• Proceedings of the Korean Information Science Society Conference
• /
• 1999.10c
• /
• pp.330-332
• /
• 1999

컴퓨터 기술의 발전으로 정보화 시대를 맞이한 현대에 있어서 "보안 기능의 정형화 설계 방법 연구"는 정보 보호와 완벽한 보안 때문에 매우 중요하다. 이러한 추세에서 전세계적으로 보안 시스템에 대한 등급을 나누고 있고, 국내에서도 한국정보보호센터에서 침입차단시스템에 대해 K1에서 K7까지의 등급을 매기고 있다. 하지만, 아직까지 전세계적으로 이 분야에 대한 연구가 거의 진행되고 있지 않아 K5이상의 고등급 제품의 개발 및 평가에 많은 어려움이 있는 실정이다. 본 논문은 실제 간단한 규모의 보안 시스템 설계에 직접 적용될 수 있을 수준의 정형기법을 제시하는 것을 목표로 한다. 여기서는 전자 서명에 관련된 인증 알고리즘인 MD4 알고리즘에 대해서 정형 명세 언어인 Z와 VDM을 적용해 본 결과를 기반으로 보안 시스템을 정형 명세한 경험을 기술한다. 경험을 기술한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.6
• /
• pp.195-208
• /
• 2010

As information communication technologies have highly advanced, a large amount of user sensitive information can be easily collected and unexpectedly distributed. For user-friendly services, a service provider requires and processes more user information. However known privacy protection models take on a passive attitude toward user information protection and often involve serious weaknesses. In reality, information exposure by unauthorised access and mistakenly disclosure occurs frequently. In this paper, we study on the applicability of anonymous authentication services for fine-grained user privacy protection. We analyze authentication schemes and classify them according to the level of privacy newly defined in this paper. In addition, we identify security requirements that a privacy protection scheme based on anonymous authentication can achieve within legal boundary.

• Journal of Intelligence and Information Systems
• /
• v.26 no.3
• /
• pp.37-50
• /
• 2020

Information security has become an important issue in the world. Various information and communication technologies, such as the Internet of Things, big data, cloud, and artificial intelligence, are developing, and the need for information security is increasing. Although the necessity of information security is expanding according to the development of information and communication technology, interest in information security investment is insufficient. In general, measuring the effect of information security investment is difficult, so appropriate investment is not being practice, and organizations are decreasing their information security investment. In addition, since the types and specification of information security measures are diverse, it is difficult to compare and evaluate the information security countermeasures objectively, and there is a lack of decision-making methods about information security investment. To develop the organization, policies and decisions related to information security are essential, and measuring the effect of information security investment is necessary. Therefore, this study proposes a method of constructing an investment portfolio for information security measures using game theory and derives an optimal defence probability. Using the two-person game model, the information security manager and the attacker are assumed to be the game players, and the information security countermeasures and information security threats are assumed as the strategy of the players, respectively. A zero-sum game that the sum of the players' payoffs is zero is assumed, and we derive a solution of a mixed strategy game in which a strategy is selected according to probability distribution among strategies. In the real world, there are various types of information security threats exist, so multiple information security measures should be considered to maintain the appropriate information security level of information systems. We assume that the defence ratio of the information security countermeasures is known, and we derive the optimal solution of the mixed strategy game using linear programming. The contributions of this study are as follows. First, we conduct analysis using real performance data of information security measures. Information security managers of organizations can use the methodology suggested in this study to make practical decisions when establishing investment portfolio for information security countermeasures. Second, the investment weight of information security countermeasures is derived. Since we derive the weight of each information security measure, not just whether or not information security measures have been invested, it is easy to construct an information security investment portfolio in a situation where investment decisions need to be made in consideration of a number of information security countermeasures. Finally, it is possible to find the optimal defence probability after constructing an investment portfolio of information security countermeasures. The information security managers of organizations can measure the specific investment effect by drawing out information security countermeasures that fit the organization's information security investment budget. Also, numerical examples are presented and computational results are analyzed. Based on the performance of various information security countermeasures: Firewall, IPS, and Antivirus, data related to information security measures are collected to construct a portfolio of information security countermeasures. The defence ratio of the information security countermeasures is created using a uniform distribution, and a coverage of performance is derived based on the report of each information security countermeasure. According to numerical examples that considered Firewall, IPS, and Antivirus as information security countermeasures, the investment weights of Firewall, IPS, and Antivirus are optimized to 60.74%, 39.26%, and 0%, respectively. The result shows that the defence probability of the organization is maximized to 83.87%. When the methodology and examples of this study are used in practice, information security managers can consider various types of information security measures, and the appropriate investment level of each measure can be reflected in the organization's budget.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.05a
• /
• pp.1155-1158
• /
• 2005

대부분의 IT 시스템 사용자들은 해당 IT 시스템의 보안대책에 대한 신뢰가 적절한 수준인지 판단할 수 있기를 원하고 있으며, 이러한 판단의 근거를 제공하는 가장 기본적이고 전통적인 방법이 평가 및 평가결과에 대한 인증이다. 정보기술의 발달 및 정보화의 촉진으로 인해 IT 시스템의 복잡도는 급격히 증가하고 있으며, 이에 따라 정보보호제품을 설치 운영함으로써 보안목적을 달성하는 과거의 보안정책은 한계에 도달하였다고 할 수 있다. 본 논문에서는 이러한 문제점을 해결하기 위해 평가 인증의 대상을 IT 시스템 전체로 확장할 필요성과 평가 인증이 필요한 대상항목을 식별하고자 한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.5
• /
• pp.1179-1189
• /
• 2019

