• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.4
• /
• pp.89-100
• /
• 2011

Physical memory analysis has been an issue on a field of live forensic analysis in digital forensics until now. It is very useful to make the result of analysis more reliable, because record of user behavior and data can be founded on physical memory although process is hided. But most memory analysis focuses on windows based system. Because the diversity of target system to be analyzed rises up, it is very important to analyze physical memory based on other OS, not Windows. Mac OS X, has second market share in Operating System, is operated by loading kernel image to physical memory area. In this paper, We propose a methodology for physical memory analysis on Mac OS X using symbol information in kernel image, and acquire a process information, mounted device information, kernel information, kernel extensions(eg. KEXT) and system call entry for detecting system call hooking. In additional to the methodology, we prove that physical memory analysis is very useful though experimental study.

• Convergence Security Journal
• /
• v.20 no.3
• /
• pp.109-114
• /
• 2020

Currently, in the 4th industrial revolution era(4IR), the convergent infrastructure has been established by actively utilizing data based on the existing digital technological innovation in the 3rd industrial revolution. Thus, the technological innovation based on the knowledge-information society needs to put innovative efforts for creating new business models in various areas. Thus, this study aims to present an Electronic Security Framework by suggesting the Cyber-Physical Security System(CPSS) that could more accurately predict and efficiently utilize it based on structured data obtained by collecting, analyzing, and processing an enormous amount of unstructured data which is a core technology distinguished from the 3rd industrial revolution.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.2
• /
• pp.217-224
• /
• 2011

Existing wire based physical security system solutions show limitations in time and space. In order to solve these deficiencies, a remote physical security system has been implemented using smart phone based on mobile cloud computing technique. The security functions of mobile cloud computing technique include mobile device user authentication, confidentiality of communication, integrity of information, availability of system, and target system access control, authority management and secure hand off etc. Proposed system has been constructed as remote building management system using smart phone, and also has been efficient to reduce energy cost (5~30%), result of system average access and response time 7.082 second. This systems are evaluated to have high efficiency compared to performance.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.23 no.11
• /
• pp.1478-1481
• /
• 2019

As core technologies(IoT, 5G, Cloud, Bigdata, AI etc) leading the Fourth Industrial Revolution promote smart convergence across the national socio-economic infrastructure, the threat of new forms of cyber attacks is increasing and the possibility of massive damage is also increasing. Reflecting this trend, cyber security is expanding from simple information protection to CPS(Cyber Physical System) protection that combines safety and security that implements hyper-connectivity and ultra-reliability. This study introduces the recent evolution of cyber attacks and looks at the next generation cyber security technologies based on the conceptual changes of cyber security technologies such as SOAR(Security Orchestration, Automation and Response) and Zero Trust.

• Convergence Security Journal
• /
• v.21 no.1
• /
• pp.19-24
• /
• 2021

The purpose of this study was to add CPTED to the information security area. The control items of ISO 27001 (11 types) and the application principles of CPTED (6 types) were mapped. And the relevance between the items was verified through the FGI meeting through 12 security experts. As a result of the survey, the control items with a relevance of at least 60% on average are security policy, physical and environmental security, accident management, and conformity. As a result, the comprehensive policy was shared with CPTED's items as a whole. The specialized control items are security organization, asset management, personnel security, operation management, access control, system maintenance, and continuity management. However, specialized control items were mapped with each item of CPTED. Therefore, information security certification and septed are related. As a result, environmental security can be added to the three major areas of security: administrative security, technical security, and physical security.

• KIEAE Journal
• /
• v.16 no.6
• /
• pp.77-82
• /
• 2016

Purpose: Almost every research carried out in our country against the natural disaster is focused on the temporary facilities such as temporary housing, emergency shelter and as a result, it is very hard to find out researches on the ordinary houses which installed integrated systems of hazard-resistant against the natural disaster. Method: To conduct this research, categorizing process for design, structural, environmental and installation elements found in the Hazard-Resistant and Reduction House built for sale in Japan was performed. Result: In this study, several design concepts and subordinate items are recommended for hazard-resistant housing. First, design concept of 'Preparedness' which means security and access to the storage storing goods especially food & beverage for the emergencies is needed. The subordinate items consist of security of stocking space, diversified and circular storage system, and safety storage system. Second, design concept of 'Security' which means security of physical safety space and rapid recovery to returning to daily life against natural disaster is needed. The subordinate items consist of many items including not only structure and facilities but also architectural design method. And finally, design concept of 'Maintenance, Support and Return' which means minimizing the physical and psychological damages and support safety and physical conditions of the victims from the impact of the disaster to returning to daily life is needed. The subordinate items consist of high efficiency insulation/airtightness design, microclimate design, combination of photovoltaic system and storage battery, non-power appliance system against the power failure, storing system for drinking water, rainwater storing and utilization system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.5
• /
• pp.931-938
• /
• 2013

