• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.8 no.5
• /
• pp.303-314
• /
• 2018

In the past few years, government agencies and corporations have succumbed to stealthy, tailored cyberattacks designed to exploit vulnerabilities, disrupt operations and steal valuable information. Security Information and Event Management (SIEM) is useful tool for cyberattacks. SIEM solutions are available in the market but they are too expensive and difficult to use. Then we implemented basic SIEM functions to research and development for future security solutions. We focus on collection, aggregation and analysis of real-time logs from host. This tool allows parsing and search of log data for forensics. Beyond just log management it uses intrusion detection and prioritize of security events inform and support alerting to user. We select Elastic Stack to process and visualization of these security informations. Elastic Stack is a very useful tool for finding information from large data, identifying correlations and creating rich visualizations for monitoring. We suggested using vulnerability check results on our SIEM. We have attacked to the host and got real time user activity for monitoring, alerting and security auditing based this security information management.

• The Journal of the Korea Contents Association
• /
• v.11 no.6
• /
• pp.33-41
• /
• 2011

RFID technology is already used in the various application fields such as identification card, traffic card and etc. Many RFID application systems using UHF have been developed in the field of asset management, logistics and security. Because a human being can make mistakes, we need the system that can efficiently manage the special assets such as small arms, jewelry and medicine and can monitor them in real time. In this paper, we proposed a special assets management system to keep assets in safe custody, to monitor their safety status in real time and to manage distribution channels and history of those assets. The developed system is called Smart Cabinet because it has cabinet's form. Smart Cabinet integrates such technologies as RFID, smart card, fingerprint recognition, several sensors and LCD display in order to provide the functions for special asset management. Those functions include condition monitoring of assets, traceability management, distribution channels and security logs, which are to interact with a management server. The article demonstrated the potentiality of RFID by presenting special asset management solutions dedicated to guns and medicine management, and also showed the effectiveness and possibility of those solutions.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.11 no.4
• /
• pp.81-87
• /
• 2015

Recently, with the development of the ICT environment, the use of the software is growing rapidly. And the number of the web server software used with a variety of users is also growing. However, There are also various damage cases increased due to a software security vulnerability as software usage is increasing. Especially web shell hacking which abuses software vulnerabilities accounts for a very high percentage. These web server environment damage can induce primary damage such like homepage modification for malware spreading and secondary damage such like privacy. Source code weaknesses checking system is needed during software development stage and operation stage in real-time to prevent software vulnerabilities. Also the system which can detect and determine web shell from checked code in real time is needed. Therefore, in this paper, we propose the system improving security for web server by detecting web shell attacks which are invisible to existing detection method such as Firewall, IDS/IPS, Web Firewall, Anti-Virus, etc. while satisfying existing secure coding guidelines from development stage to operation stage.

• Journal of Electrical Engineering and Technology
• /
• v.12 no.2
• /
• pp.495-501
• /
• 2017

The introduction of smart grid, which is an innovative application of digital processing and communications to the power grid, might lead to more and more cyber threats originated from IT systems. In other words, The Energy Management System (EMS) and other communication networks interact with the power system on a real time basis, so it is important to understand the interaction between two layers to protect the power system from potential cyber threats. This paper aims to identify and clarify the cyber security risks and their interaction with the power system in Smart Grid. In this study, the optimal power flow (OPF) and Power Flow Tracing are used to assess the interaction between the EMS and the power system. Through OPF and Power Flow Tracing based analysis, the physical and economic impacts from potential cyber threats are assessed, and thereby the quantitative risks are measured in a monetary unit.

• Journal of Electrical Engineering and Technology
• /
• v.4 no.3
• /
• pp.337-345
• /
• 2009

Deregulation in power industry has made the reactive power ancillary service management a critical task to power system operators from both technical and economic perspectives. Reactive power management in power systems is a complex combinatorial optimization problem involving nonlinear functions with multiple local minima and nonlinear constraints. This paper proposes a practical market-based reactive power ancillary service management scheme to tackle the challenge. In this paper a new model for voltage security and reactive power management is presented. The proposed model minimizes reactive support cost as an economic aspect and insures the voltage security as a technical constraint. For modeling validation study, two optimization algorithm, a genetic algorithm (GA) and particle swarm optimization (PSO) method are used to solve the problem of optimum allocation of reactive power in power systems under open market environment and the results are compared. As a case study, the IEEE-30 bus power system is used. Results show that the algorithm is well competent for optimal allocation of reactive power under practical constraints and price based conditions.

