• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.5
• /
• pp.1167-1177
• /
• 2019

In this paper, the improved security operation model based on the vulnerability database is studied. The proposed model consists of information protection equipment, vulnerability database, and a dashboard that visualizes and provides the results of interworking with detected logs. The evaluation of the model is analyzed by setting up a simulated attack scenario in a virtual infrastructure. In contrast to the traditional method, it is possible to respond quickly to threats of attacks specific to the security vulnerabilities that the asset has, and to find redundancy between detection rules with a secure agent, thereby creating an optimal detection rule.

• Proceedings of the KAIS Fall Conference
• /
• 2009.12a
• /
• pp.61-65
• /
• 2009

본 논문에서는 정보시스템에서 시스템이 연동될 때 일어나는 잔여 취약점을 분석하고, 그 검증방법에 대해 연구하였다. 광범위하고 정밀한 정보 침해 공격은 정보시스템으로 하여금 시스템끼리 연동하게하였고, 미리 취약점 검증을 받은 시스템이라 할지라도 서로 다른 시스템이 연동되게 되면 잔여 취약점이 발생할 수 있다. 따라서 안전한 정보자산의 사용을 위해서는 정보보호제품과 연동된 정보시스템에 대한 보안성을 평가할 필요할 필요가 있다. 이와 같은 보안성을 평가하기 위해, 시스템 연동 시 어떠한 일이 발생하는지 분석하고 예상되는 잔여 취약점을 추출한다. 그리고 그것을 검증하는 방법에 대해 알아보기로 한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2018.05a
• /
• pp.110-112
• /
• 2018

북한은 소프트웨어 개발기관인 조선콤퓨터센터(KCC)를 설립하고 자체 소프트웨어를 개발하여 사용하고 있다. 조선콤퓨터센터(KCC)는 리눅스 오픈소스 기반의 붉은별 운영체제를 개발하고, 내부 응용프로그램인 서광문서처리체계를 개발하여 사용하고 있다. 이러한 내부문서체계의 보안 취약점을 분석하기 위해 서광문서체계와 유사한 워드프로세스의 CVE 보안 취약점을 분석하고, 서광문서체계의 파일인 ODT 파일의 구조를 분석한다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.7
• /
• pp.1447-1454
• /
• 2012

Recently P2P is the most popular network service on Internet and is applied various areas such as streaming, file sharing and software distribution, but there are many security threats depending on vulnerabilities by P2P network environments. Conceptually P2P network is a overlay network based on Internet, and it has security concerns of itself as well as those of Internet environments. In this paper, we analyze the vulnerabilities and threats for domestic P2P services through various experiments and describe their risk analysis. We expect that this work contributes to new domestic P2P services in consideration of service qualities and security vulnerabilities.

• Journal of the Korea Society of Computer and Information
• /
• v.29 no.9
• /
• pp.61-68
• /
• 2024

In this paper, Generative AI is a technology that creates various forms of content such as text, images, and music, and is being utilized across different fields. In the security sector, generative AI is poised to open up new possibilities in various areas including security vulnerability analysis, malware detection and analysis, and the creation and improvement of security policies. This paper presents a guide for identifying vulnerabilities and secure coding using ChatGPT for security vulnerability analysis and prediction, considering the application of generative AI in the security domain. While generative AI offers innovative possibilities in the security field, it is essential to continuously pursue research and development to ensure safe and effective utilization of generative AI through in-depth consideration of ethical and legal issues accompanying technological advancements.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.1
• /
• pp.145-153
• /
• 2018

SSL (Secure Socket Layer) and TLS (Transport Layer Security) are widely used protocols for secure and encrypted communication over a computer network. However, there have been reported several security vulnerabilities of SSL/TLS over the years. The vulnerabilities can let an adversary carry out critical attacks on SSL/TLS enabled servers. In this paper, we have developed a system which can periodically scan SSL/TLS vulnerabilities on internal network servers and quickly detects, reports and visualizes the vulnerabilities. We have evaluated the system on working servers of Naver services and analyzed detected vulnerabilities. 816 vulnerabilities are found on 213 internal server domains (4.2 vulnerabilities on average) and most vulnerable servers are not opened to public. However, 46 server domains have old vulnerabilites which were found 2016. We could patch and response to SSL/TLS vulnerabilites of servers by leveraging the proposed system.