It is hard to extract original data from encrypted data before getting the password in encrypted data with disk encryption software. This encryption key of disk encryption software can be extract by using physical memory analysis. Searching encryption key time in the physical memory increases with the size of memory because it is intended for whole memory. But physical memory data includes a lot of data that is unrelated to encryption keys like system kernel objects and file data. Therefore, it needs the method that extracts valid data for searching keys by analysis. We provide a method that collect only saved memory parts of disk encrypting keys in physical memory by analyzing Windows kernel virtual address space. We demonstrate superiority because the suggested method experimentally reduces more of the encryption key searching space than the existing method.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.4
• /
• pp.860-877
• /
• 2013

Cloud computing has become one of the most important technologies for reducing cost and increasing productivity by efficiently using IT resources in various companies. The cloud computing system has mainly been built for private enterprise, but public institutions, such as governments and national institutes, also plans to introduce the system in Korea. Various researches have pointed to security problems as a critical factor to impede the vitalization of cloud computing services, but they only focus on the security threats and their correspondents for addressing the problems. There are no studies that analyze major security issues with regard to introducing the cloud computing system. Accordingly, it is necessary to research the security factors in the cloud computing given to public institutions when adopting cloud computing. This research focuses on the priority of security solutions for the stepwise adoption of cloud computing services in enterprise environments. The cloud computing security area is classified into managerial, physical and technical area in the research, and then derives the detailed factors in each security area. The research derives the influence of security priorities in each area on the importance of security issues according to the identification of workers in private enterprise and public institutions. Ordered probit models are used to analyze the influences and marginal effects of awareness for security importance in each area on the scale of security priority. The results show workers in public institutions regard the technical security as the highest importance, while physical and managerial security are considered as the critical security factors in private enterprise. In addition, the results show workers in public institutions and private enterprise have remarkable differences of awareness for cloud computing security. This research compared the difference in recognition for the security priority in three areas between workers in private enterprise, which use cloud computing services, and workers in public institutions that have never used the services. It contributes to the establishment of strategies, with respect to security, by providing guidelines to enterprise or institutions that want to introduce cloud computing systems.

• Journal of the Korea Society of Computer and Information
• /
• v.20 no.3
• /
• pp.81-88
• /
• 2015

Recently the Security fields is emerged as a important issue in the world, While a variety of techniques such as a Cloud Computing or a Internet Of Things appeared. In these circumstances, The domestic security fields are divided into the Information Security, the Physical Security and the Convergence Security. and among these security fields, Convergence security is attracted much attention from various industries. the classification systems of a new field Convergence Security has become a very important criteria such about the Statistics calculation, the Analysis of status industry sector and the Road maps. However, In the domestic, The related institutions classified each other differently the Convergence Security Classification. so it is urgently needed a domestic security fields systematic classification due to the problems such as lack of reliability of the accuracy, compatibility of a data. Therefore, this paper will be analyzed to the characteristics of the domestic security classification systems by the cases. and will be proposed the newly improved classification system, to be possible to addition or deletion of an classification entries, and to be easy expanded according to the new technology trends. this proposed to classification system is expected to be utilized as a basis for the construct of a domestic security classification system in a future.

• ETRI Journal
• /
• v.36 no.1
• /
• pp.183-186
• /
• 2014

In this letter, we consider a cooperation system with multiple untrusted relays (URs). To keep the transmitted information confidential, we obtain joint channel characteristics (JCCs) through combining the channels from the source to the destination. Then, in the null space of the JCCs, jammers construct artificial noise to confuse URs when the source node broadcasts its data. Through a distributed implementation algorithm, the weight of each node can be obtained from its own channel state information. Simulation results show that high-level security of the system can be achieved when internal and external eavesdroppers coexist.