• Journal of Information Processing Systems
• /
• v.17 no.4
• /
• pp.851-865
• /
• 2021

Enterprise networks in the PyeongChang Winter Olympics were hacked in February 2018. According to a domestic security company's analysis report, attackers destroyed approximately 300 hosts with the aim of interfering with the Olympics. Enterprise have no choice but to rely on digital vaccines since it is overwhelming to analyze all programs executed in the host used by ordinary users. However, traditional vaccines cannot protect the host against variant or new malware because they cannot detect intrusions without signatures for malwares. To overcome this limitation of signature-based detection, there has been much research conducted on the behavior analysis of malwares. However, since most of them rely on a sandbox where only analysis target program is running, we cannot detect malwares intruding the host where many normal programs are running. Therefore, this study proposes a method to detect malware variants in the host through logs rather than the sandbox. The proposed method extracts common behaviors from variants group and finds characteristic behaviors optimized for querying. Through experimentation on 1,584,363 logs, generated by executing 6,430 malware samples, we prove that there exist the common behaviors that variants share and we demonstrate that these behaviors can be used to detect variants.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.5
• /
• pp.1171-1183
• /
• 2016

Today, many domestic companies often face the lawsuits from the U.S. companies as they expand their business in the U.S. market and it is necessary for the domestic companies to prepare for the e-Discovery process in the systematic manner. Yet, the e-discovery system has not been properly established in Korea, however, domestic companies are growing more and more interests in e-Discovery processes and procedures so that they are seeking for the appropriate actions that they should take when facing lawsuits. When adopting the e-Discovery system in Korea, there are three main considerations including the differences in laws and regulations, enterprise system and language and company culture. This study aims to draw the problems for the Korean domestic companies in responding the U.S. lawsuits and to suggest the specialized e-discovery processes and procedures to effectively overcome them.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12
• /
• pp.45-52
• /
• 2021

The article proves the relevance of developing conceptual frameworks for managing the quality assurance of logistics activities in the context of socio-economic interaction of their participants. It is established that the fundamental difference of the logistic approach in management from traditional approaches is the allocation of a single management function of previously separated, disparate material flows, as well as economic, technological, information integration of chain links into a single system capable of effective management of these flows. It is substantiated that the functioning of the enterprise as a logistics system can be represented in the form of a triad of logistics components, namely: supply logistics, production logistics, sales logistics. Management of quality assurance processes of logistics activities in the context of socio-economic interaction of their participants is a functional component of the entire logistics system due to the quality of work and interaction of all participants in the implementation of certain activities. The quality of logistics activities will affect the level of economic potential, rationalization and optimization of all logistics flows. It is proved that the management of quality assurance processes of logistics activities in the context of socio-economic interaction of their participants involves the following main areas: the introduction of a quality system of logistics processes; development and implementation of the general strategy of quality improvement at the enterprise; internal integration; controlling. Management of quality assurance processes of logistics activities in the context of socio-economic interaction of its participants requires compliance with the following requirements: systematic and comprehensive management of all flow processes; coordination of criteria and indicators for assessing the effectiveness of the entire logistics system; dissemination of the use and application of information technology; ensuring partnerships and close interaction of all participants in sales networks.

• Journal of Information Technology Services
• /
• v.19 no.5
• /
• pp.33-47
• /
• 2020

In recent years, due to the demand for operating efficiency and cost reduction of industrial facilities, remote access via the Internet is expanding. the control network accelerates from network separation to network connection due to the development of IIoT (Industrial Internet of Things) technology. Transition of control network is a new opportunity, but concerns about cybersecurity are also growing. Therefore, manufacturers must reflect security compliance and standards in consideration of the Internet connection environment, and enterprises must newly recognize the connection area of the control network as a security management target. In this study, the core target of the control system security threat is defined as the network boundary, and issues regarding the security architecture configuration for the boundary and the role & responsibility of the working organization are covered. Enterprises do not integrate the design organization with the operation organization after go-live, and are not consistently reflecting security considerations from design to operation. At this point, the expansion of the control network is a big transition that calls for the establishment of a responsible organization and reinforcement of the role of the network boundary area where there is a concern about lack of management. Thus, through the organization of the facility network and the analysis of the roles between each organization, an static perspective and difference in perception were derived. In addition, standards and guidelines required for reinforcing network boundary security were studied to address essential operational standards that required the Internet connection of the control network. This study will help establish a network boundary management system that should be considered at the enterprise level in the future.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.8 no.4
• /
• pp.788-794
• /
• 2007

The policy of US DoD is moving towards implementation of Network Centric Warfare(NCW) concepts. NCW is commonly described as the integration and synchronization of four key interdependent elements such as command and control, sensor system, engagement systems and the network. Therefore the military policy of Korea military is needed to access and examine the policy of NCW communication environment and crypto communication, which is able to apply it. In this case study, We are reviewed the security framework of the concept of network centric warfare in the centering around the US. It is introduced the core technology in the network centric warfare, and it is reviewed the security framework such as, the requirements of security, the characteristics security of global information grid, joint tactical radion system, net centric enterprise services, transformational communication satellite, in the basis of core technology, and analysis the effect of crypto communication relay between command node and surbornate node in NCW environment. This report support the assistance, which is considered the elements of surrounding effects in the varied crypto communication research area of NCW.

