• Convergence Security Journal
• /
• v.12 no.5
• /
• pp.87-97
• /
• 2012

Privacy of personal information disclosure incident occurs frequently as a problem to our society's most important and sensitive social agenda is emerging. Personal information is actually more accurate, depending on the type or types of economic value and sensitivity, the quality of the information, because it can cause a spill a serious social threat and systematic personal information protection and management are not carried out and the information society in a big mess can result. Customers my affairs when small guard security companies, especially the sensitive personal information of customers who need to work, the collected information be leaked or the company's trade secrets, are exposed on the outside, it could be a serious threat to a greater problem cause. Small escort guard companies, however, compared with large companies to build its own security system, due to issues such as the extent of funding, staffing shortages, there are many difficulties. Status of Information Security, scale and analyze the characteristics of small escort guard companies occupied by guard security companies in the present study, sleep, look at him in the solution of the practical issues of information protection system laid small guard. Expenses supplier of propose a security system for preventing the leakage of personal information.

• Journal of Digital Convergence
• /
• v.11 no.12
• /
• pp.367-380
• /
• 2013

A secure data gathering in a Wireless Sensor Network(WSN) has given attention to one of security issues. In general, the process of secure data gathering causes difficulties: one process is exchanging the secured data and the other is constructing secured data path. The previous studies have been resolving the difficulties in terms of two problems: security and data gathering in WSNs. However, a WSN requires a protocol that has to guarantee a security of path between sensors and sink, or a cluster head. Thus how to gather data securely is an important issue. In this paper, we propose a secure data gathering protocol over WSNs, which consists of hierarchical key settlement and secure path construction, and aims at tackling two problems. The proposed protocol causes little overhead to sensor nodes for secured key settlement and path construction. This work provides security analysis focused on the key settlement protocol and evaluates network performance for the proposed data gathering protocol through simulation.

• Journal of Digital Convergence
• /
• v.13 no.10
• /
• pp.279-285
• /
• 2015

In this paper, we present the design and implementation of a realtime DNS Query Analysis System to detect and to protect from DNS attacks. The proposed system uses mirroring to collect data in DMZ, then analizes the collected data. As a result of the analysis, if the proposed system finds attack information, the information is used as a filtering information of firewall. statistic of the collected data is viewed as a realtime monitoring information on the web. To verify the effictiveness of the proposed system, we have built the proposed system and conducted some experiments. As the result, Our proposed system can be used effectively to defend DNS spoofing, DNS flooding attack, DNS amplification attack, can prevent interior network's attackers from attacking and provides realtime DNS query statistic information and geographic information for monitoring DNS query using GeoIP API and Google API. It can be useful information for ICT convergence and the future work.

• Journal of the Korean Geographical Society
• /
• v.43 no.2
• /
• pp.220-234
• /
• 2008

In many security monitoring contexts, the performance or efficiency of surveillance sensors/networks based on a single sensor type may be limited by environmental conditions, like illumination change. It is well known that different modes of sensors can be complementary, compensating for failures or limitations of individual sensor types. From a location analysis and modeling perspective, a challenge is how to locate different modes of sensors to support security monitoring. A coverage-based optimization model is proposed as a way to simultaneously site k different sensor types. This model considers common coverage among different sensor types as well as overlapping coverage for individual sensor types. The developed model is used to site sensors in an urban area. Computational results show that common and overlapping coverage can be modeled simultaneously, and a rich set of solutions exists reflecting the tradeoff between common and overlapping coverage.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.2B
• /
• pp.184-194
• /
• 2011

Security is critically important for smart grid networks that are usually used for the electric power network and IT environments that are opened to attacks, such as, eavesdropping, replay attacks of abnormal messages, forgery of the messages to name a few. ZigBee has emerged as a strong contender for smart grid networks. ZigBee is used for low data rate and low power wireless network applications. To deploy smart grid networks, the collected information requires protection from an adversary over the network in many cases. The security mechanism should be provided for collecting the information over the network. However, the ZigBee protocol has some security weaknesses. In this paper, these weaknesses are discussed and a method to improve security aspect of the ZigBee protocol is presented along with a comparison of the message complexity of the proposed security protocol with that of the current ZigBee protocol.

