• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1087-1101
• /
• 2020

Various security devices are used to protect internal networks and valuable information from rapidly evolving cyber attacks. Firewall, which is the most commonly used security device, tries to prevent malicious attacks based on a text-based filtering rule (i.e., access control policy), by allowing or blocking access to communicate between inside and outside environments. However, in order to protect a valuable internal network from large networks, it has no choice but to increase the number of access control policy. Moreover, the text-based policy requires time-consuming and labor cost to analyze various types of vulnerabilities in firewall. To solve these problems, this paper proposes a 3D-based hierarchical visualization method, for intuitive analysis and management of access control policy. In particular, by providing a drill-down user interface through hierarchical architecture, Can support the access policy analysis for not only comprehensive understanding of large-scale networks, but also sophisticated investigation of anomalies. Finally, we implement the proposed system architecture's to verify the practicality and validity of the hierarchical visualization methodology, and then attempt to identify the applicability of firewall data analysis in the real-world network environment.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1998.12a
• /
• pp.303-314
• /
• 1998

전자상거래는 인터넷과 같이 보안성이 취약한 개방형 통신망에서 이루어지기 때문에 거래 주체간에 발생하는 거래 정보의 보호를 위하여 기밀성, 무결성, 부인봉쇄 및 인증 등의 정보보호 서비스가 제공되어야 한다. 이러한 문제를 해결하기 위하여 암호 알고리듬 및 전자서명 등이 사용되고 있다 본 논문에서는 전자상거래 절차를 분석하고 상거래 주체간에 발생하는 정보에 대한 위험요소를 주체별로 분석하여 정보보호 문제를 해결하기 위한 정보보호 메커니즘의 체계적 적용 방안을 제안하고자 한다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2001.11a
• /
• pp.348-352
• /
• 2001

본 논문은 다양한 침입행위를 탐지하고 보안시스템의 효율적 관리를 보장하는 국방전산망과 같은 대규모 네트워크 환경에 적합한 계층적 구조의 통합보안관리시스템 모델에 대한 연구이다. 전산망 위협요소 및 공격유형에 따른 취약점을 분석하여 필요한 전산망 보호기술을 판단하고 침입차단/탐지시스템, 안티바이러스 시스템, 취약점분석 시스템 등의 보안시스템과 상호연동 모델을 분석하여, 도출된 요구사항을 기반으로 대규모 조직에 적합한 계층구조의 통합보안관리시스템의 구축 방안을 제시하였다.

• Convergence Security Journal
• /
• v.9 no.2
• /
• pp.71-78
• /
• 2009

It is very difficult to apply previous security protocols to WSNs(Wireless Sensor Networks) directly because WNSs have resource constrained characteristics such as a low computing ability, power, and a low communication band width. In order to overcome the problem, we proposes a secure group communication scheme applicable to WSNs. The proposed scheme is a combined form of the TEEN(Threshold sensitive Energy Efficient sensor Network protocol) clustering based hierarchical routing protocol and security mechanism, and we assume that WSNs are composed of sensor nodes, cluster headers, and base stations. We use both private key and public key cryptographic algorithms to achieve an enhanced security and an efficient key management. In addition, communications among sensor nodes, cluster headers, and base stations are accomplished by a hierarchical tree architecture to reduce power consumption. Therefore, the proposed scheme in this paper is well suited for WSNs since our design can provide not only a more enhanced security but also a lower power consumption in communications.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.2
• /
• pp.13-26
• /
• 2001

This paper presents the network security modeling methodology and simulation using the hierarchical and modular modeling and simulation framework. Recently, Howard and Amoroso developed the cause-effect model of the cyber attack, defense, and consequences, Cohen has been proposed the simplified network security simulation methodology using the cause-effect model, however, it is not clear that it can support more complex network security model and also the model-based cyber attack simulation. To deal with this problem, we have adopted the hierarchical and modular modeling and simulation environment so called the System Entity Structure/Model Base (SES/MB) framework which integrates the dynamic-based formalism of simulation with the symbolic formalism of AI. Several simulation tests performed on sample network system verify the soundness of our method.

• Journal of Internet of Things and Convergence
• /
• v.3 no.1
• /
• pp.9-11
• /
• 2017

Recently, with the widespread use of the Internet and mobile devices, the number of attacks by hackers using the network is increasing. When connecting a network, packets are exchanged and communicated, which includes various information. We analyze the information of these packets using hierarchical clustering analysis and classify normal and abnormal packets to detect attacks. With this analysis method, it will be possible to detect attacks by analyzing new packets.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.12
• /
• pp.4275-4291
• /
• 2021

With the unprecedented growth of textual information on the Internet, an efficient automatic summarization system has become an urgent need. Recently, the neural network models based on the encoder-decoder with an attention mechanism have demonstrated powerful capabilities in the sentence summarization task. However, for paragraphs or longer document summarization, these models fail to mine the core information in the input text, which leads to information loss and repetitions. In this paper, we propose an abstractive document summarization method by applying guidance signals of key sentences to the encoder based on the hierarchical encoder-decoder architecture, denoted as KI-HABS. Specifically, we first train an extractor to extract key sentences in the input document by the hierarchical bidirectional GRU. Then, we encode the key sentences to the key information representation in the sentence level. Finally, we adopt key information representation guided selective encoding strategies to filter source information, which establishes a connection between the key sentences and the document. We use the CNN/Daily Mail and Gigaword datasets to evaluate our model. The experimental results demonstrate that our method generates more informative and concise summaries, achieving better performance than the competitive models.

• Proceedings of the Korean Operations and Management Science Society Conference
• /
• 2004.10a
• /
• pp.147-157
• /
• 2004

Enterprises and governments currently utilize COTS based information systems which are a kind of component based systems. Especially, COTS are widely utilized as information security systems and information systems including information security functions. This paper suggests an appropriate adaptation level of security functional components and a cost effective priority among them. To make a cost effective decision on adapting security functional components, this paper develops a hierarchical model of information security technologies and analyzes findings through multiple decision-making criteria.

• Journal of National Security and Military Science
• /
• s.1
• /
• pp.269-310
• /
• 2003

AS Extensible Markup Language(XML) is emerging as the data format of the Internet era, there are increasing needs to efficiently transform between database and XML documents. In this paper, we propose a schema transformation method from relational database to XML database. To transform the schema, we represent input schema as Entity-Relationship diagram. Entity-Relationship model translator scans the input Entity-Relationship diagram using BFS (breadth First Search) and translates the diagram into hierarchical structure model. The XML Schema generator produces XML Scema code using the transformed hierarchical structure model. The proposed method has a merit that having reusability facility of XML Schema property in comparison with existing researches.

• Journal of the Korea Society of Computer and Information
• /
• v.23 no.2
• /
• pp.53-61
• /
• 2018

In this paper, the author proposes an efficient group key agreement scheme in a mobile environment where group members frequently join and leave. This protocol consists of basic protocols and general ones and is expected to be suitable for communications between a mobile device with limited computing capability and a key distributing center (or base station) with sufficient computing capability. Compared with other schemes, the performance of the proposed protocol is a bit more efficient in the aspects of the overall cost for both communication and computation where the computational efficiency of the scheme is achieved by using exclusive or operations and a one-way hash function. Also, in the aspect of security, it guarantees both forward and backward secrecy based on the computational Diffie-Hellman (CDH) assumption so that secure group communication can be made possible. Furthermore, the author proves its security against a passive adversary in the random oracle model.