• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.295-303
• /
• 2023

As the cloud computing market grows, a variety of cloud services are now reliably delivered. Administrative agencies and public institutions of South Korea are transferring all their information systems to cloud systems. It is essential to develop security solutions in advance in order to safely operate cloud services, as protecting cloud services from misuse and malicious access by insiders and outsiders over the Internet is challenging. In this paper, we propose a zero trust model for cloud storage services that store sensitive data. We then verify the effectiveness of the proposed model by operating a cloud storage service. Memory, web, and network forensics are also performed to track access and usage of cloud users depending on the adoption of the zero trust model. As a cloud storage service, we use Amazon S3(Simple Storage Service) and deploy zero trust techniques such as access control lists and key management systems. In order to consider the different types of access to S3, furthermore, we generate service requests inside and outside AWS(Amazon Web Services) and then analyze the results of the zero trust techniques depending on the location of the service request.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12
• /
• pp.213-218
• /
• 2021

This paper proposes a technique for detecting a significant threat that attempts to get sensitive and confidential information such as usernames, passwords, credit card information, and more to target an individual or organization. By definition, a phishing attack happens when malicious people pose as trusted entities to fraudulently obtain user data. Phishing is classified as a type of social engineering attack. For a phishing attack to happen, a victim must be convinced to open an email or a direct message [1]. The email or direct message will contain a link that the victim will be required to click on. The aim of the attack is usually to install malicious software or to freeze a system. In other instances, the attackers will threaten to reveal sensitive information obtained from the victim. Phishing attacks can have devastating effects on the victim. Sensitive and confidential information can find its way into the hands of malicious people. Another devastating effect of phishing attacks is identity theft [1]. Attackers may impersonate the victim to make unauthorized purchases. Victims also complain of loss of funds when attackers access their credit card information. The proposed method has two major subsystems: (1) Data collection: different websites have been collected as a big data corresponding to normal and phishing dataset, and (2) distributed detection system: different artificial algorithms are used: a neural network algorithm and machine learning. The Amazon cloud was used for running the cluster with different cores of machines. The experiment results of the proposed system achieved very good accuracy and detection rate as well.

• Journal of the Korean Society of Surveying, Geodesy, Photogrammetry and Cartography
• /
• v.30 no.6_1
• /
• pp.567-574
• /
• 2012

For the past few years, the video surveillance market has shown a rapid growth due to the increasing demand for Closed Circuit Television(CCTV) by the public sector and the private security industry. While the overall utilization of CCTV in the public and private sectors is expanding, its usage in the field of disaster management is less than sufficient. Therefore, the authors of this study, in an effort to revisit the role of CCTV in disaster situations, have carried out a case analysis in the vicinity of the Gangnam Station which has been designated as a natural disaster-prone area. First, the CCTV images around the target location are collected and the time and depth of inundation are measured through field surveys and image analyses. Next, a rainfall analysis was conducted using the Automatic Weather Station(AWS) data and the past inundation records. Lastly, the authors provide an estimate of rainfall for the areas around the station and suggest viable warning systems and countermeasures. The results from this study are expected to make positive contributions towards a significant reduction of the damages caused by the floods around the Gangnam Station.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2023.11a
• /
• pp.1045-1046
• /
• 2023

본 논문은 디지털 소외계층과 사회적 약자를 고려한 보이스피싱 예방 솔루션을 제안한다. 통화 내용을 AWS Transcribe를 활용한 STT와 NLP 알고리즘을 사용해 실시간으로 보이스피싱 위험도를 파악하고 결과를 사용자에게 전달하도록 한다. NLP 알고리즘은 KoBIGBIRD와 DeBERTa 모델 각각을 커스터마이즈하여 보이스피싱 탐지에 적절하게 파인튜닝 했다. 이후, 성능과 인퍼런스를 비교하여 더 좋은 성능을 보인 KoBIGBIRD 모델로 보이스피싱 탐지를 수행한다.

• Journal of Korean Society of Disaster and Security
• /
• v.11 no.2
• /
• pp.45-52
• /
• 2018

This study identifies the cause of the accident and presents a new concept for safe urban stream management by numerical simulating the flood event of Cheonggyecheon on August 17, 2017, using rain data measured through a dense weather observation network. In order to simulate water retention in the CSO channel listed as one of the causes of the accident, a reliable urban runoff model(XP-SWMM) was used which can simulate various channel conditions. Rainfall data measured through SK Techx using SK Telecom's cell phone station was used as rain data to simulate the event. The results of numerical simulations show that rainfall measured through AWSs of Korea Meteorological Administration did not cause an accident, but a similar accident occurred under conditions of rainfall measured in SK Techx, which could be estimated more similar to actual phenomena due to high spatial density. This means that the low spatial density rainfall data of AWSs cannot predict the actual phenomenon occurring in Cheonggyecheon and safe river management needs high spatial density weather stations. Also, the results of numerical simulation show that the residual water in the CSO channel directly contributed to the accident.