• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.6
• /
• pp.1399-1410
• /
• 2015

Gartner is requiring companies to considerably change their survival paradigms insisting that companies need to understand and provide again the upcoming era of data competition. With the revealing of successful business cases through statistic algorithm-based predictive analytics, also, the conversion into preemptive countermeasure through predictive analysis from follow-up action through data analysis in the past is becoming a necessity of leading enterprises. This trend is influencing security analysis and log analysis and in reality, the cases regarding the application of the big data analysis framework to large-scale log analysis and intelligent and long-term security analysis are being reported file by file. But all the functions and techniques required for a big data log analysis system cannot be accommodated in a Hadoop-based big data platform, so independent platform-based big data log analysis products are still being provided to the market. This paper aims to suggest a framework, which is equipped with a real-time and non-real-time predictive analysis engine for these independent big data log analysis systems and can cope with cyber attack preemptively.

• The KIPS Transactions:PartC
• /
• v.18C no.2
• /
• pp.71-78
• /
• 2011

Financial accidents such as password exposure of credit cards or bankbooks occur often when a password is inputted to ATM/CD(Automated Teller Machines and Cash Dispenser), so particular attention is required when inputting a password. This study suggested a method to input a password safely to prevent stealing a glance at a password in case of the use of ATM/CD. The method is that users input a password when numbers are randomly displayed and disappear not to notice the password even though someone is next to or behind the users. As methods to input a password safely, the study verified safety by dividing the methods into a test of shoulder surfing, an intuitive perspective, and a theoretical analysis. In addition, the result of implementation to apply the method to ATM/CD shows that a percentage of acquiring a password from the attack of shoulder surfing is found to be lower than an existing method, so password exposure can be prevented.

• Journal of the Korean Society for Aeronautical & Space Sciences
• /
• v.42 no.7
• /
• pp.594-600
• /
• 2014

In modern warfare, securing communication channel by combatting opponents' electromagnetic attack is a crucial factor to win the war. Military satellite digital transponder is a communication payload of the next generation military satellite that maintains warfare networks operational in the presence of interfering signals by securely relaying signals between ground terminals. The transponder in this paper is classified as a partial processing transponder which performs cost effective secure relaying in satellite communication links. The control functions of transmission security achieve immunity to hostile interferences which may cause malicious effects on the link. In this paper, we present an efficient architecture for implementing the control mechanism. Two major ideas of pipelined processing in per-group control and software processing of blocked band information dramatically reduce the complexity of the hardware. A control code sequence showing its randomness with uniform distribution is exemplified and qualification test results are briefly presented.

• The Journal of the Korea Contents Association
• /
• v.17 no.3
• /
• pp.231-237
• /
• 2017

Threat intelligences collected from cyber incident sharing system and security events collected from Security Information & Event Management system are analyzed and coped with expanding malicious code rapidly with the advent of big data. Analytical classification of the threat intelligence in cyber incidents requires various features of cyber observable. Therefore it is necessary to improve classification accuracy of the similarity by using multi-profile which is classified as the same features of cyber observables. We propose a multi-profile ensemble model performed similarity analysis on cyber incident of threat intelligence based on both attack types and cyber observables that can enhance the accuracy of the classification. We see a potential improvement of the cyber incident analysis system, which enhance the accuracy of the classification. Implementation of our suggested technique in a computer network offers the ability to classify and detect similar cyber incident of those not detected by other mechanisms.

• Journal of the Korean Society for Aeronautical & Space Sciences
• /
• v.31 no.6
• /
• pp.8-16
• /
• 2003

Aerodynamic characteristics over Micro Aerial Vehicle(MAV) in low Reynolds number regime are numerically studied using 3-D unsteady, incompressible Navier-Stokes flow solver with single partitioning method for multi-block grid. For more efficient computation of unsteady flows, this flow solver is parallel-implemented with MPl(Message Passing Interface) programming method. Firstly, MAV wing with not complex geometry is considered and then, we analyze aerodynamic characteristics over full MAV configuration varying the angle of attack. Present computational results show a better agreement with the experimental data by MACDL(Micro Aerodynamic Control and Design Lab.), Seoul National University. We can also find the conceptually designed MAV by MACDL has the static stability.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.19 no.4
• /
• pp.47-56
• /
• 2018

