• Nuclear Engineering and Technology
• /
• 제54권4호
• /
• pp.1245-1252
• /
• 2022

As regulatory bodies require full implementation of security controls in nuclear power plants (NPPs), security functions for critical digital assets are currently being developed. For the ultimate introduction of security controls, not alternative measures, it is important to understand the relationship between possible cyber threats to NPPs and security controls to prevent them. To address the effectiveness of the security control implementation, this study investigated the types of cyber threats that can be prevented when the security controls are implemented through the mapping of the reorganized security controls in RS-015 to cyber threats on NPPs. Through this work, the cyber threat that each security control can prevent was confirmed, and the effectiveness of several strategies for implementing the security controls were compared. This study will be a useful reference for utilities or researchers who cannot use design basis threat (DBT) directly and be helpful when introducing security controls to NPPs that do not have actual security functions.

• 한국철도학회:학술대회논문집
• /
• 한국철도학회 2004년도 춘계학술대회 논문집
• /
• pp.153-158
• /
• 2004

The security system using optical fiber is a system, circulating infrared rays laser pulse on the optical fiber which is attached on the security fence to prevent invasion, which can show invasion position with visible and audible signal on the situation monitor if an invader cut or pull the security fence with minuteness of 10m. The optical fiber can be also applied for the bed structure stability monitoring system of high speed train as well as security system. To apply this system for high speed railroad bed structures, this system will give an alarm if it detect excessive tension, shrinkage, deflection which is beyond the limit of structure, that will prevent serious railroad accident. In this paper, we like to propose that applying this system for security and structure stability can improve confidence and stability on operation of railways

• 디지털콘텐츠학회 논문지
• /
• 제8권3호
• /
• pp.371-376
• /
• 2007

차량 내부에서는 컨트롤러, 센서, 텔레매틱스 단말기, 내비게이션, 오디오 및 비디오 등 다양한 모듈들이 CAN이나 MOST와 같은 차량 네트워크를 통해 연결되어 있다. 게다가, 사용자는 이동 중에 무선 모바일 네트워크를 이용하여 ITS나 인터넷에 접속할 수도 있다. 이러한 네트워크의 다양한 활용은 데이터 해킹, 프라이버시 침해, 위치 추적 등과 같은 많은 보안 문제를 야기하게 된다. 또한, 차량 운영 데이터(센서, 제어 데이터)를 해킹함으로써 차량을 고장 내거나 사고를 유발할 수 있는 가능성도 점차 커지고 있다. 본 논문에서는 CAN이나 MOST와 같은 차량 네트워크에 적용할 수 있는 암호화 기능을 가지는 보안 모듈을 제안한다. 이 보안 모듈은 DES, 3-DES, SEED, ECC 및 RSA와 같은 일반적인 암호화 알고리듬과 전자서명 기능을 제공하게 된다.

• Journal of Information Technology Applications and Management
• /
• 제13권4호
• /
• pp.141-153
• /
• 2006

According to supply of super high way internet service, importance of security becomes more emphasizing. Therefore, flawless security solution is needed for blocking information outflow when we send or receive data. large enterprise and public organizations can react to this problem, however, small organization with limited work force and capital can't. Therefore they need to elevate their level of information security by improving their information security system without additional money. No hackings can be done without passing invasion blocking system which installed at the very front of network. Therefore, if we manage.isolation log effective, we can recognize hacking trial at the step of pre-detection. In this paper, it supports information security manager to execute isolation log analysis very effectively. It also provides isolation log analysis module which notifies hacking attack by analyzing isolation log.

• International Journal of Computer Science & Network Security
• /
• 제23권5호
• /
• pp.179-192
• /
• 2023

The widespread use of Cloud Computing, Internet of Things (IoT), and social media in the Information Communication Technology (ICT) field has resulted in continuous and unavoidable cyber-attacks on users and critical infrastructures worldwide. Traditional security measures such as firewalls and encryption systems are not effective in countering these sophisticated cyber-attacks. Therefore, Intrusion Detection and Prevention Systems (IDPS) are necessary to reduce the risk to an absolute minimum. Although IDPSs can detect various types of cyber-attacks with high accuracy, their performance is limited by a high false alarm rate. This study proposes a new technique called Fuzzy Logic - Objective Risk Analysis (FLORA) that can significantly reduce false positive alarm rates and maintain a high level of security against serious cyber-attacks. The FLORA model has a high fuzzy accuracy rate of 90.11% and can predict vulnerabilities with a high level of certainty. It also has a mechanism for monitoring and recording digital forensic evidence which can be used in legal prosecution proceedings in different jurisdictions.

• 한국전자거래학회지
• /
• 제25권3호
• /
• pp.109-130
• /
• 2020

최근 기술의 혁신을 위한 연구개발의 중요성이 커지고 있다. 연구개발의 급속한 발전은 다양한 긍정적 효과가 있지만, 동시에 정보 및 기술에 대한 유출 범죄를 가속화시키는 부정적 영향 또한 존재한다. 본 연구에서는 점차 심각해지는 연구개발 결과물 유출 사고를 대비하기 위해 조직 차원에서 이루어지는 연구개발 환경을 안전하게 보호할 수 있는 연구보안 수준측정 모형을 개발하였다. 먼저 국내외 연구개발 관련 보안정책들을 분석하고 종합하여, 연구보안 수준평가 항목 10개(연구보안 추진체계, 연구시설과 장비 보안, 전자정보 보안, 주요 연구정보 관리, 연구노트 관리, 지식재산권/특허 관리, 기술사업화 관리, 내부연구원 관리, 인가된 제3자 관리, 외부자 관리)를 전문가 인터뷰를 통해 도출하였다. 다음으로, 도출한 연구보안 수준평가 항목을 조직의 연구개발 환경에 다차원적 관점에서 적용 가능하도록 연구보안 수준평가 모형을 설계하였다. 마지막으로 모형에 대한 타당성을 검증하고, 실제 연구개발을 수행하는 조직을 대상으로 시범 적용하여 연구보안 수준을 평가해보았다. 본 연구에서 개발한 연구보안 수준평가 모형은 실제 연구개발을 수행하고 있는 조직 및 프로젝트의 보안 수준을 적절하게 측정하는 데 유용하게 활용될 수 있을 것으로 기대되고, 연구개발을 직접 수행하는 연구원들이 자체적으로 연구보안 체계를 수립하고 보안관리 대책을 마련하는 데 도움이 될 것이라 판단된다. 또한 연구개발을 수행하는 조직 차원의 보안성 향상뿐만 아니라 프로젝트 단위의 연구개발을 안전하게 수행함으로써, 연구개발 투자에 대한 안정적이고 효과적인 성과를 낼 수 있을 것이라 기대한다.

