• 디지털산업정보학회논문지
• /
• 제5권4호
• /
• pp.87-97
• /
• 2009

Internet network routing system is used to prevent spread and distribution of malicious data traffic. This study is based on analysis of diagnostic weakness structure in the network security domain. We propose an improved integrated multi-level protection domain for in the internal route of groupware. This paper's protection domain is designed to handle the malicious data traffic in the groupware and finally leads to lighten the load of data traffic and improve network security in the groupware. Infrastructure of protection domain is transformed into five-stage blocking domain from two or three-stage blocking. Filtering and protections are executed for the entire server at the gateway level and internet traffic route ensures differentiated protection by dividing into five-stage. Five-stage multi-level network security domain's malicious data traffic protection performance is better than former one. In this paper, we use a trust evaluation metric for measuring the security domain's performance and suggested algorithm.

• Journal of Information Processing Systems
• /
• 제6권1호
• /
• pp.91-106
• /
• 2010

The rapid growth of communication and globalization has changed the software engineering process. Security has become a crucial component of any software system. However, software developers often lack the knowledge and skills needed to develop secure software. Clearly, the creation of secure software requires more than simply mandating the use of a secure software development lifecycle; the components produced by each stage of the lifecycle must be correctly implemented for the resulting system to achieve its intended goals. This study demonstrates that a more effective approach to the development of secure software can result from the integration of carefully selected security patterns into appropriate stages of the software development lifecycle to ensure that security designs are correctly implemented. The goal of this study is to provide developers with an Integrated Security Development Framework (ISDF) that can assist them in building more secure software.

• International Journal of Internet, Broadcasting and Communication
• /
• 제13권3호
• /
• pp.42-49
• /
• 2021

As cyber attacks become more intelligent, there is difficulty in detecting advanced attacks in various fields such as industry, defense, and medical care. IPS (Intrusion Prevention System), etc., but the need for centralized integrated management of each security system is increasing. In this paper, we collect big data for intrusion detection and build an intrusion detection platform using deep learning and CNN (Convolutional Neural Networks). In this paper, we design an intelligent big data platform that collects data by observing and analyzing user visit logs and linking with big data. We want to collect big data for intrusion detection and build an intrusion detection platform based on CNN model. In this study, we evaluated the performance of the Intrusion Detection System (IDS) using the KDD99 dataset developed by DARPA in 1998, and the actual attack categories were tested with KDD99's DoS, U2R, and R2L using four probing methods.

• 대한전기학회:학술대회논문집
• /
• 대한전기학회 2006년도 추계학술대회 논문집 전력기술부문
• /
• pp.21-23
• /
• 2006

As a general rule for evaluating dependability of a system, reliability is commonly considered which barely rays attention to the system behavior, however the estimation is based on the assumption of a fault-frost system, which may be impracticable and inaccurate especially for complicated system. This paper introduces a security and dependability integrated approach to analyze the availability of a fault-active system both from dependability and security points of view. Two fault modes involved are discussed about the impairment to the system reliance. The approach can be well applied to estimate and quantify the attribute of system robustness with the help of Markov chain process, which is good at solving status related problem. The comparison result between dual system and IEC61850-based almighty backup system is shown to sup-port the suggested approach.

• Journal of Electrical Engineering and Technology
• /
• 제7권3호
• /
• pp.443-450
• /
• 2012

As power grids are integrated into one big umbrella (i.e., Smart Grid), communication network plays a key role in reliable and stable operation of power grids. For successful operation of smart grid, interoperability and security issues must be resolved. Security means providing network system integrity, authentication, and confidentiality service. For a cyber-attack to a power grid system, which may jeopardize the national security, vulnerability of communication infrastructure has a serious impact on the power grid network. While security aspects of power grid network have been studied much, security mechanisms are rarely adopted in power gird communication network. For security issues, strict timing requirements are defined in IEC 61850 for mission critical messages (i.e., GOOSE). In this paper, we apply security algorithms (i.e., MD-5, SHA-1, and RSA) and measure their processing time and transmission delay of secured mission critical messages. The results show the algorithms satisfying the timing requirements defined in IEC 61850 and we observer the algorithm that is optimal for secure communication of mission critical messages. Numerical analysis shows that SHA-1 is preferable for secure GOOSE message sending.

