• Proceedings of the Korean Information Science Society Conference
• /
• 2003.04a
• /
• pp.296-298
• /
• 2003

최근 인터넷을 이용한 침해사고가 급격하게 증가하고 있으며, 그 피해의 파급효과가 매우 커지고 있다. 침해사고로부터 네트워크와 시스템 등의 자산을 보호하는 것이 더욱 중요해지는 실정이다. 크래커들은 대상 네트워크와 시스템에 존재하는 취약점을 찾아내고, 그 취약점을 이용하여 대상 네트워크 및 시스템에 침투하여 악의적인 행동을 하게 된다. 인트라넷에 대한 취약점 분석 평가는 네트워크 및 시스템에 존재하는 취약점을 분석하고, 각각의 취약점을 이용한 침투의 가능여부와 피해 파급효과에 대한 평가를 수행한다. 취약점 분석 평가를 수행함으로써 대상 기관에 적합한 보호대책을 수립하여 침해사고를 사전에 예방하고. 사고 발생시 적절히 대응할 수 있도록 한다. 본 논문에서는 인트라넷 취약점 분석 명가 방법론을 제시하고자 한다.

• Journal of Internet Computing and Services
• /
• v.11 no.4
• /
• pp.129-141
• /
• 2010

In digital computing environment, for the mal functions in appliances and system errors, the unaccepted intrusion should be occurred. The evidence collecting technology uses the system which was damaged by intruders and that system is used as evidence materials in the court of justice. However the collected evidences are easily modified and damaged in the gathering evidence process, the evidence analysis process and in the court. That’s why we have to prove the evidence’s integrity to be valuably used in the court. In this paper, we propose a mechanism for securing the reliability and the integrity of digital evidence that can properly support the Computer Forensics. The proposed mechanism shares and manages the digital evidence through mutual authenticating the damaged system, evidence collecting system, evidence managing system and the court(TTP: Trusted Third Party) and provides a secure access control model to establish the secure evidence management policy which assures that the collected evidence has the corresponded legal effect.

• Convergence Security Journal
• /
• v.4 no.3
• /
• pp.83-90
• /
• 2004

Preventive measures and control over cyber terrorism in Korea is a complex problem. Today laws should meet requirements made by modern technologies development, Law enforcement, special services and judicial system cooperation, their efforts coordination and their material security are priority directions, None of the country is able to prevent cyber terror independently and international cooperation in this field is vital. Taking the above into consideration, we propose and inisit that National Intelligence Service(NIS) should share cyber terror data with Police Agency and have top police authority over the cyber terror.

• Information Systems Review
• /
• v.9 no.3
• /
• pp.83-98
• /
• 2007

This study focused on online game security, which has been considered relatively insignificant when compared to the online game industry's rapid growth. In this study, the state of security incidents in the Korean game industry and security solutions for such cases were examined. At first the security incidents were classified according to the type of game security infringement. Based upon this classification, this study analyzed the causes that give rise to infringement of online game security, and developed technical solutions for such cases. Finally, this study verified whether or not these technical solutions could be applied to online game sites.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.10a
• /
• pp.642-645
• /
• 2012

MANET has disadvantage for information intrusion caused from non-infra structure. That is based on mixed problems caused from terminal devices has no capability of various resources using abilities to run intrusion prevention function, and also from difficulty of no easy using infra structural server like as firewall. In this paper, transmission performances, be effected from information intrusion and IDS(Intrusion Detection System), are analyzed for large scale MANET, and weakness from information intrusion of MANET are studied. This study is for large scale MANET which has some large communication area and lots of nodes, voice traffic, based on VoIP protocols, is considered as application services be transmitted over MANETs. Computer simulation using NS-2 is used to measure and show MOS and call connection ratios.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.12
• /
• pp.139-145
• /
• 2009

