• The Journal of the Korea Contents Association
• /
• v.10 no.11
• /
• pp.262-274
• /
• 2010

In Welfare Center for the disabled, under the Government's information acceleration plan, the computer system has been developed starting from work standardization in 2001 but it has been emphasized only on the technical and customer convenience side leaving out preparation for the side effects of them. Therefore this article will seek the necessity of personal information protection, legal basis in the Welfare Center for the disabled. Additionally after analyzing current status for the personal security of Welfare Center for the disabled, establishing an alternative plan for personal security policy's way could be addressed. Increasing education for awareness stress of personal information security, and preparing institutional protection apparatus from applying life cycle of personal information would be an alternative plan for personal information protection for Welfare Center for the disabled. Also frequent monitoring of accessing personal information from the computerized system should be achieved. It is impossible to recover damage caused by leak of personal information although post actions are progressed. From this essay, awareness of personal information protection should be newly revised for both the Social Welfare Organization and the Disabled welfare center, and also technical, institutional strategy's action should be arranged.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.5
• /
• pp.27-32
• /
• 2016

In general, IoT(Internet of things) designate the intelligence technologies and services which interact all necessity information between human and things, things and thing and things and systems with all things connecting through the internet based. The smart home in present of IoT environment fuses the daily supplies/equipment which needs to use for the private life with the internet of things that is the fruit of the converged business through all most private consumption related in vastly. The concept of smart home has been built around early 2000s due to the spread of high speed internet and advanced of smart electronics and internet, furthermore influencing by the enhancement of wireless network and smart devices, it is advanced as a smart home within the internet of things environment. Smart home service inside the house which most closely implemented with personal life is being developed and advanced in various forms. These developments may exert a positive effect, but if it does not resolve the security issues for the smart home service, then it may cause a big plague of privacy and personal life.

• The Journal of Society for e-Business Studies
• /
• v.22 no.4
• /
• pp.129-139
• /
• 2017

With the advent of FinTech, many financial services have become available in the mobile Internet environment and recently, there is an internet bank that provides all bank services online. As the proportion of financial services over the Internet increases, it offers convenience to users, but at the same time, the threat of financial network is increasing. Financial institutions are investing heavily in security systems in case of an intrusion. However attacks by hackers are getting more sophisticated and difficult to cope with. However, applying an IP Trace-back method that can detect the actual location of an attacker to a financial network can prepare for an attacker's arrest and additional attacks. In this paper, we investigate IP Trace-back technology that can detect the actual location of attacker and analyze it to apply it to financial network. And we propose a new IP Trace-back method through Infra-structure construction through simulation experiments.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.227-230
• /
• 2013

Financial transactions using a mobile terminal and the Internet is activated, it is a stock exchange enabled using mobile devices and the Internet. Koscom in charge of IT operations of securities transaction-related in (securities ISAC), to analyze the vulnerability of information security related to securities transactions, which corresponds to running the integrated security control system. Online stock trading is a subject to the Personal Information Protection Act, electronic systems of related, has been designated as the main information and communication infrastructure to, damage financial carelessness of the user, such as by hacking is expected to are. As a result, research on the key vulnerabilities of information security fields related to securities business cancer decoding of the Securities and Exchange packet, through the analysis of security events and integrated security control is needed.

• The KIPS Transactions:PartC
• /
• v.11C no.7 s.96
• /
• pp.951-958
• /
• 2004

Nowadays NGN is developed for supporting the e-Commerce, Internet trading, e-Government, e-mail, virtual-life and multimedia. Internet gives us the benefit of remote access to the information but causes the attacks that can break server and modify information. Since 2000 Nimda, Code Red Virus and DSoS attacks are spreaded in Internet. This attack programs make tremendous traffic packets on the Internet. In this paper, we designed and developed the Bandwidth Controller in the gateway systems against the bandwidth saturation attacks. This Bandwidth con-troller is implemented in hardware chipset(FPGA) Virtex II Pro which is produced by Xilinx and acts as a policing function. We reference the TBF(Token Bucket Filter) in Linux Kernel 2.4 and implemented this function in HDL(Hardware Description Language) Verilog. This HDL code is synthesized in hardware chipset and performs the gigabit traffic in real time. This policing function can throttle the traffic at the rate of band width controlling policy in bps speed.

