• Convergence Security Journal
• /
• v.18 no.5_1
• /
• pp.33-43
• /
• 2018

In this paper, we want to solve the problems that users want to search the progress of attack, continuity of attack, association between attackers and victims, blocking priority and countermeasures by using visualization interface with multi-rotational axis and radial axis structure. It is possible to effectively monitor and track security events by arranging a time series event based on a multi-rotational axis structured by an event generation order, a subject of an event, an event type, and an emission axis, which is an objective time indicating progress of individual events. The proposed interface is a practical visualization interface that can apply attack blocking and defense measures by providing the progress and progress of the whole attack, the details and continuity of individual attacks, and the relationship between attacker and victim in one screen.

• Proceedings of the IEEK Conference
• /
• 2006.06a
• /
• pp.831-832
• /
• 2006

In this paper, we introduce a canonical framework of the large-scaled web-based sensor gateway and practically implement it as the environment monitoring system. The system consists of a central management server, up to 250 local embedded subsystems and up to 250 sensor or actuator nodes for each subsystem. The node information is gathered periodically through a well-defined protocol on the sensor network and converted to the web contents and the SNMP MIB objects according to its data type. The MIB objects are well-defined and include system, network, sensor, actuator and alarm specific data classes. Because there is an increasing trend that a large number of sites are willing to adapt unmanned sensing and control, the developed system will play a key role to efficiently manage a large scale sensor networked system such as environment monitoring systems or countermeasure systems against disaster and calamities.

• International Journal of Computer Science & Network Security
• /
• v.22 no.7
• /
• pp.308-314
• /
• 2022

As a result of the global effect of infectious diseases like COVID-19, remote patient monitoring has become a vital need. Surgical ICU monitors are attached around the clock for patients in critical care. Most ICU monitor systems, on the other hand, lack an output port for transferring data to an auxiliary device for post-processing. Similarly, strapping a slew of wearables to a patient for remote monitoring creates a great deal of discomfort and limits the patient's mobility. Hence, an unique remote monitoring technique for the ICU monitor's physiologically vital readings has been presented, recognizing this need as a research gap. This mechanism has been put to the test in a variety of modes, yielding an overall accuracy of close to 90%.

• Journal of information and communication convergence engineering
• /
• v.18 no.1
• /
• pp.16-21
• /
• 2020

Owing to the convergence of the communication network with the control system and public network, security threats, such as information leakage and falsification, have become possible through various routes. If we examine closely at the security type of the current control system, the operation of the security system focuses on the threats made from outside to inside, so the study on the detection system of the security threats conducted by insiders is inadequate. Thus, this study, based on "Spotting the Adversary with Windows Event Log Monitoring," published by the National Security Agency, found that event logs can be utilized for the detection and maneuver of threats conducted by insiders, by analyzing the validity of detecting insider threats to the control system with the list of important event logs.

• Convergence Security Journal
• /
• v.21 no.1
• /
• pp.45-53
• /
• 2021

When the security monitoring system is performed in a separation network, there is little normal anomaly detection in internal networks or high-risk sections. Therefore, after the establishment of the security network, a model is needed to evaluate state-of-the-art cyber threat anomalies for internal network in separation network to complete the optimized security structure. In this study, We evaluate it by generating datasets of cyber vulnerabilities and malicious code arising from general and separation networks, It prepare for the latest cyber vulnerabilities in internal network cyber attacks to analyze threats, and established a cyber security test evaluation system that fits the characteristics. The study designed an evaluation model that can be applied to actual separation network institutions, and constructed a test data set for each situation and applied a real-time security assessment model.

