• 정보보호학회논문지
• /
• 제25권1호
• /
• pp.181-195
• /
• 2015

과거 금융권은 고객 및 외부기관과의 연계업무 연속성을 위하여 외부 인터넷망과 내부 업무망을 통합 운영하였다. 그러나 이러한 환경은 악성코드의 유입을 통한 외부 공격 및 정보유출에 대한 위험을 내포하고 있어 금융감독 당국으로부터 보다 근본적인 기술적 관리적 보호대책이 요구되었다. 금융권은 인터넷을 통한 악성코드 감염, 해킹공격 등의 위협으로부터 IT자산을 보호하고, 고객의 개인정보 및 금융거래정보 등 중요정보의 유출을 차단하기 위하여 금융감독당국의 가이드라인에 따라 업무망과 인터넷망을 분리하고, 기존 환경 하에서 정의되었던 보안정책을 망분리 이후 환경에 맞게 재구성하고 있다. 본 연구는 망분리가 적용된 금융회사의 구축사례와 운영현황을 통하여 악성코드 유입 부분에 대한 망분리 정책의 효과를 살펴보고, 모든 경로의 악성코드 유입이 차단되었는지 확인하였다. 연구결과 망분리 이후에도 이동식 저장매체를 통한 악성코드의 감염경로가 완전히 차단되지 않았음을 확인하였다. 이에 따라 망분리 효과를 극대화 할 수 있는 이동식 저장매체의 통제 등의 효율적인 보안정책을 제시하고자 한다.

• 한국콘텐츠학회:학술대회논문집
• /
• 한국콘텐츠학회 2009년도 춘계 종합학술대회 논문집
• /
• pp.8-11
• /
• 2009

본 논문에서는 Extreme 스위치와 Cisco 라우터를 이용하여 가상의 네트워크를 구현하였으며 PIX 방화벽을 통해 외부 네트워크로부터의 보안을 강화하였고 내부 네트워크에 대한 보안 문제점은 802.1X 기반의 인증방식을 사용한 NAC를 적용시켜 구현함으로써 외부와 내부 네트워크의 통합적인 보안 플랫폼을 구성하였다.

• Journal of Communications and Networks
• /
• 제12권3호
• /
• pp.266-274
• /
• 2010

The efficient network resource management is one of the important topics in a real-time system. In this paper, we present a practical network resource management framework, control-theoretic packet scheduler (CPS) system. Using our framework, an operating system can schedule both input and output streams accurately and efficiently. Our framework adopts very portable feedback control theory for efficiency and accuracy. The CPS system is able to operate independent of the internal network protocol state, and it is designed to schedule packet streams in fine-grained time intervals to meet the resource requirement. This approach simplifies the design of the CPS system, and leads us to obtain the intended output bandwidth. We implemented our prototype system in Linux, and measured the performance of the network resource management system under various network QoS constraints. The distinctive features of our principles are as follows: It is robust and accurate, and its operation is independent of internal network protocols.

• 한국정보처리학회논문지
• /
• 제7권6호
• /
• pp.1949-1955
• /
• 2000

This paper proposes a multistage interconnection ATM switching network without internal blocking. The first is recirculating shuffle-exchange network improved on hardware complexity. The next is connected to Rank network with tree structure. In this network, after the packets transferred to the same output ports are given each priority, only a packet with highest priority is sent to the next, an the others are recirculated to the first. Rearrangeability through decomposition and composition algorithm is applied for the transferred packets in hanyan network and all they arrive at a final destinations. To analyze throughput, waiting time and packet loss ratio according tothe size of buffer, the probabilities are modeled by a binomial distribution of packet arrival.

• International Journal of Computer Science & Network Security
• /
• 제22권9호
• /
• pp.217-223
• /
• 2022

In modern business conditions, the improvement of business processes cannot do without digitalization. Digital technologies allow businesses to conquer markets, quickly introduce new technologies not only into production processes, but also at all levels of economic activity. The rapid pace of development of information, communication and economic spheres determine the relevance of the research topic and the goals that digital management solves. Today, the use of digital equipment and platforms makes it possible to form the basis for the formation of competitive business advantages, minimize costs, and most importantly, respond in time to changes in both the internal and external environment..Thus, the main task of the study is to analyze the digital management system in a business environment. As a result of the study, current trends and prerequisites for digital management system in a business environment were investigated.

• International Journal of Computer Science & Network Security
• /
• 제21권12호
• /
• pp.203-206
• /
• 2021

The article is devoted to the study of the problems of polygraphic research to obtain forensically significant information. An analysis of the legal basis for the use of the polygraph in Ukraine. Problematic issues concerning the appropriateness of using a polygraph in the investigation and detection of crimes have been studied. The domestic legal norms that regulate this issue, as well as foreign experience are analyzed. The article reveals the essence of the polygraph, the legal basis and requirements for its use. Attention is drawn to the main difficulties of using a polygraph and ways to solve them.