National-scale industrial control systems for gas, electric power, water processing, nuclear power, and traffic control systems increasingly use open networks and open standards protocols based on advanced information and communications technologies. The frequency of cyberattacks increases steadily because of the use of open networks and open standards protocols, but follow-up actions are limited. Therefore, the application of security solutions to an industrial control system is very important. However, it is not possible to apply security solutions to a real system because of the characteristics of industrial control systems. And a security system that can detect attacks without affecting the existing system is imperative. Therefore, in this paper, we propose an intrusion detection system based on packet analysis that can detect anomalous behaviors without affecting the industrial control system, and we verify the effectiveness of the proposed intrusion detection system by applying it in a test bed simulating a real environment.

• The Journal of Engineering Research
• /
• v.8 no.1
• /
• pp.87-95
• /
• 2006

Present time, the mobile telecommunication companies of our country are still using independence wireless internet platform. So, this carry many difficulties to the phone company and content provider company. Because even they develop one product and they must make it prepare for some platform of every mobile telecommunication companies. And this make the development more longer and more expensive. For this reason, SKT, LG telecom and KTF develop the new wireless internet platform named WIPI with ETRI. and the working is still go on and go ahead with propulsion. And if it come to reality, the WIPI will attached from much of attack such as hacking or virus. But some data exchange between mobile phone is so important as to flow. Thus, in this paper, we are design and implementation the data encryption system working at the WIPI in order to protect the data, we want to protect.

• Convergence Security Journal
• /
• v.2 no.2
• /
• pp.199-207
• /
• 2002

Comes in into recent times and there is on with a level where the attack against the computer virus and the hacking which stand is serious. The recently computer virus specific event knows is the substantial damage it will be able to occur from our life inside is a possibility of feeling. The virus which appears specially in 1999 year after seemed the change which is various, also the virus of the form which progresses appeared plentifully The part virus does it uses the password anger technique which relocates the cord of the oneself. Hereupon consequently the vaccine programs in older decode anger to do the password anger of the virus again are using emulation engine. The password anger technique which the like this virus is complicated and decode anger technique follow in type of O.S. and the type is various. It uses a multi emulation engine branch operation setup consequently from one system and to respect it will be able to use a multiple operation setup together it will use the VMware which is an application software which it does as a favor there is a possibility where it will plan 'Virus Test Simulation' and it will embody.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.327-331
• /
• 2004

The new cyber world has created by Internet that is prosperous rapidly. But with the expansion of Internet the hacking and intrusion are also increased very much. Actually there were many incidents in Internet, but the damage was restricted within a local area and local system. However, the Great 1.25 Internet Disturbance has paralyzed the national wide Internet environment. It because the Slammer Worm. The worm is a malformed program that uses both of the hacking and computer virus techniques. It autonomously attacks the vulnerability of Windows system, duplicates and spreads by itself. Jus like the Slammer Worm, almost every worms attack the vulnerability of Windows systems that installed in personal PC. Therefore, the vulnerability in personal PC could destroy the whole Internet world. So, in this paper we propose a Internet Worm Expanding Prevention System that could be installed in personal PC to prevent from expanding the Internet Worm. And we will introduce the results of developed system.

• Convergence Security Journal
• /
• v.7 no.1
• /
• pp.63-75
• /
• 2007

Most of computer systems to be connected to network have been exposed to some network attacks and became to targets of system attack. System managers have established the IDS to prevent the system attacks over network. The previous IDS have decided intrusions detecting the requested connection packets more than critical values in order to detect attacks. This techniques have False Positive possibilities and have difficulties to detect the slow scan increasing the time between sending scan probes and the coordinated scan originating from multiple hosts. We propose the port scan detection rules detecting the RST/ACK flag packets to request some abnormal connections and design the data structures capturing some of packets. This proposed system is decreased a False Positive possibility and can detect the slow scan, because a few data can be maintained for long times. This system can also detect the coordinated scan effectively detecting the RST/ACK flag packets to be occurred the target system.