 선별 관제의 형태로 시범적으로 운영되고 있는 상황이다. 지능형 시범서비스는 공공 영역에서 선별 CCTV 관제의 형태로 이상행동 상황을 즉각 인지하여 사건사고를 예방하거나 피해를 최소화하고자 하는 목적으로 주로 사용되고 있다. 그러나, 범죄 등의 특정 시나리오에만 한정해서도 이상 행동 유형이 너무나 다양하기 때문에 이상행동 영상의 사전분류(Annotation)를 통해 딥러닝 모델을 학습시키는 것이 현실적으로 어려운 상황이다. 따라서 본고에서는 최신 이상 행동 탐지(Anomaly detection) 알고리즘과 응용사례를 분석하여 실제 현장에 적용할 수 있는 현장 중심의 기법을 제안하고자 한다.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2014.01a
• /
• pp.377-378
• /
• 2014

컴퓨터 시스템을 기반으로 이루어지는 범죄 행위로부터 법적인 보호를 받기 위해 관련 법안이 개정되고 이를 수용하기 위한 컴퓨터 포렌식 지원 기술이 다각도로 연구되고 있다. 그러나 시스템 침해자의 시스템 공격 후 본인 흔적을 지우고 나가는 경우 침해자 추출이 어렵다. 또한 휘발성 정보의 손실이 발생하며 디스크에 저장된 비휘발성 정보의 경우 파일의 삭제 및 생성에 의해 디스크 저장영역의 중복된 사용으로 완전한 정보를 추출하는데 문제를 가지고 있다. 이러한 문제를 해결하기 위해 본 연구에서는 시스템 침해자의 공격 형태 및 상황, 환경을 유추하기 위해 행위자를 중심으로 휘발성의 정보를 수집하여 공격 당시의 시나리오의 재현이 가능한 컴퓨터시스템 블랙박스를 설계하였다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2001.10a
• /
• pp.649-651
• /
• 2001

컴퓨터 통신망의 발달로 인해 인터넷은 국가와 사회의 중요한 정보기반으로 자리잡고 있다. 이에 따른 부작용으로 해킹 사고도 단순 과시형에서 범죄적 동기를 갖는 추세로 가고 있으며 이에 대한 대응 또한 능동적이어야 한다는 요구가 제기되고 있다. 본 논문에서는 해킹 사고에 보다 능동적으로 대응할 수 있는 시스템의 설계를 소개한다. 이 시스템은 자율성을 갖고, 시스템의 확장, 변경에 대해 탄력적으로 대처할 수 있게 하기 위해서 멀티 에이전트 시스템으로 구성하였다. 본 논문에서는 상위 레벨에 해킹 대응 시나리오에 따른 각 에이전트의 활동 및 상호 협력 관계에 대해서 기술한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2014.04a
• /
• pp.802-805
• /
• 2014

본 연구에서는 스마트 디바이스를 이용하여 보행자의 상태를 감지하여 필요한 사용자의 정보에 대해 얻는 방법을 제안하고, 이를 분석하는 모델을 연구하여 예방 방안을 제공하는 서비스를 제안하였다. 분석 모델을 Sensing, Thinking, Action의 세 단계로 나누어 분류한 세부적인 수행 순서를 정하였다. Sensing 단계에서 센서, 디바이스, 어플리케이션 등을 통해 사용자에 대한 있는 그대로의 정보를 받아들여 디바이스가 인식하게 하고, 이를 분석해 사용자의 상태 및 상황에 대해 Thinking하고, 그에 맞는 Action을 취한다. 본 논문에서는 분석 모델의 정해진 수행 순서에서의 기능들을 설명하고, 그에 맞는 예상 구현 시나리오를 제시하였다.

• Convergence Security Journal
• /
• v.23 no.3
• /
• pp.37-47
• /
• 2023

The growth of the metaverse has been accelerated by the increased demand for non-face-to-face interactions due to COVID-19 and advancements in technologies such as blockchain and NFTs. However, with the emergence of various metaverse platforms and the corresponding rise in users, criminal cases such as ransomware attacks, copyright infringements, and sexual offenses have occurred within the metaverse. Consequently, the need for artifacts that can be utilized as digital evidence within metaverse systems has increased. However, there is a lack of information about artifacts that can be used as digital evidence. Furthermore, metaverse security evaluation and forensic analysis are also insufficient, and the absence of attack scenarios and related guidelines makes forensics challenging. To address these issues, this paper presents artifacts that can be used for user behavior analysis and timeline analysis through dynamic analysis of Roblox, a representative metaverse gaming solution. Based on analyzing interrelationship between identified artifacts through memory forensics and log file analysis, this paper suggests the potential usability of artifacts in metaverse crime scenarios. Moreover, it proposes improvements by analyzing the current legal and regulatory aspects to address institutional deficiencies.