• Journal of KIISE
• /
• v.45 no.3
• /
• pp.294-302
• /
• 2018

With the emergence of the new service industry due to the development of information and communication technology, cyber space risks such as personal information infringement and industrial confidentiality leakage have diversified, and the security problem has emerged as a critical issue. In this paper, we propose a behavior-based anomaly detection method that is suitable for real-time and large-volume data analysis technology. We show that the proposed detection method is superior to existing signature security countermeasures that are based on large-capacity user log data according to in-company personal information abuse and internal information leakage. As the proposed behavior-based anomaly detection method requires a technique for processing large amounts of data, a real-time search engine is used, called Elasticsearch, which is based on an inverted index. In addition, statistical based frequency analysis and preprocessing were performed for data analysis, and the DBSCAN algorithm, which is a density based clustering method, was applied to classify abnormal data with an example for easy analysis through visualization. Unlike the existing anomaly detection system, the proposed behavior-based anomaly detection technique is promising as it enables anomaly detection analysis without the need to set the threshold value separately, and was proposed from a statistical perspective.

• Smart Media Journal
• /
• v.4 no.4
• /
• pp.80-85
• /
• 2015

As the number of applications using the internet the rapidly increasing incidence of cyber attacks made on the internet has been increasing. In the equipment of L3 DDoS attack detection equipment in the world and incomplete detection of application layer based intelligent. Next-generation networks domestic product in high-performance wired and wireless network threat response techniques to meet the diverse requirements of the security solution is to close one performance is insufficient compared to the situation in terms of functionality foreign products, malicious code detection and signature generation research primarily related to has progressed malware detection and analysis of the research center operating in Window OS. In this paper, we describe the current status survey and analysis of the latest variety of new attack techniques and analytical skills with the latest cyber-attack analysis prejudice the security situation.

• Journal of Digital Contents Society
• /
• v.5 no.3
• /
• pp.163-170
• /
• 2004

Ubiquitous is an agriculture revolution, the Industrial Revolution, the fourth revolution to equal an information revolution are Ubiquitous. Historic agriculture was revolutionary, but the Industrial Revolution was a revolution of the physics space that was a base of a mankind civilization, and the informatization revolution that Cyber Space saw a prime while world wide web service was expended was a revolution of cyber space. Be charmed with this, and, as for the Ubiquitous revolution, it is achieved a physics space and an intelligent union of cyber space in the space where an off-line space was integrated with compunction on-line. It is combined with a life space naturally, and Ubiquitous technology. Also, I presented the plan that derivation tried a problem about Ubiquitous, and can solve an each problem. Specially, infringement about personal privacy very has a lot of possession to occur in the world that radio communication between all appliances is possible. It is Ubiquitous by becoming the data which is useful to thorough preparation about the Ubiquitous world to come with presenting policy a little technical solution plan about this to the future Republic of Korea. many company has been cracked by crackers information security and everyday new computer virus come out.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.6
• /
• pp.163-171
• /
• 2015

Personal Health Records(PHR) service offers patients a convenient and easy-to-use solution for managing their personal health records, crucial medical files, and emergency contacts. In spite of the indispensable advantages, PHR service brings critical challenges that cannot be avoided from consumer side if the security of the data is concerned. The problem of user's privacy infringement and leaking user's sensitive medical information is increasing with the fusion of PHR technology and healthcare. In this paper, therefore, we analyze the various security aspects that are vulnerable to the PHR service and needed to be resolved. Moreover, we analyze the security requirements from the point of view of the PHR users and application service providers and provides the PHR security mechanism for addressing PHR security threats and satisfying PHR security requirements.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39C no.1
• /
• pp.1-8
• /
• 2014

This paper proposed a method that prevents data leakage and modulation and detects an unauthorized device by using AP and mobile device. Most of existing method for detecting and preventing an unauthorized device are similar to type of Evil Twin. However, in previous studies can not resolve many security accident and have the problem to cope with effectively security accident on various network. In order to solve these problem, companies prepare security accident through the varies policy and guideline. but It is hard to prevent all security accident because it is consistently increasing everyday. This paper suggests technique of detecting and preventing an unauthorized device using Context Awareness and Mobile Device Management. Firstly, when mobile device go into internal network, server distinguish access permission and authorization of mobile device using acquiring the conetxt information of mobile device. By using this result, server applies the appropriate management technique to the mobile device for leakage and accident of internal network.