• Proceedings of the KIEE Conference
• /
• 2007.07a
• /
• pp.1662-1664
• /
• 2007

As the logistic environment of digital contents is rapidly changing, the protection of the digital rights for digital content has been recognized as one of critical issues. Digital Right Management(DRM) has taken much interest Internet Service Provider(ISP), authors and publishers of digital content as an interested approach to create a trusted environment for access and use of digital resources. This paper propose an interested digital rights protection scheme using license agent to address problems facing contemporary DRM approached : static digital rights management, and limited application to on-line environment. We introduce a dynamic mission control technology to realize dynamic digital rights management. And we incorporate license agent to on- and off-line monitoring and tracking. The proposed system prevent illegal access and use by using PKI security method, real time action monitoring for user, data security for itself.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.1
• /
• pp.71-79
• /
• 2009

Currently much research is being done on host based intrusion detection using system calls which is a portion of kernel based data. Sequence based and frequency based preprocessing methods are mostly used in research for intrusion detection using system calls. Due to the large amount of data and system call types, it requires a significant amount of preprocessing time. Therefore, it is difficult to implement real-time intrusion detection systems. Despite this disadvantage, the frequency based method which requires a relatively small amount of preprocessing time is usually used. This paper proposes an effective method for detecting denial of service attacks using the frequency based method. Principal Component Analysis(PCA) will be used to select the principle system calls and a bayesian network will be composed and the bayesian classifier will be used for the classification.

• Journal of Digital Contents Society
• /
• v.18 no.1
• /
• pp.225-229
• /
• 2017

In this paper, various units of industrial disaster safety threats as well as local and national facilities unit real-time detection and prevention refer to the corresponding system goes into disaster management preparedness, prevention, response recovery of phase I systematic ICT skills that can be managed more efficiently. In addition, the immediate disaster prevention and preparedness for early forecasting preemptive damage scale and high-tech information exchange technology to overcome the limitations of a human disaster in the field against the analysis and strategy of preemptive disaster safety management with smart risk management and prevention in response and recovery and the scene quickly and efficient mutual cooperation and effective collaboration and cooperation of the Community Center social security presented a smart disaster safety management system.

• Journal of the Korea Society of Computer and Information
• /
• v.9 no.4 s.32
• /
• pp.157-165
• /
• 2004

The paper suggests that web-server security management system will be able to detect the web service attack accurately and swiftly which is keeping on increasing at the moment and reduce the possibility of the false positive detection. This system gathers the results of many unit security modules at the real time and enhances the correctness of the detection through the correlation analysis procedure. The unit security module consists of Network based Intrusion Detection System module. File Integrity Check module. System Log Analysis module, and Web Log Analysis and there is the Correlation Analysis module that analyzes the correlations on the spot as a result of each unit security module processing. The suggested system provides the feasible framework of the range extension of correlation analysis and the addition of unit security module, as well as the correctness of the attack detection. In addition, the attack detection system module among the suggested systems has the faster detection time by means of restructuring Snort with multi thread base system. WSM will be improved through shortening the processing time of many unit security modules with heavy traffic.

• ETRI Journal
• /
• v.37 no.4
• /
• pp.696-706
• /
• 2015

This paper presents an achievable secure videoconferencing system based on quantum key encryption in which key management can be directly applied and embedded in a server/client videoconferencing model using, for example, OpenMeeting. A secure key management methodology is proposed to ensure both a trusted quantum network and a secure videoconferencing system. The proposed methodology presents architecture on how to share secret keys between key management servers and distant parties in a secure domain without transmitting any secrets over insecure channels. The advantages of the proposed secure key management methodology overcome the limitations of quantum point-to-point key sharing by simultaneously distributing keys to multiple users; thus, it makes quantum cryptography a more practical and secure solution. The time required for the encryption and decryption may cause a few seconds delay in video transmission, but this proposed method protects against adversary attacks.