• Journal of the Korea Computer Industry Society
• /
• v.6 no.3
• /
• pp.465-476
• /
• 2005

The wireless sensor network consists of a number of sensor nodes which have physical constraints. Each sensor node senses surrounding environments and sends the sensed information to Sink. In order to alleviate the inherent vulnerability in security of the wireless sensor nodes with the hardware constraints, the lightweight security protocol is needed and a variety of research is ongoing. In this paper, we propose a non-hierarchical sensor network and a security protocol that is suitable for monitoring man-made objects such as bridges. This paper, furthermore, explores a two-layer authentication, key distribution scheme which distributes the key and location of a sensor node in advance, and an effective security routing protocol which can take advantage of the Sleep and Awake state. This also results in the increased data transfer rate by increasing the number of alternative routing paths and the reduced energy consumption rate.

• Nuclear Engineering and Technology
• /
• v.35 no.3
• /
• pp.243-250
• /
• 2003

Nuclear power plants (NPPs) will be highly connected network enabled systems in the future. Using the network and web enabled tools, NPPs will be remotely monitored by operators at any time from any place connected to the network via a general web browser. However, there will be two major issues associated with this implementation. The first is the security issue. Only the authorized persons need to be allowed to access the plant since NPP is a safety-critical system. However, the web technology is open to the public. The second is the network disturbance issue. If operators can not access the plant due to network disturbances, the plant will come into the out-of-control situation. Therefore, in this work, we performed a conceptual design of a web-based remote monitoring and control system (RMCS) considering these issues.

• Journal of Korea Multimedia Society
• /
• v.19 no.12
• /
• pp.1981-1991
• /
• 2016

In recent, the advancement of wearable devices and wireless body area networking technologies motivate researchers to pay attention to remote healthcare system for monitoring patients health and disease progression effectively. However, in order to implement a practical remote healthcare system, we must consider the security and privacy of patient's personal health information transmitted to healthcare servers through the network. Hence, in this paper, we propose a secure health data transmission protocol in remote healthcare monitoring system to protect patient's health information and prevent privacy from eavesdropping on the network. To achieve our security goals, we design an efficient secure protocol based on the identity-based cryptography with key evolution technique, and then confirm the superiority and the efficiency of the proposed protocol as compared with the existing protocol of Yang et al.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.4
• /
• pp.1307-1323
• /
• 2014

With the exhaustion of global IPv4 addresses, IPv6 technologies have attracted increasing attentions, and have been deployed widely. Meanwhile, new applications running over IPv6 networks will change the traditional traffic characteristics obtained from IPv4 networks. Traditional models obtained from IPv4 cannot be used for IPv6 network monitoring directly and there is a need to investigate those changes. In this paper, we explore the flow features of IPv6 traffic and compare its difference with that of IPv4 traffic from flow level. Firstly, we analyze the differences of the general flow statistical characteristics and users' behavior between IPv4 and IPv6 networks. We find that there are more elephant flows in IPv6, which is critical for traffic engineering. Secondly, we find that there exist many one-way flows both in the IPv4 and IPv6 traffic, which are important information sources for abnormal behavior detection. Finally, in light of the challenges of analyzing massive data of large-scale network monitoring, we propose a group flow model which can greatly reduce the number of flows while capturing the primary traffic features, and perform a comparative measurement analysis of group users' behavior dynamic characteristics. We find there are less sharp changes caused by abnormity compared with IPv4, which shows there are less large-scale malicious activities in IPv6 currently. All the evaluation experiments are carried out based on the traffic traces collected from the Northwest Regional Center of CERNET (China Education and Research Network), and the results reveal the detailed flow characteristics of IPv6, which are useful for traffic management and anomaly detection in IPv6.

• Convergence Security Journal
• /
• v.12 no.3
• /
• pp.75-83
• /
• 2012

Recent science technology research network moves to establish logical private network among specific research groups such as high energy physics and climate, requiring to implement private network by group for each purpose. Up to now, national research networks such as KREONET service high capacity logical private networks. Therefore standardized configuration and management scheme is essential for the deployment of logical private network. In this study, we propose the core service element and protocols for the logical networks over Layer 2 networks. We also propose system architecture that make monitoring and management easier. After that we design and implement monitoring map for logical network based on scheme. For this purpose, we also propose the description system for logical research network to provide data such as operation information, formation information, performance information and failure information of network infrastructure resource.