• Journal of the Korea Convergence Society
• /
• v.10 no.12
• /
• pp.17-22
• /
• 2019

Network attack analysis and visualization methods using network traffic session data detect network anomalies by visualizing the sender's and receiver's IP addresses and the relationship between them. The traffic flow is a critical feature in detecting anomalies, but simply visualizing the source and destination IP addresses symmetrically from up-down or left-right would become a problematic factor for the analysis. Also, there is a risk of losing timely security situation when designing a visualization interface without considering the temporal characteristics of time-series traffic sessions. In this paper, we propose a visualization interface and analysis method that visualizes time-series traffic data by using the radial axis, divide IP addresses into network and host portions which then projects on the cylindrical coordinate system that could effectively monitor network attacks. The proposed method has the advantage of intuitively recognizing network attacks and identifying attack activity over time.

• Journal of National Security and Military Science
• /
• s.9
• /
• pp.207-240
• /
• 2011

There are many information assurance schemes(i.e., evaluation criteria and methodology) for security assurance of information systems, since the security is one of the most important characteristics in the modem information systems. However, there are confusions among schemes and redundancies of assurance. In this paper, we survey and classify conventional information assurance schemes by view points of assurance targets, life-cycles and nations. We propose three new information assurance schemes as the result of survey. Those are as follows: the schemes of the assurance on the requirement itself which is evaluated and certificated after standardizing the security requirements about the organizations and the applications, on the developing information system, and on the accreditation and certification about new information system. This will be helpful to set up a security assurance of National Defense.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.11
• /
• pp.139-146
• /
• 2020

Cloud computing technology provides economic and efficient system operation and management features to deal with rapidly changing IT technologies. However, this is less used in institutes and companies due to low security of cloud computing service. It is recognized that storing and managing important information, which is confidential in external systems is vulnerable to security threats. In order to enhance security of this cloud computing service, this paper suggests a system and user authentication reinforcement model. The suggested technology guarantees integrity of user authentication information and provides users with convenience by creating blocks for each cloud service and connecting service blocks with chains. The block chain user authentication model offers integrity assurance technology of block chains and system access convenience for SSO users. Even when a server providing cloud computing is invaded, this prevents chained invasions not to affect other systems.

• Journal of Convergence for Information Technology
• /
• v.7 no.3
• /
• pp.91-96
• /
• 2017

IoT which is an abbreviation of Internet of Things refers to the communication network service among various objects such as people-people, objects-objects interconnection. The characteristic of IoT that enables direct connection among each device makes security to be considered as more emphasized factor. Though a security module such as an authentication protocol for resolving various security problems that may occur in the IoT environment has been developed, some weak points in security are still being revealed. Therefore, this paper proposes a method for including a protocol including gateway authentication procedure and mutual authentication between the devices and gateways. Protocols with additional authentication procedures can appropriately respond to attackers' spoofing attacks. In addition, important information in the message used for authentication process is protected by encryption or hash function so that it can respond to wiretapping attacks.

• Journal of Advanced Navigation Technology
• /
• v.22 no.5
• /
• pp.391-399
• /
• 2018

V2X communication is a technology in which a vehicle exchanges information with various entities such as other vehicles, infrastructure, networks, pedestrians, etc. through a wired or wireless network. Recently, V2X communication technology has been steadily developed and recently it has played an important role in autonomous cooperation driving technology combined with autonomous vehicle technology. Autonomous vehicles can utilize the external information received via V2X communication to extend the recognition range of existing sensors and to support more safe and natural autonomous driving. In order to operate these autonomous cooperative vehicles on public roads, the security and reliability of autonomous V2X communication should be verified in advance. In this paper, we present test scenarios and test procedures of secure V2X communication for cooperative automated driving and present verification results.