• KIISE Transactions on Computing Practices
• /
• v.22 no.4
• /
• pp.178-183
• /
• 2016

To enhance the reliability of programs, developers use fuzzing tools in test processes to identify vulnerabilities so that they can be fixed ahead of time. In this case, the developers consider the security-related vulnerabilities to be the most critical ones that should be urgently fixed to avoid possible exploitation by attackers. However, developers without much experience of analysis of vulnerabilities usually rely on tools to pick out the security-related crashes from the normal crashes. In this paper, we suggest a static analysis-based tool to help developers to make their programs more reliable by identifying security-related crashes among them. This paper includes experimental results, and compares them to the results from MSEC !exploitable for the same sets of crashes.

• Journal of IKEEE
• /
• v.11 no.4
• /
• pp.205-212
• /
• 2007

The ubiquitous sensor network consists of micro sensors with wireless communication capabilities. Compared to wired communication, wireless communication is more subject to eavesdropping as well as data variation and manipulation. Accordingly, there must be efforts to secure the information delivered over the sensor network. Providing security to the sensor network, however, requires additional energy consumption, which is an important issue since energy transformation is difficult to implement in a sensor network. This paper proposes a routing mechanism based on the energy-efficient cluster that features security functions capable of safely processing the data acquired from the sensor network. The proposed algorithm reduces energy consumption by fixing the clusters formed at the initial stage and using the pre-distribution scheme so that the cluster and node keys generated and exchanged at the initial stage are not re-generated or re-exchanged. Simulation experiments confirmed that the proposed approach reduces energy consumption compared to implementing security measures to the conventional cluster-based routing mechanism.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.4
• /
• pp.101-110
• /
• 2011

A smart grid networks delivers electricity from suppliers to consumers using digital technology with two-way communications to control appliances at consumers' homes to save energy, reduce cost and increase reliability and transparency. Security is critically important for smart grid networks that are usually used for the electric power network and IT environments that are opened to attacks, such as, eavesdroping, replay attacks of abnormal messages, forgery of the messages to name a few. ZigBee has emerged as a strong contender for smart grid networks. ZigBee is used for low data rate and low power wireless network applications. To deploy smart grid networks, the collected information requires protection from an adversary over the network in many cases. The security mechanism should be provided for collecting the information over the network. However, the ZigBee protocol has some security weaknesses. In this paper, these weaknesses are discussed and a method to improve security aspect of the ZigBee protocol is presented along with a comparison of the message complexity of the proposed security protocol with that of the current ZigBee protocol.

• Convergence Security Journal
• /
• v.14 no.4
• /
• pp.27-32
• /
• 2014

Utilization of web application has been widely spread and complication in recent years by the rapid development of network technologies and changes in the computing environment. The attack being target of this is increasing and the means is diverse and intelligent while these web applications are using to a lot of important services. In this paper, we proposed security model using virtualization technology to prevent attacks using vulnerabilities of web application. The request information for query in a database server also can be recognized by conveying to the virtual web server after ID is given to created session by the client request and the type of the query is analyzed in this request. VM-Master module is constructed in order to monitor traffic between the virtual web servers and prevent the waste of resources of Host OS. The performance of attack detection and resource utilization of the proposed method is experimentally confirmed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.5
• /
• pp.969-976
• /
• 2013

The information protection systems of company are intended to detect all weak points, intrusion, document drain. All actions of people in company are recorded and can check persistently. On the other hand, what analyze security log generated by these systems becomes more difficult. Most staff who manages the security systems, and analyze log is more incomprehensible than a user or a person of drain for an information distribution process of the work-site operations and the management procedure of the critical information. Such a reality say the serious nature of the internal information leakage that can be brought up more. While the research on the big data proceeds actively recently, the successful cases are being announced in the various areas. This research is going to present the improved big data processing technology and case of the security field.