• Annual Conference of KIPS
• /
• 2023.11a
• /
• pp.190-192
• /
• 2023

카카오 데이터 센터 화재 사건이나 콜로니얼 파이프라인 해킹 사건과 같이 시스템에 대한 다양한 공격이나 사고가 발생하고 이로 인하여 중요한 필수 서비스가 중단되는 문제가 발생하고 있다. 이러한 문제를 해결하기 위하여 사이버 복원력이 관심을 받고 있다. 사이버 복원력은 사이버 보안에 추가해서 예측, 내구, 회복, 적응의 목적을 가진다. 이 논문에서는 사이버 복원력이 무엇인지 소개하고 사이버 복원력을 기술적인 관점에서와 제도적인 관점에서 소개한다.

• Annual Conference of KIPS
• /
• 2007.05a
• /
• pp.1137-1139
• /
• 2007

본 논문에서는 다중고유얼굴 기반의 퍼지볼트를 이용하는 인증기법을 제안하였다. 다중고유얼굴을 형성하기 위한 중요정보는 사용자의 스마트카드에 저장하며, 이 정보들은 공유하려는 비밀정보 및 비밀키를 안전하게 보호하기위한 퍼지볼트 스킴에 적용하여 기존의 퍼지볼트 기반의 인증 프로토콜보다 한층 강화된 보안성을 확보하는 방안을 연구였다.

• Annual Conference of KIPS
• /
• 2024.10a
• /
• pp.143-144
• /
• 2024

네트워크 트래픽이 최근 급격히 증가하면서, 전통적인 CPU 기반의 패킷 처리 방식은 성능의 한계에 직면하고 있다. 이러한 문제를 해결하기 위해 SmartNIC은 네트워크 처리를 CPU로부터 오프로드하여 시스템 전체의 성능을 향상시키는 데 중요한 역할을 한다. 그리하여 네트워크 서비스를 SmartNIC로 오프로드 하여 CPU 점유율을 줄이고 시스템의 효율성을 높이는 데 큰 이점을 제공한다. 본 논문에서는 NVIDIA의 DOCA와 AMD의 SSDK를 소개하며, SmartNIC에서 구현된 다양한 보안 서비스들을 살펴보고자 한다.

• Journal of Technology Innovation
• /
• v.23 no.1
• /
• pp.1-36
• /
• 2015

The purpose of this research is to find individual user's preference for cloud storage service such as Daum Cloud, Naver N-Drive, GoogleDrive, Dropbox, SkyDrive and iCloud. Through literature reviewed and pilot tests, 6 attributes of cloud storage service (storage capacity, perceived cost, collaboration, accessibility, social influence and perceived security) were selected and all 6 attributes had significant effects on the preference of cloud storage service by conjoint analysis. The results shows that the user's willingness to pay is estimated 10,553 won for the free storage, 4,646 won for the function for mobile accessibility, and 2,443 won for more reliable cloud computing service provider. This study has significance to apply conjoint analysis with economic, technological, and environmental factors to cloud storage service (SaaS) and shed light on policy promotion of next generation of cloud computing ecosystem by user perception with willingness to pay on the storage service.

• The KIPS Transactions:PartC
• /
• v.15C no.6
• /
• pp.573-586
• /
• 2008

The improved performance and miniaturization of computer and the improvement of wireless communication technology have enabled the emergence of many high quality services. Among them multicast services are receiving much attention and their usage is increasing due to the increase of Internet multimedia services such as video conference, multimedia stream, internet TV, etc. Security plays an important role in mobile multicast services. In this paper, we proposed a secure multicast protocol for a hierarchical micro-mobility environment. The proposed secure multicast protocol provides security services such as authentication, access control, confidentiality and integrity using mechanisms including symmetric/asymmetric key crypto-algorithms and capabilities. To provide forward/backward secrecy and scalability, we used sub-group keys based on the hierarchical micro-mobility environment. With this security services, it is possible to guard against all kinds of security attacks performed by illegal mobile nodes. Attacks executed by internal nodes can be thwarted except those attacks which delete packet or cause network resources to be wasted. We used simulator to measure the performance of proposed protocol. As a result, the simulation showed that effect of these security mechanisms on the multicast protocol was not too high.