• Smart Media Journal
• /
• v.9 no.3
• /
• pp.71-79
• /
• 2020

Mobile network is used by many users worldwide for diverse services, including phone-call, messaging and data transfer over the Internet. However, this network may experience massive damage if it is exposed to cyber-attacks or denial-of-service attacks via wireless communication interference. Because the mobile network is also used as an emergency network in cases of disaster, evaluation or verification for security and safety is necessary as an important nation-wide asset. However, it is not easy to analyze the mobile core network because it's built and serviced by private service providers, exclusively operated, and there is even no separate network for testing. Thus, in this paper, a virtual mobile network is built using OpenAirInterface, which is implemented based on 3GPP standards and provided as an open source software, and the structure and protocols of the core network are analyzed. In particular, the S1AP protocol messages captured on S1-MME, the interface between the base station eNodeB and the mobility manager MME, are analyzed to identify potential security threats by evaluating the effect of the messages sent from the user terminal UE to the mobile core network.

• Journal of Internet Computing and Services
• /
• v.2 no.3
• /
• pp.51-62
• /
• 2001

Recently, as computers and networks become popular, distributing information on the Internet is common In our daily life. also, the explosion of the Internet. of wireless digital communication and data exchange on Internet has rapidly changed the way we connect with other people. The e-mail has been commonly used by users as well recognizing It as the standard of manners among users on the Internet. In the past, e-mail has been the primary choice of exchanging Information, but secure mail is gaining popularity abroad and domestically because of their nature of providing security. That is. it has been used a variety of fields such as general mail and e-mail for advertisement. But, As the data transmitted on network can be easily opened or forged with simple operations. most of existing e-mail system don't have any security on the transmitted information. Thus. security mail system need to provide security including message encryption, content Integrity, message origin authentication, and non-repudiation. In this paper, we design implement secure mail system with non-repudiation service and encryption capability to provide services for certification of delivery and certification of content as well as the basic security services. API.

• Journal of Internet Computing and Services
• /
• v.3 no.1
• /
• pp.61-69
• /
• 2002

Big-bang growth of Internet and World Wide Web is supplying much information and resources to network. However, use of internet resources is receiving many limitations by bandwidth for most users. But, through Applet way, can solve degradation problem that follow on static side and bandwidth of CGI that HTML has. Mobile Agent starts in user's computer to accomplish user's specification purpose and achieves work rooving network. Because code that can perform so is transmitted, and is achieved in network through network, important problem happens to mobile code's security naturally. In computing environment that this research uses this Mobile Agent way that can protect host and agent groping report, describe problem that happen composing Mobile Agent relationship concept and Mobile Agent, and do so that may present method that is studying to solve these problem, and use method that application is possible actually among presented method and design transfer agent's security system.

• Convergence Security Journal
• /
• v.7 no.2
• /
• pp.119-128
• /
• 2007

Since the internet banking service was introduced to Korea in 1999, the service has placed itself as an indispensable service to most users. The internet banking, which provides convenience for internet users as well as efficiency for banks, is expected to increase its importance more and to play a bigger role as a passage of funds. Meanwhile, numerous accounts as to the misusage of the internet banking service have been reported and the types and size of damages, especially making illegal money transfers and embezzling user information through computer hacking, tend to increase continuously. This paper points out fundamental problems of the current internet banking service by analyzing the all components of the internet banking service and fitting the results of structural analysis of hacking threats in accordance with service flow. This paper also attempts to propose the means to minimize the hacking threats of the internet banking service.

• KIPS Transactions on Computer and Communication Systems
• /
• v.6 no.5
• /
• pp.247-254
• /
• 2017

In a Linux system, a user with malicious intent can acquire administrator privileges through attack types that execute shells, and can leak important user information and install backdoor program. In order to solve this problem, the existing method is to analyze the causes of the elevation of privilege, fix the problems, and then patch the system. Recently, a method of detecting an illegal elevated tasks in which information inconsistency occurs through user credentials in real time has been studied. However, since this credential method uses uid and gid, illegal elevated tasks having the root credentials may not be detected. In this paper, we propose a security module that stores shell commands and paths executed with regular privileges in a table and compares them with every file accesses (open, close, read, write) that are executed to solve the case which cannot detect illegal elevated tasks have same credential.