This study proposes a model of collection process for real-time forensic data, in which the manager was to respond to infringement incidents in terms of system operation and inspection and to collect, analyze and restore forensic data immediately after an incident took place. The suggested model was modeled in seven processes according to functional elements. Unlike the old and managerial forensic processes, the model allowed the manager to react to infringement incidents in the aspects of system operation and inspection and to follow the processes of collecting, analyzing, and restoring forensic data in case of an incident. There also was a feedback process designed towards the step of gathering forensic data through the stages of systematizing reaction strategies in order that he or she be able to bring about comprehensive and structural responses to an incident like the former processes in which it is difficult to bring about instant responses.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.4
• /
• pp.69-81
• /
• 2006

The Computer Forensics is a research area that finds the malicious users by collecting and analyzing the intrusion or infringement evidence of computer crimes such as hacking. Many researches about Computer Forensics have been done so far. But those researches have focussed on how to collect the forensic evidence for both analysis and poofs after receiving the intrusion or infringement reports of hosts from computer users or network administrators. In this paper, we describe how to collect the forensic evidence of good quality from observable and protective hosts at the time of infringement occurrence by malicious users. By correlating the event logs of Intrusion Detection Systems(IDSes) and hosts with the configuration information of hosts periodically, we calculate the value of infringement severity that implies the real infringement possibility of the hosts. Based on this severity value, we selectively collect the evidence for proofs at the time of infringement occurrence. As a result, we show that we can minimize the information damage of the evidence for both analysis and proofs, and reduce the amount of data which are used to analyze the degree of infringement severity.

• Review of KIISC
• /
• v.10 no.4
• /
• pp.53-68
• /
• 2000

최근 정보보호 문제와 관련하여 많은 논의가 일고 있으며, 또한 이와 관련된 여러 법규들이 제·개정되고 있다. 이러한 노력을 통하여 문제가 되고 있는 개인 정보나 통신비밀의 보호문제, 정보화의 역기능 문제 등이 어느 정도 효과적으로 대응할 수 있게 되었으나 현행 법규들은 새롭게 등장하는 정보 침해 문제의 대응에 급급한 나머지 관련법들간의 상호 조정이 제대로 이루어지지 못한 실정이다. 본 논문에서는 이와 같은 문제와 관련된 전체 법 체계를 종합적으로 검토하여 향후 정보보호관련 법규의 재정비 및 심화되는 정보보호 문제 해결에 도움이 되도록 하였다.

• Electronics and Telecommunications Trends
• /
• v.27 no.4
• /
• pp.130-137
• /
• 2012

사용자의 동의를 받지 않은 개인정보 수집 기술이 남용되고 있다. 개인정보 수집업체, 검색엔진 등은 웹브라우징, 스마트폰, 플랫폼 사용 과정에서 개인정보를 수집하여 인터넷 광고, 기업 서비스에 판매하여 수익을 창출한다. 하지만 프라이버시 침해와 관련하여 국내외적으로 개인정보 수집 기술의 문제를 인식하고 대응하려는 분위기이다. 이에 따라 본고에서는 5개의 웹브라우징 개인정보 수집 기술을 설명한다. 그리고 이를 해결하기 위한 근본적인 방안으로 VRM(Vender Relationship Management) 기술을 제안한다.

• Review of KIISC
• /
• v.18 no.1
• /
• pp.41-48
• /
• 2008

최근 인터넷의 가용성을 위협하는 대형 침해사고는 줄어들고 있으나 스팸, 피싱, 금전적 이익을 위한 분산서비스거부공격 등 악성행위의 양상은 더욱 정교하고 교묘해지고 있다. 이러한 변화는 인터넷 이용에 수반되는 잠재적인 위협을 크게 증가시켰으며 악성행위자와 이에 대응하는 보안전문가 간의 비대칭성을 크게 증가시키고 있다. 네트워크 포렌식은 보호하고자 하는 자산에 대한 직접적인 위협과 잠재 위협을 정확히 산정 할 수 있는 수단을 제공하여 기존의 대응 방법에서 발생하는 비대칭성을 상쇄시킬 수 있는 수단을 제공해준다. 본 논문에서는 네트워크 포렌식의 동향과 기술에 대해 설명하고 이를 이용한 분석 사례를 통해 네트워크 포렌식의 효용을 설명하였다.