• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.3
• /
• pp.417-430
• /
• 2024

As modern technology advances and the proliferation of the internet continues, cyber threats are also on the rise. To effectively counter these threats, the importance of utilizing Cyber Threat Intelligence (CTI) is becoming increasingly prominent. CTI provides information on new threats based on data from past cyber incidents, but the complexity of data and changing attack patterns present significant analytical challenges. To address these issues, this study aims to utilize graph data that can comprehensively represent multidimensional relationships. Specifically, the study constructs a heterogeneous graph based on malware data, and uses the metapath2vec node embedding technique to more effectively identify cyber attack groups. By analyzing the impact of incorporating topology information into traditional malware data, this research suggests new practical applications in the field of cyber security and contributes to overcoming the limitations of CTI analysis.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.05a
• /
• pp.752-754
• /
• 2016

Power is compared to the overall share of energy continues to increase, so as a way for efficient demand management and value added according to the AMR system was introduced. But there is a risk in a variety of external attack, such as when you use the remote meter reading system, cyber attacks and hacking. It is considered that the measures sought, which can be used to prevent or pre safer urgent. In this paper, I want to point out the current research trends and issues of security authentication technology of remote meter reading system.

• Convergence Security Journal
• /
• v.13 no.1
• /
• pp.51-57
• /
• 2013

RSA is the most widely used public key algorithms. Payment via the SSL communications, and user authentication using RSA secure shopping mall that can protect the user's valuable information in the process of building. SSL-based electronic signature technology and encryption protocols for this technology are electronic documents are delivered to the other party through a separate encryption process, the information sender to enter information on a web browser (user) and the recipient (the Web server of the site Manager), except you will not be able to decrypt the contents. Therefore, the information is encrypted during the transfer of electronic documents even if hackers trying to Sniffing because its contents can never understand. Of internet shopping mall in the user authentication 'and' Communications' SSL secure shopping mall built with the goal of the methodology are presented.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.4
• /
• pp.135-141
• /
• 2008

The risk enlargement of cyber infringement and hacking is one of the latest hot issues. To solve the problem, the research for Security Risk Analysis, one of Information Security Technique, has been activating. However, the evaluation for Security Risk Analysis has many burdens; evaluation cost, long period of the performing time, participants’ working delay, countermeasure cost, Security Management cost, etc. In addition, pre-existing methods have only treated Analyzing Standard and Analyzing Method, even though their scale is so large that seems like a project. the Analyzing Method have no option but to include assessors’ projective opinion due to the mixture using that both qualitative and quantitative method are used for. Consequently, in this paper, we propose the Security Risk Analysis Methodology which manage the quantitative evaluation as a project and use Case-Based Reasoning Algorithm for define the period of the performing time and for select participants.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2021.11a
• /
• pp.791-794
• /
• 2021

범죄차량 판독 시스템, 지능화된 CCTV 등 차량과 관련된 시각지능에 관한 연구가 큰 관심을 받고 있다. 이 중 차량 분류 기술은, 특정 차량을 인식하는 핵심기술이다. 이와 관련한 기존 연구들은 큰 차종으로만 분류하거나, 분류 가능한 차종의 수, 정확도 등이 낮아 실용성 및 신뢰성이 떨어진다는 단점이 있다. 따라서, 본 논문에서는 차종을 정확하게 분류할 수 있는 2단계 차종 분류 알고리즘을 제안한다. 제안 시스템은 CNN으로 학습된 모델을 기반으로 1차로 차량의 유형을 분류하고, 2차로 정확한 차종을 분류한다. 실험 결과, 52개의 차종을 분류함에 있어 단일 분류 모델에 비해 5.3%p 더 높은 90.2%의 분류 정확도를 보였다. 이를 통해, 더욱 정확한 차종 분류가 가능하다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.27 no.8C
• /
• pp.748-757
• /
• 2002