• 융합보안논문지
• /
• 제15권7호
• /
• pp.97-102
• /
• 2015

최근 세계적으로 자연재해 등의 피해를 줄이기 위해 각 국가마다 통합재난안전관리시스템을 운영하고 있다. 특히, 재난경보 메시지를 보내기 위한 방법으로 디지털 사이니지(Digital Signage) 활용에 대한 연구가 이루어지고 있다. 본 논문에서는 디지털 사이니지에 대한 개념과 재난안전관리시스템을 살펴보고 재난안전통신망에서 요구되어지는 보안요구사항을 알아보았다. 또한, 디지털 사이니지를 활용한 재난안전 서비스에서 공통경보 메시지를 안전하게 디지털 사이니지 터미널에 전송하기 위해 공개키 인증기법을 사용한 프로토콜을 제안하였다. 제안 된 프로토콜은 공통경보 메시지를 해당 지역에 안전하게 표시될 수 있도록 하였다.

• 대한전기학회논문지:전력기술부문A
• /
• 제53권9호
• /
• pp.487-493
• /
• 2004

The electric power industry throughout the world is undergoing considerable changes from the vertically integrated utility structure to the deregulated market. However, the deregulated electricity market is operated with respect to theory of economical efficiency, and therefore, the system operator requires data with fast contingency ranking for security of the bulk power system. This paper compares the weather dependant probabilistic risk index(PRI) with the system performance index for power flow in the IEEE-RTS. The system performance index for power flow presents the power system stability. This paper presents fast calculation method for determining contingency ranking using the weather dependant probabilistic risk index(PRI). The probabilistic risk index can be classified into the case of normal and adverse weather. This paper proposes calculation method using the probabilistic risk index in determining contingency ranking required for security under the deregulated electricity market.

• 정보보호학회논문지
• /
• 제7권3호
• /
• pp.23-40
• /
• 1997

지금까지 유닉스 시스템의 보안을 점검하거나 향상시키기 위하여 다양한 보안 도구들이 공개 소프트웨어(public domain)로 개발되어 사용되었다. 그러나, 대부분의 보안 도구들은 편리하고 일관성 있는 사용자 인터페이스를 제공하지 않으며, 또한 시스템의 특정 부분에 대 한 점검 기능만을 제공한다. 따라서, 시스템의 전반적인 보안을 관리해야 하는 시스템 관리자는 사용하기 불편한 여러 개의 도구들을 함께 사용해야 한다. 게다가, 이러한 도구들은 영어권에서 개발되었기 때문에, 국내의 현실이 잘 반영되지 않는 면이 있다. 본 논문에서는 사용하기 편리하면서 시스템의 전반적인 보안 점검 기능을 제공하는 통합 보안 점검 도구로서 "지킴이"를 구현하였다. 지킴이는 시스템의 전반적인 보안 점검을 위한 계정 보안, 시스템 보안, 네트웍 보안, 화일 변경 검사 기능과, 관리자의 정기적인 시스템 관리를 효율적으로 지원하기 위한 주기적인 보안 점검 기능을 제공한다. 지킴이의 각 기능은 기존의 공개된 대표적인 보안 도구를 바탕으로 하였으며, 기존 도구들의 단순한 조합이 아니라, 시스템 전체의 보안을 위해 필수적인 기능을 제공하도록 구성하였다. 그리고, WWW를 바탕으로 하는 사용자 인터페이스를 제공하기 때문에, 사용자는 기존의 WWW 브라우저를 이용하여 시스템의 전반적인 보안 상태를 점검할 수 있다. 또한, 지킴이를 실제 운용 중인 유닉스 시스템의 보안 상태를 점검하기 위하여 적용하였으며, 이를 통해서 지킴이의 효용성을 확인하였다.용성을 확인하였다.

• 대한전기학회:학술대회논문집
• /
• 대한전기학회 1998년도 하계학술대회 논문집 C
• /
• pp.1009-1011
• /
• 1998

This paper presents a design of network and database structure of the integrated system for power system operational planning and analysis that will be more economical and stable of power system operation. An alias of this system is Highly Integrated Total Energy System(HITES). The Client/server model of HITES is designed as a remote data management model. The input/output-type of application programs and Oracle server is standardized. The separated user-databases from main-database strengthen security of HITES. It is plan to do that tables and relationships are defined by database designs. The connection of application program and DBMS of HITES will be tested through database design and data construction.

• 융합보안논문지
• /
• 제9권2호
• /
• pp.59-69
• /
• 2009

본 논문에서 RAPID를 이용한 통합개발환경을 위하여 가상 프로토타이핑 기반의 통합개발환경 연동 인터페이스를 설계 및 구현하였다. 연동 인터페이스를 통하여 서로 다른 가상 및 실물 임베디드시스템 프로토타입들간의 통합이 가능함을 제시하였다. 특히 구현 결과의 시험을 통하여 연동 인터페이스의 우수함을 입증하였다.