• Fire Science and Engineering
• /
• v.20 no.2 s.62
• /
• pp.21-30
• /
• 2006

Since Daegu subway arson fire disaster in 2003, there have been several copycat crimes such as at Seoul Metro line number seven and Hongkong Chuiwan line cases. Oil and gas were used for fire propagation in most cases as in Daegu case and such fire could be expanded to a whole subway cabin within several minutes. The fire may eventually cause the whole subway system stop. Fire damage can be minimized when fire occurrence and diffusion are blocked by stages or isolated rapidly. This study suggests an effective early response system that separates passengers from fire and a real-time fire extinguishment program by stages. Based on the subway arson case studies, the early response scenario has been structured by three stages, i.e., confirmation of fire and damage, early fire extinguishment, and information dissemination and passengers evacuation.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.14 no.3
• /
• pp.208-214
• /
• 2021

Recently, much of the intelligent security scenario and criminal investigation demands for matching photo and non-photo. Existing face recognition system can not sufficiently guarantee these needs. In this paper, we propose an algorithm to improve the performance of heterogeneous face recognition systems by reducing the different modality between sketches and photos of the same person. The proposed algorithm extracts each image's texture features through texture descriptors (gray level co-occurrence matrix, multiscale local binary pattern), and based on this, generates a transformation matrix through eigenfeature regularization and extraction techniques. The score value calculated between the vectors generated in this way finally recognizes the identity of the sketch image through the score normalization methods.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.7
• /
• pp.474-484
• /
• 2019

In this age, where the social environment is changing rapidly and unpredictably, interest in safety from crime is increasing in Korean society. As the desire to live a life free from the fear of crime increases, interest in the construction of safe cities is also rising nationwide. To meet the national demand, the Korean government is promoting a project to link public disaster safety systems by involving municipalities, 112, 119, and other emergency services and institutions through the Smart City Integrated Platform in order to construct a smart safety net. This study investigates the linking of theSmart City Integrated Platform and theIntelligent Security Project. The results are as follows. 1. The linkage's objective is clear. 2. The system sector can provide information to accident-related organizations. 3. The scenario area can be expanded to a crime-prevention sector, and a long-term urban information integration infrastructure can be created. 4. Product testing is enabled by a smart city road map and through continuous consultation with relevant organizations. 5. Project diffusion to other local governments can be promoted with the continued addition of commercial products.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.6
• /
• pp.43-54
• /
• 2016

The occurrence of cyber crime is on the rise every year, and the security control center, which should play a crucial role in monitoring and early response against the cyber attacks targeting various information systems, its importance has increased accordingly. Every endeavors to prevent cyber attacks is being attempted by information security personnel of government and financial sector's security control center, threat response Center, cyber terror response center, Cert Team, SOC(Security Operator Center) and else. The ordinary method to monitor cyber attacks consists of utilizing the security system or the network security device. It is anticipated, however, to be insufficient since this is simply one dimensional way of monitoring them based on signatures. There has been considerable improvement of the security control system and researchers also have conducted a number of studies on monitoring methods to prevent threats to security. In accordance with the environment changes from ESM to SIEM, the security control system is able to be provided with more input data as well as generate the correlation analysis which integrates the processed data, by extraction and parsing, into the potential scenarios of attack or threat. This article shows case studies how to detect the threat to security in effective ways, from the initial phase of the security control system to current SIEM circumstances. Furthermore, scenarios based security control systems rather than simple monitoring is introduced, and finally methods of producing the correlation analysis and its verification methods are presented. It is expected that this result contributes to the development of cyber attack monitoring system in other security centers.

• Journal of Internet Computing and Services
• /
• v.12 no.5
• /
• pp.47-61
• /
• 2011

Recently, the importance of digital forensic has been magnified because of the dramatic increase of cyber crimes and the increasing complexity of the investigation of target systems such as PCs, servers, and database systems. Moreover, some systems have to be investigated with live forensic techniques. However, even though live forensic techniques have been improved, they are still vulnerable to anti-forensic activities when the target systems are remotely accessible by criminals or their accomplices. To solve this problem, we first suggest a layer-based model and the anti-forensic scenarios which can actually be applicable to each layer. Our suggested model, the Anti-Forensic Activites layer-based model, has 5 layers - the physical layer, network layer, OS layer, database application layer and data layer. Each layer has possible anti-forensic scenarios with detailed commands. Second, we propose a fuzzy expert system for effectively detecting anti-forensic activities. Some anti-forensic activities are hardly distinguished from normal activities. So, we use fuzzy logic for handling ambiguous data. We make rule sets with extracted commands and their arguments from pre-defined scenarios and the fuzzy expert system learns the rule sets. With this system, we can detect anti-forensic activities in real time when performing live forensic.