Cyber-terror trials are increased in nowadays and these attacks are commonly using security vulnerability and information gathering method by variable services grew by the continuous development of Internet Technology. IDS's application environment is affected by this increasing Cyber Terror. General Network based IDS detects intrusion by signature based Intrusion Detection module about inflowing packet through network devices. Up to now security in network is commonly secure host, an regional issue adopted in special security system but these system is vulnerable intrusion about the attack in globally connected Internet systems. Security mechanism should be produced to expand the security in whole networks. In this paper, we analyzer the DARPA's program and study Infusion Detection related Technology. We design policy security framework for policy enforcing in whole network and look at the modules's function. Enforcement of security policy is acted by Intrusion Detection system on gateway system which is located in network packet's inflow point. Additional security policy is operated on-line. We can design and execute central security policy in managed domain in this method.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.9
• /
• pp.1166-1175
• /
• 2021

We investigate the current situation and development trend of domestic smart city and emergency vehicle priority signal control system analyzing the existing effectiveness of 1) emergency vehicle priority signal control system and 2) control emergency vehicle priority signal, based on domestic and foreign prior research for signal control system security. The effectiveness of time reduction was analyzed through actual application and test operation to emergency vehicles after establishing the system. In addition, for security management and stable service of real-time signal system control we propose improvement for the technical control items of the ISMS-P certification system to secure golden time to protect citizens' precious lives and property in case of emergency by classifying and mapping the existing ISMS-P certification system and the Korea Internet & Security Agency's cyber security guide according to the items of security threats.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.119-124
• /
• 2004

The service oriented architecture (SOA) is gaining more momentum with the advent of Web services on internet. A programmable and machine accessible Web is the vision of many, and might represent a step towards the semantic Web. However, security is a crucial requirement for the serious usage and adoption of the Web services technology. This paper proposes design goals for an distributed access control model for CPC(Collaborative Product Commerce). It then design a processor model for CPC components, along with web services standard and concept that can be used as a basis to design an access control processor independent of a particular CPC service implementation.

• Convergence Security Journal
• /
• v.23 no.5
• /
• pp.73-79
• /
• 2023

Cyber threats are evolving and becoming more sophisticated with the development of new technologies, and consequently the number of service failures caused by DDoS attacks are continually increasing. Recently, DDoS attacks have numerous types of service failures by applying a large amount of traffic to the domain address of a specific service or server. In this paper, after generating the data of the Syn Flooding attack, which is the representative attack type of bandwidth exhaustion attack, the data were compared and analyzed using Random Forest, Decision Tree, Multi-Layer Perceptron, and KNN algorithms for the effective detection of attacks, and the optimal algorithm was derived. Based on this result, it will be useful to use as a technique for the detection policy of Syn Flooding attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.5
• /
• pp.827-846
• /
• 2023

Recently, various information technologies such as network communication and sensors have begun to be integrated into weapon systems that were previously operated in stand-alone. This helps the operators of the weapon system to make quick and accurate decisions, thereby allowing for effective operation of the weapon system. However, as the involvement of the cyber domain in weapon systems increases, it is expected that the potential for damage from cyber attacks will also increase. To develop a secure weapon system, it is necessary to implement built-in security, which helps considering security from the requirement stage of the software development process. The U.S. Department of Defense is implementing the Risk Management Framework Assessment and Authorization (RMF A&A) process, along with the introduction of the concept of cybersecurity, for the evaluation and acquisition of weapon systems. Similarly, South Korea is also continuously making efforts to implement the Korea Risk Management Framework (K-RMF). However, so far, there are no cases where K-RMF has been applied from the development stage, and most of the data and documents related to the U.S. RMF A&A are not disclosed for confidentiality reasons. In this study, we propose the method for inferring the composition of the K-RMF based on systematic threat analysis method and the publicly released documents and data related to RMF. Furthermore, we demonstrate the effectiveness of our inferring method by applying it to the naval battleship system.