• Journal of the Korea Convergence Society
• /
• v.8 no.9
• /
• pp.1-7
• /
• 2017

As the network environment develops and speeds up, a lot of smart devices is developed, and a high-speed smart society can be realized while allowing people to interact with objects. As the number of things Internet has surged, a wide range of new security risks and problems have emerged for devices, platforms and operating systems, communications, and connected systems. Due to the physical characteristics of IoT devices, they are smaller in size than conventional systems, and operate with low power, low cost, and relatively low specifications. Therefore, it is difficult to apply the existing security solution used in the existing system. In addition, IoT devices are connected to the network at all times, it is important to ensure that personal privacy exposure, such as eavesdropping, data tampering, privacy breach, information leakage, unauthorized access, Significant security issues can arise, including confidentiality and threats to facilities. In this paper, we investigate cases of security threats and cases of network of IoT, analyze vulnerabilities, and suggest ways to minimize property damage by Internet of things.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.5
• /
• pp.871-883
• /
• 2014

New types of attacks that mainly compromise the public, portal and financial websites for the purpose of economic profit or national confusion are being emerged and evolved. In addition, in case of 'drive by download' attack, if a host just visits the compromised websites, then the host is infected by a malware. Website falsification detection system is one of the most powerful solutions to cope with such cyber threats that try to attack the websites. Many domestic CERTs including NCSC (National Cyber Security Center) that carry out security monitoring and response service deploy it into the target organizations. However, the existing techniques for the website falsification detection system have practical problems in that their time complexity is high and the detection accuracy is not high. In this paper, we propose website falsification detection system based on image and code analysis for improving the performance of the security monitoring and response service in CERTs. The proposed system focuses on improvement of the accuracy as well as the rapidity in detecting falsification of the target websites.

• Journal of the Society of Disaster Information
• /
• v.17 no.4
• /
• pp.897-903
• /
• 2021

Purpose: Recently, ransomware damage that encrypts victim's data through hacking and demands money in exchange for releasing it is increasing domestically and internationally. Accordingly, research and development on various response technologies and solutions are in progress. Method: A secure storage area and a general storage area were created in the same virtual environment, and the sample data was saved by registering the access process. In order to check whether the stored sample data is infringed, the ransomware sample was executed and the hash function of the sample data was checked to see if it was infringed. The access control performance checked whether the sample data was accessed through the same name and storage location as the registered access process. Result: As a result of the experiment, the sample data in the secure storage area maintained data integrity from ransomware and unauthorized processes. Conclusion: Through this study, the creation of a secure storage area and the whitelist-based access control method are evaluated as suitable as a method to protect important data, and it is possible to provide a more secure computing environment through future technology scalability and convergence with existing solutions.

• Korean Chemical Engineering Research
• /
• v.60 no.4
• /
• pp.492-498
• /
• 2022

Process control systems used in most domestic petrochemical corporates today are based on the Windows platforms. As technology leans toward opened environment, the exposure risk of control systems is increasing. However, not many companies are preparing for various cyberattacks due to lack of awareness and misunderstanding of cyber intrusion. This study investigated the extent of how much exposed the petrochemical process control system is to security threats and suggested practical measures to reduce OT cybersecurity vulnerabilities. To identify the cyber threat status of process control systems, vulnerabilities of the Windows platform, a principal cyber threat factor, have been analyzed. For research, three major DCS providers in Korea and the discontinuation of Windows platform of 635 control systems were investigated. It was confirmed that 78% of the survey subjects were still operating in the discontinued windows platforms, and those process control systems were operated in a state vulnerable to cyber intrusions. In order to actively cope with these cyber threats, legal regulations such as designation of critical infrastructure for major petrochemical facilities which is implemented in advanced countries such as the United States are needed. Additionally, it is necessary to take the initiative in eradicating security threats to the process control systems by aggressively introducing security solutions provided from existing DCS suppliers. This paper was submitted to Professor Ko JaeWook's retirement anniversary issue.

• Proceedings of the Korean Information Science Society Conference
• /
• 2005.11a
• /
• pp.82-84
• /
• 2005

기존의 웜 탐지는 중요한 네트워크 소스의 폭주라 스위치 라우터 및 말단 시스템에서의 변동 효과를 가지고 공격을 판단했었다. 하지만 최근의 인터넷 웜은 발생 초기에 대응하지 못하면 그 피해의 규모가 기하급수적으로 늘어난다. 또한 방어하기가 어려운 서비스 거부 공격을 일으킬 수 있는 간접 공격의 주범이 될 수 있다는 정에서 웜의 탐지와 방어는 인터넷 보안에 있어서 매우 중요한 사안이 되었다. 본 논문에서는 이미 알려진 공격뿐 아니라 새로운 웜의 스캐닝 공격을 탐지하기 위하여, 패턴 분류 문제에 있어서 우수한 성능을 보이는 Support Vector Machine(SVM)[1]을 사용하여 인터넷 웜의 스캐닝 공격을 탐지하는 시스템 모델을 제안한다.