• International Journal of Fuzzy Logic and Intelligent Systems
• /
• 제11권4호
• /
• pp.229-237
• /
• 2011

As smart phones have become widely adopted, they have brought about changes in individual lifestyles, as well as significant changes in the industry. As the mobile technology of smart phones has become associated with all areas of industry, it is not only accelerating innovation in other industries such as shopping, healthcare service, education, and finance, but is also creating new markets and business opportunities. The preparation of thorough security measures for smart phones is increasing in demand. While offering excellent mobility and convenience, smart phones can be exposed to a range of violation threats. In particular, it is necessary to make efforts to develop a security system that can preemptively cope with potential security threats in the banking service area, which requires a high level of reliability. This paper suggests a security reference model that is considered for the smart phone-based joint mobile banking development project being undertaken by the Bank of Korea in 2010. The purpose of this study is to make a security reference model for a reliable smart phone-based mobile financial service, by recognizing the specific security threats directed toward smart phones, and providing countermeasures to these security threats. The proposed mobile banking security reference model is useful in improving system security by systematically analyzing information security threats to the mobile financial service, and by presenting the guideline for the preparation of countermeasures.

• 한국IT서비스학회지
• /
• 제19권6호
• /
• pp.83-95
• /
• 2020

"I think security is only trying to make it uncomfortable." "10% of my work is entering IDs and passwords, such as boot passwords, mobile phone authentication numbers, etc." As reflected in the complaint above, stress caused by information security among organizations' members is increasing. In order to strengthen information security, practical solutions to reduce stress are needed because the motivation of the members is needed in order for organizations to function properly. Therefore, this study attempts to suggest key factors that can enhance security while reducing information security stress among members of organizations. To this end, based on the theory of protection motivation, trust and security stress from information security policies are set as mediating factors to explain changes in security reinforcement behavior. Furthermore, risk, efficacy, and reaction costs of cyberattacks are considered as prerequisites. Our study suggests a solution to the security reinforcement problem by analyzing the factors that influence the behavior of members of organizations. In turn, this can raise protection motivation among members.

• 한국전자거래학회지
• /
• 제25권2호
• /
• pp.99-108
• /
• 2020

산업제어 시스템은 일반적인 IT 환경과는 다르게 보안성보다 안전성, 연속성이 중요시 되는 환경이다. 산업제어 시스템에 보안 사고가 발생할 경우 물리적인 동작을 컨트롤 할 수 있으므로 안전성과 연속성을 보장받을 수 없다. 따라서 물리적인 피해가 발생할 수 있고, 물리적인 피해가 인명피해까지 초래할 수 있다. 산업제어 시스템에 대한 사이버 공격은 단순히 사이버 피해라고 볼 수 없으며 테러라고 볼 수 있다. 그러나 아직까지 산업제어 시스템에 대한 보안이 많이 강화되지 않은 상태이고 실제로 많은 취약점들이 발생하고 있다. 본 논문에서는 산업제어시스템에서 사용하는 PLC 프로토콜을 대상으로 연결과정 및 패킷을 분석하고 프로토콜에 존재하는 보안 메커니즘을 우회하여 PLC를 원격에서 컨트롤 할 수 있음을 보인다. 이를 통해 산업제어 시스템에 대한 보안 경각심 제고를 하고자 한다.

• International Journal of Advanced Culture Technology
• /
• 제11권1호
• /
• pp.221-231
• /
• 2023

Nowadays, more and more countries are paying attention to basic teaching, so it can be found that they are carrying out a new round of basic teaching reform. The fundamental purpose is to adapt to the economic, cultural and technological development of the 21st century, so that their nationals will not be eliminated in the competition of the world environment, the spiritual civilization and material life of the nationals can be further improved, and they can have an advantage in the competition and catch up with the advanced level of the world. The cultivation of preschoolers' mental health determines the future development of a person. Through the long-term practice of art teaching at the Longyuan Branch of the District Third Kindergarten of Guangxi, This paper summarizes some effective teaching methods to cultivate children's connection ability and sense of security through aesthetic education.Firstly, preschoolers' contact ability was studied, and the aspects such as the definition of contact ability and the reasons for the formation of contact ability were explored. Secondly, the development of preschoolers' sense of security, what to avoid in order to develop a good sense of security and the effects of security on children were investigated. Finally, several specific teaching cases were written based on these theories. Through these cases, aesthetic education was utilized to promote preschoolers' contact ability and develop a sense of security. The study mainly draws the following conclusions that if children want to have a successful career, a happy family in the future, it is crucial to have the ability of connect and security in childhood. Aesthetic education can promote the formation of children's ability of connection and security.Finally, I write specific teaching cases based on the above theories and practice, through which these cases use aesthetic education to promote the formation of children's contact ability and sense of security.