• Journal of Digital Convergence
• /
• v.10 no.4
• /
• pp.217-222
• /
• 2012

Group communication on the Internet is exploding in popularity. Video conferencing, Enterprise IM, desktop sharing, and numerous forms of e-commerce are but a few examples of the ways in which the Internet is being used for business. The growing use of group communication has highlighted the need for advances in security. There are several approaches to securing user identities and other information transmitted over the Internet. One of the foundations of secure communication is key management, a building block for encryption, authentication, access control, and authorization.

• International Journal of Computer Science & Network Security
• /
• v.24 no.4
• /
• pp.206-210
• /
• 2024

Industrial facilities that use modern IT technologies require the ensured reliability and security of information in automated enterprise management. Concurrently, so as to ensure a high quality of communication, it is necessary to expand the bandwidth of communication channels, which are limited by the physical parameters of the radio frequency spectrum. In order to overcome this contradiction, we propose the application of technology fundamental to ultra-wideband signals, in which the ratio between the bandwidth and its central part is greater than "one". For this reason, the information signal is emitted without a carrier frequency - simultaneously within the entire frequency band - provided that the signal level is lower than the noise level. For the transmission of information content, the method of positional-time coding is used, in which each information bit is encoded by hundreds of ultrashort pulses that arrive within a certain sequence. Mathematical models of signals and values observed in wireless communication systems with autocorrelation reception of modulated ultra-wideband signals are furthermore recommended. These assist in identifying features of the dependence of the error probability on the normalized signal-to-noise ratio and the signal base. Comparative analysis has shown that the best noise immunity of the systems considered in this paper is the communication system, which uses the time separation of the reference and information signals. During the first half of the bit interval, the switch closes the output of the transmitter directly to the generator of the ultra-wideband signal - forming a reference signal. In the middle of the bit interval, the switch alternates the output to one of two possible positions depending on the encoding signal - "zero" or "one", forming the information part of the ultra-wideband signal. It should also be noted that systems with autocorrelation reception and separate transmission of reference and information signals, provide a high level of structural signal secrecy. Furthermore, they provide the reliable transmission of digital information, especially in interference conditions.

• Management & Information Systems Review
• /
• v.3
• /
• pp.1-14
• /
• 1999

Recently, information resource management(IRM) has a considerable interest among researchers and practitioners because the information resource have been found critical influence on organizational performance. The IRM construct has been defined a comprehensive approach to planning, organizing, controlling the resources, and activities associated with acquiring and distributing data to meet a business need. This study have several objectives: 1) to operationalize the measurement instrument of IRM, 2) to identify the factors influencing organizational performance, and 3) to suggest the research model between IRM and organizational performance and then 4) to provide reference for managers to assess the IRM implementation in their organization. By reviewing the literature, past experience, others' use, encouragement by others, and anxiety are selected as the factors influencing IRM. The IRM construct has been classified with eight dimensions : chief information officer, planning, security, technology integration, advisory committees, enterprise model, information integration, and data administration. Eight hypotheses concerning the relationship between each of the IRM and organizational performance are suggested in this study.

• Journal of Information Technology and Architecture
• /
• v.9 no.1
• /
• pp.33-42
• /
• 2012

Present many organizations are introduced to smartwork for reducing the operational cost and getting the labor's flexibility. The smartwork is the future-oriented worker's environment in which they can engage in their task, anytime and anywhere conveniently and efficiently. In spite of many smartwork advantages, the security problems are major issues and prevent to introducing and spreading of smartwork for organizations. Therefore, the success of the organization for smartwork environment is put in place appropriate security control model. This study is about security threats for smartwork security control model. We apply the exploratory method for this research, which are reviewing, analyzing of literature for extracting the security threats and clustering of the extracted security threats. Finally we define the 16's security threats according to the aspect of smartwork service layers.

• KIPS Transactions on Computer and Communication Systems
• /
• v.12 no.4
• /
• pp.143-156
• /
• 2023

The domestic threat information sharing system to deal with various security threats in the rapidly changing cyber environment needs to be improved. In this study, to solve these problems and promote the activation of threat information sharing, we derive a research model based on the value-based containment model (VAM) for vital factors in information sharing. After conducting a Ricardian 5-point survey on a total of 204 individuals, the statistical results of the first 151 individuals were analyzed using SPSS and AMOS, and the statistical results of the second 204 individuals were analyzed using R-Studio. As a result, perceivability was found to have a significant impact as a core factor in the activation of cyber threat information sharing (β=0.405, p<0.01), and the hindrance factor was analyzed as innovation resistance (β=-0.152, p<0.01). Microscopically, the obtained results can be applied to factor analysis for activating information sharing of cyber threats by companies in the future, and macroscopically, they can contribute to the foundational development of a national cyber threat response system.