• Information Systems Review
• /
• v.19 no.3
• /
• pp.201-228
• /
• 2017

Vulnerability information, which can cause serious damage to information assets, has become a valuable commodity, thereby leading to the creation of a vulnerability market. Vulnerability information is traded on the vulnerability market from several hundred dollars to hundreds of thousands of dollars depending on its severity and importance, and the types and scope of the vulnerability markets are varying. Based on previous studies on vulnerability markets and hackers, this study empirically analyzed the effects of the security researcher's vulnerability research motivation on his/her vulnerability market use intention. The results are discussed as follows. First, vulnerability research self-efficacy had a significant effect on flow and on white and black market use intention but not on perceived benefit. Second, flow had a significant effect on perceived benefit and on black market use intention but had no effect on white market use intention. Third, perceived profit had a significant effect on white and black market use intention. Fourth, vulnerability research self-efficacy had a significant effect on perceived benefit through flow. Fifth, flow had a significant effect on white and black market use intention through perceived profit. These findings can be used to predict the behavior of security researchers who have experience in exploiting vulnerabilities.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.11c
• /
• pp.1921-1924
• /
• 2003

최근 무선 네트워크의 이용이 증가하고 있다. 일반적으로 무선 네트워크 환경은 유선 네트워크 환경 보다 취약한 것으로 알려져있다. 본 논문에서는 무선랜 취약점과 이동 단말 운영체제 취약점 분석에 단위 취약성과 복합 취약성을 이용한 취약점 분석 방법을 적용하여본다. 단위 취약성 분석 방법은 Bishop의 가설을 바탕으로 보안 취약성 평가를 위한 시뮬레이션에 적용할 수 있도록 구체화한 것이다. 이를 통하여 단위 취약성 분석방법이 무선 환경까지 적용가능한지를 알아보고, 그 특성을 알아본다.

• KIISE Transactions on Computing Practices
• /
• v.21 no.11
• /
• pp.721-726
• /
• 2015

This paper shows secure coding rules for PHP programs. Programmers should comply with these rules during development of their programs. The rules are crafted to restrain 28 weaknesses that are composed of 22 corresponding to reported CVEs of PHP, the children of CWE-661 for PHP, and the top 5 weaknesses according to OWASP. The rule set consists of 28 detailed rules under 14 categories. This paper also demonstrates through examples that programs complying with these rules can curb weaknesses. The rules can also serve as a guideline in developing analysis tools for security purposes.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.11
• /
• pp.94-103
• /
• 2017

As automatic hacking tools and techniques have been improved, the number of new vulnerabilities has increased. The CVE registered from 2010 to 2015 numbered about 80,000, and it is expected that more vulnerabilities will be reported. In most cases, patching a vulnerability depends on the developers' capability, and most patching techniques are based on manual analysis, which requires nine months, on average. The techniques are composed of finding the vulnerability, conducting the analysis based on the source code, and writing new code for the patch. Zero-day is critical because the time gap between the first discovery and taking action is too long, as mentioned. To solve the problem, techniques for automatically detecting and analyzing software (SW) vulnerabilities have been proposed recently. Cyber Grand Challenge (CGC) held in 2016 was the first competition to create automatic defensive systems capable of reasoning over flaws in binary and formulating patches without experts' direct analysis. Darktrace and Cylance are similar projects for managing SW automatically with artificial intelligence and machine learning. Though many foreign commercial institutions and academies run their projects for automatic binary analysis, the domestic level of technology is much lower. This paper is to study developing automatic detection of SW vulnerabilities and defenses against them. We analyzed and compared relative works and tools as additional elements, and optimal techniques for automatic analysis are suggested.