Cyber security evaluation is a series of processes that estimate the level of risk of assets and systems through asset analysis, threat analysis and vulnerability analysis and apply appropriate security measures. In order to prepare for increasing cyber attacks, systematic cyber security evaluation is required. Various indicators for measuring cyber security level such as CWSS and CVSS have been developed, but the quantitative method to apply appropriate security measures according to the risk priority through the standardized security evaluation result is insufficient. It is needed that an Scoring system taking into consideration the characteristics of the target assets, the applied environment, and the impact on the assets. In this paper, we propose a quantitative risk assessment model based on the analysis of existing cyber security scoring system and a method for quantification of assessment factors to apply to the established model. The level of qualitative attribute elements required for cyber security evaluation is expressed as a value through security requirement weight by AHP, threat influence, and vulnerability element applying probability. It is expected that the standardized cyber security evaluation system will be established by supplementing the limitations of the quantitative method of applying the statistical data through the proposed method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.5
• /
• pp.1039-1055
• /
• 2012

It is required for us to enhance the national cyber capability as the worldwide countries have been doing effort to strengthen their cyber capabilities. However, we are encountering the difficulty in estimating national cyber capability due to the absence of any cyber capability assessment methodology. This paper presents the national cyber capability assessment methodology which is used for settle up national cyber policy. We also introduce the result of five major nations(US, China, Japan, Russia, Korea)' cyber capability assessment using the proposed methodology. The methodology is developed using open data and includes three areas; base capability, attack capability and defense capability. The assessment result shows the in the order of US, China, Korea, Russia, Japan. As the analysis of that result, in order to enhance the our cyber capability, we recommend that first, cyber budget and human resources for the base capability should be more invested, second, the strategy for attack capability enhancement is strongly required and lastly, the patch ratio and security monitoring level should be upgraded.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.167-172
• /
• 2004

In the process of presenting the additional criteria, ISST, developed to evaluate teachers' capacity of applying information, suggests the criteria without considering teacher's own task. Information Ethics and Security Model is made up of two parts. In one part, it deals with four areas concerning with Information Ethics evaluation to measure the sensibility of Information Ethics of Information Teacher In another part, it is divided Information Security Evaluation into three areas which estimate technical method to secure the information system tying in the environment of information-oriented education.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.5
• /
• pp.997-1008
• /
• 2022

Today, AI(Artificial Intelligence) technology is being extensively researched in various fields, including the field of malware detection. To introduce AI systems into roles that protect important decisions and resources, it must be a reliable AI model. AI model that dependent on training dataset should be verified to be robust against new attacks. Rather than generating new malware detection, attackers find malware detection that succeed in attacking by mass-producing strains of previously detected malware detection. Most of the attacks, such as adversarial attacks, that lead to misclassification of AI models, are made by slightly modifying past attacks. Robust models that can be defended against these variants is needed, and the Robustness level of the model cannot be evaluated with accuracy and recall, which are widely used as AI evaluation indicators. In this paper, we experiment a framework to evaluate robustness level by generating an adversarial sample based on one of the adversarial attacks, C&W attack, and to improve robustness level through adversarial training. Through experiments based on malware dataset in this study, the limitations and possibilities of the proposed method in the field of malware detection were confirmed.

• Journal of Korea Spatial Information System Society
• /
• v.11 no.3
• /
• pp.19-30
• /
• 2009

Recent development in wireless communication technology and mobile equipment like PDA, cellular phone and GPS makes location-based services (LBSs) popular. However, because, in the LBSs, users continuously request a query to LBS servers by using their exact locations, privacy information could be in danger. Therefore, a mechanism for users' privacy protection is required for the safe and comfortable use of LBSs by mobile users. For this, this paper propose a grid-based cloaking area creation scheme supporting continuous LBSs. The proposed scheme creates a cloaking area rapidly by using grid-based cell expansion to efficiently support the continuous LBSs. In addition, to generate a cloaking area which makes the exposure probability of a mobile user to a minimum, we compute a privacy protection degree by granting weights to mobile users. Finally, we show from a performance analysis that our cloaking scheme outperforms the existing cloaking schemes, in terms of service time, privacy protection degree.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.19 no.12
• /
• pp.99-109
• /
• 2018

Tampering involves illegally removing technologies from a protected system through reverse engineering or developing a system without proper authorization. As tampering of a weapon system is a threat to national security, anti-tampering measures are required. Precedent studies on anti-tampering have discussed the necessity, related trends, application cases, and recent cybersecurity-based or other protection methods. In a domestic situation, the Defense Technology Protection Act focuses on how to prevent technology leakage occurring in related organizations through personnel, facilities and information systems. Anti-tampering design needs to determine which technologies are protected while considering the effects of development cost and schedule. The objective of our study is to develop methods of how to select target technologies and determine counter-measures to protect these technologies. Specifically, an evaluation matrix was derived based on the risk analysis concept to select the protection of target technologies. Also, based on the concept of risk mitigation, the classification of anti-tampering techniques was performed according to its applicability and determination of application levels. Results of the case study revealed that the methods proposed can be systematically applied for anti-tampering in weapon system development.