• Proceedings of the Korea Information Processing Society Conference
• /
• 2010.11a
• /
• pp.1342-1345
• /
• 2010

디지털 TV 기술과 소프트웨어 기술의 발전은 스마트 TV 라는 TV 의 새로운 패러다임을 도래하게 하였다. 스마트 TV 는 네트워크를 통해 애플리케이션 스토어에 접속하여 다양한 콘텐츠들을 다운로드 하여 설치/이용하게 될 것이다. 본 연구는 이러한 과정에서 발생할 수 있는 보안 위협들 중에서 콘텐츠의 불법 다운로드 및 기기 인증 우회 등으로 인해 발생할 수 있는 피해를 예방하기 위한 방법으로서 공개키 기반 상호 인증 및 키 분배 방식과 암호 통신 방법을 제안한다.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.12
• /
• pp.76-82
• /
• 2019

The development of Internet technology and the deployment of smart devices provide a convenient environment for people, and this is becoming common with the technology called the Internet of Things (IoT). But the development of, and demand for, IoT technology is causing various problems, such as personal information leaks due to the attacks of hackers who exploit it. A number of devices are connected to a network, and network attacks that have been exploited in the existing PC environment are occurring in the IoT environment. When it comes to IP cameras, security incidents (such as distributed denial of service [DDoS] attacks, hacking someone's personal information, and monitoring without consent) are occurring. However, it is difficult to install and implement existing security solutions because memory space and power are limited owing to the characteristics of small devices in the IoT environment. Therefore, this paper proposes a security protocol that can look at and prevent IoT security threats. A security assessment verified that the proposed protocol is able to respond to various security threats that could arise in a network. Therefore, it is expected that efficient operation of this protocol will be possible if it is applied to the IoT environment.

• Journal of Internet Computing and Services
• /
• v.13 no.3
• /
• pp.127-137
• /
• 2012

With the spread of the new technologies like a smart phone, a smart pad, N-Screen service for financial transaction quickly became commonplace through the Internet. Although it has been developed related technologies and policies since the N-Screen has been provided in Korea, infrastructure for financial services is still lacking. It also has many potential problems including phishing or malware attacks, privacy information exposure & breaches, etc. This work suggests the financial security framework in the side of information protection through threat vulnerability analysis. Further, we examine the possibility of effective application methods based on political technical design.

• Journal of the Korea Convergence Society
• /
• v.8 no.9
• /
• pp.1-7
• /
• 2017

As the network environment develops and speeds up, a lot of smart devices is developed, and a high-speed smart society can be realized while allowing people to interact with objects. As the number of things Internet has surged, a wide range of new security risks and problems have emerged for devices, platforms and operating systems, communications, and connected systems. Due to the physical characteristics of IoT devices, they are smaller in size than conventional systems, and operate with low power, low cost, and relatively low specifications. Therefore, it is difficult to apply the existing security solution used in the existing system. In addition, IoT devices are connected to the network at all times, it is important to ensure that personal privacy exposure, such as eavesdropping, data tampering, privacy breach, information leakage, unauthorized access, Significant security issues can arise, including confidentiality and threats to facilities. In this paper, we investigate cases of security threats and cases of network of IoT, analyze vulnerabilities, and suggest ways to minimize property damage by Internet of things.

• Journal of Convergence for Information Technology
• /
• v.9 no.9
• /
• pp.27-32
• /
• 2019

Along with the growth of u-Healthcare, we propose a security enhancement based on network separation for CloudHIS with for handling healthcare information to cope with cyber attack. To protect against all security threats and to establish clear data security policies, we apply desktop computing servers to cloud computing services for CloudHIS. Use two PCs with a hypervisor architecture to apply physical network isolation and select the network using KVM switched controller. The other is a logical network separation using one PC with two OSs, but the network is divided through virtualization. Physical network separation is the physical connection of a PC to each network to block the access path from both the Internet and the business network. The proposed system is an independent desktop used to access an intranet or the Internet through server virtualization technology on a user's physical desktop computer. We can implement an adaptive solution to prevent hacking by configuring the CloudHIS, a cloud system that handles medical hospital information, through network separation for handling security enhancement.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2014.04a
• /
• pp.453-456
• /
• 2014