• Journal of Advanced Marine Engineering and Technology
• /
• 제40권10호
• /
• pp.906-915
• /
• 2016

In this study, a network monitoring system, including a secure 460-Network and a 460-Gateway, is designed and developed according with the requirements of the IEC (International Electro-Technical Commission) 61162-460 network standard for the safety and security of networks on board ships. At present, internal or external unauthorized access to or malicious attack on a ship's on board systems are possible threats to the safe operation of a ship's network. To secure the ship's network, a 460-Network was designed and implemented by using a 460-Switch, 460-Nodes, and a 460-Gateway that contains firewalls and a DMZ (Demilitarized Zone) with various application servers. In addition, a 460-firewall was used to block all traffic from unauthorized networks. 460-NMS (Network Monitoring System) is a network-monitoring software application that was developed by using an simple network management protocol (SNMP) SharpNet library with the .Net 4.5 framework and a backhand SQLite database management system, which is used to manage network information. 460-NMS receives network information from a 460-Switch by utilizing SNMP, SNMP Trap, and Syslog. 460-NMS monitors the 460-Network load, traffic flow, current network status, network failure, and unknown devices connected to the network. It notifies the network administrator via alarms, notifications, or warnings in case any network problem occurs. Once developed, 460-NMS was tested both in a laboratory environment and for a real ship network that had been installed by the manufacturer and was confirmed to comply with the IEC 61162-460 requirements. Network safety and security issues onboard ships could be solved by designing a secure 460-Network along with a 460-Gateway and by constantly monitoring the 460-Network according to the requirements of the IEC 61162-460 network standard.

• 대한전자공학회논문지
• /
• 제27권8호
• /
• pp.1239-1249
• /
• 1990

In this paper, using the neural network design techniques, an adaptive Mahalanobis distance classifier(AMDC) is designed. This classifier has three layers: input layer, internal layer and output layer. The connection from input layer to internal layer is fully connected, and that from internal to output layer has partial connection that might be thought as an Oring. If two ormore clusters of patterns of one class are laid apart in the feature space, the network adaptively generate the internal nodes, whhch are corresponding to the subclusters of that class. The number of the output nodes in just same as the number of the classes to classify, on the other hand, the number of the internal nodes is defined by the number of the subclusters, and can be optimized by itself. Using the method of making the subclasses, the different patterns that are of the same class can easily be distinguished from other classes. If additional training is needed after the completion of the traning, the AMDC does not have to repeat the trainging that has already done. To test the performance of the AMDC, the experiments of classifying 500 Hangeuls were done. In experiment, 20 print font sets of Hangeul characters(10,000 cahracters) were used for training, and with 3 sets(1,500 characters), the AMDC was tested for various initial variance \ulcornerand threshold \ulcorner and compared with other statistical or neural classifiers.

• 한국정보처리학회:학술대회논문집
• /
• 한국정보처리학회 2004년도 춘계학술발표대회
• /
• pp.1371-1374
• /
• 2004

본 논문에서는 내부 LAN(Local area network)에서 MSS(Maximum segment size)의 변화가 네트워크 성능에 미치는 영향에 대하여 분석한다. 내부 LAN에 웹 클라이언트와 웹 서버를 두고 이더넷(Ethernet)이 허용하는 사이즈 내에서 MSS 값의 변화가 네트워크의 성능에 미치는 영향을 분석한다. 처리량(Throughput), 이용률(Utilization), 분실율, 수신율, RTT(Round Trip Time)를 사용하여 성능을 평가하였다. 실험은 네트워크 시뮬레이터 중의 사실상 표준 도구인 NS-2로 한다.

• 한국감성과학회:학술대회논문집
• /
• 한국감성과학회 2000년도 춘계 학술대회 및 국제 감성공학 심포지움 논문집 Proceeding of the 2000 Spring Conference of KOSES and International Sensibility Ergonomics Symposium
• /
• pp.126-132
• /
• 2000

This paper presents a facial expression recognition based on Gabor wavelets that uses a fuzzy C-means(FCM) clustering algorithm and neural network. Features of facial expressions are extracted to two steps. In the first step, Gabor wavelet representation can provide edges extraction of major face components using the average value of the image's 2-D Gabor wavelet coefficient histogram. In the next step, we extract sparse features of facial expressions from the extracted edge information using FCM clustering algorithm. The result of facial expression recognition is compared with dimensional values of internal stated derived from semantic ratings of words related to emotion. The dimensional model can recognize not only six facial expressions related to Ekman's basic emotions, but also expressions of various internal states.