최근 무선 인터넷의 발달 및 스마트 디바이스의 등장 등의 이유로 다양한 분야의 네트워크 기반 서비스가 등장하고 있다. 폭발적으로 증가하는 네트워크 서비스를 신뢰적이며 효율적으로 운영하기 위한 기술로 미래 네트워크 기술의 하나인 SDN이 주목받고 있다. 하지만 SDN은 기존 네트워크의 보안 취약성인 IP주소를 타깃으로 하는 공격에 대한 취약점을 보완하지 못하고 있다. 이에 본 논문은 SDN망에서 기존 Control Layer외에 Security Layer를 추가함으로서 네트워크 위협사항에 능동적으로 대처가 가능하고 해당 구조의 기반 위에 검색가능 암호화 기법을 사용하여 IP주소를 은닉화하는 기법을 제안하고자 한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.10a
• /
• pp.806-808
• /
• 2015

IoT(Internet of Things) 환경으로 변화됨에 따라 다양한 사물들이 네트워크에 연결되게 되었고 이에 따라 다양한 보안 위협들이 나타나게 되었다. 그 중 스마트TV(Smart TV)는 해킹에 취약하여 악성코드에 감염되기 쉽고 티비싱(Tvishing) 사기를 당할 수 있다. 이에 본 논문에서는 스마트TV에 애플리케이션(Application)을 설치하기 전 클라우드 환경에서 필터링 기법을 이용하여 악성코드를 탐지함으로 사용자의 피해를 줄이는 방안을 제시한다. 제안하는 방법을 통해 티비싱의 피해를 줄일 수 있다.

• Journal of Digital Convergence
• /
• v.17 no.11
• /
• pp.233-240
• /
• 2019

In order to predict and respond to cyber attacks, a number of security companies quickly identify the methods, types and characteristics of attack techniques and are publishing Security Intelligence Reports(SIRs) on them. However, the SIRs distributed by each company are huge and unstructured. In this paper, we propose a framework that uses five analytic techniques to formulate a report and extract key information in order to reduce the time required to extract information on large unstructured SIRs efficiently. Since the SIRs data do not have the correct answer label, we propose four analysis techniques, Keyword Extraction, Topic Modeling, Summarization, and Document Similarity, through Unsupervised Learning. Finally, has built the data to extract threat information from SIRs, analysis applies to the Named Entity Recognition (NER) technology to recognize the words belonging to the IP, Domain/URL, Hash, Malware and determine if the word belongs to which type We propose a framework that applies a total of five analysis techniques, including technology.

• Review of KIISC
• /
• v.30 no.6
• /
• pp.7-16
• /
• 2020

1980년대 아날로그 이동전화서비스로 시작된 이동통신 기술은 매 10년을 주기로 빠르게 발전해 오고 있다. 디지털화를 거쳐 모바일 광대역 서비스에 초점을 맞춘 이전 세대와는 달리, 5G 이동통신서비스는 다양한 미래 정보통신 융합서비스의 플랫폼으로서, 산업구조 혁신을 통해 새로운 스마트 비즈니스 모델 및 산업 생태계를 창출하는 4차 산업혁명의 핵심 인프라로 주목받고 있다. 이러한 변화의 흐름속에서 이동통신서비스는 우리 실생활과 더욱 밀접해지고 있으나, 다른 한편으로 이동통신 환경의 취약점을 악용한 사이버 공격 위험에 노출될 가능성도 점차 확대되고 있다. 이런 배경에는 국제전기통신연합(ITU)의 IMT-2020 비전 및 요구사항을 충족시키기 위한 5G 네트워크의 구조적인 변화에 따라 공격접점이 크게 확대 되었기 때문이다. 본 고에서는 5G 시대의 도래와 함께 가장 큰 구조적 변화를 겪으며 5G 융합서비스의 핵심 인프라로서 새롭게 주목받고 있는 5G 엣지의 주요 특징을 살펴보고, 5G 엣지에서 제기되고 있는 보안위협과 이에 대한 대응 기술의 동향에 대해 살펴보고자 한다.

• Convergence Security Journal
• /
• v.24 no.1
• /
• pp.11-20
• /
• 2024

Recently, smart buildings that can efficiently manage energy using ICT technology and operate and control through the building automation system by collecting data from a large number of IoT sensors in real time are attracting attention. However, as data management is carried out through an open environment, the safety of smart buildings is threatened by the security vulnerability of the existing building automation protocol. Therefore, in this paper, we analyze the major data link technology of BACnet, which is used universally, and propose OWE-based efficient BACnet/SC that can ensure the reliability of data in a wireless environment. The proposed protocol enables safe communication even in an open network by applying OWE and provides the same level of security as BACnet/SC in a TLS environment. As a result, it reduces the connection process twice and reduces the average time required by 40%, enabling more efficient communication than before.