• The Journal of the Korea institute of electronic communication sciences
• /
• v.8 no.12
• /
• pp.1841-1848
• /
• 2013

In this paper, the plans for improvement of real-time security monitoring accuracy and expansion of control region were investigated through comprehensive and systematic collection and analysis of the anomalous activities that inflow and outflow in the network on a large scale in order to overcome the existing security monitoring system based on stylized detection patterns which could correspond to only very limited cyber attacks. This study established an anomaly observation system to collect, store and analyze a diverse infringement threat information flowing into the darknet network, and presented the information classification system of cyber threats, unknown anomalies and high-risk anomalous activities through the statistics based trend analysis of hacking. If this security monitoring system utilizing darknet traffic as presented in the study is applied, it was indicated that detection of all infringement threats was increased by 12.6 percent compared with conventional case and 120 kinds of new type and varietal attacks that could not be detected in the past were detected.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1069-1086
• /
• 2013

Nowadays, web defacement becomes the utmost threat which can harm the target organization's image and reputation. These defacement activities reflect the hacker's political motivation or his tendency. Therefore, the analysis of the hacker's activities can give the decisive clue to pursue criminals. A specific message or photo or music on the defaced web site and the outcome of analysis will be supplying some decisive clues to track down criminals. The encoding method or used fonts of the remained hacker's messages, and hacker's SNS ID such as Twitter or Facebook ID also can help for tracking hackers information. In this paper, we implemented the web defacement analysis system by applying CBR algorithm. The implemented system extracts the features from the web defacement cases on zone-h.org. This paper will be useful to understand the hacker's purpose and to plan countermeasures as a IDSS(Investigation Detection Support System).

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.1
• /
• pp.67-80
• /
• 2012

Recently as the number of smartphone user is growing rapidly, android is also getting more interest in digital forensic. However, there is not enough research on digital data acquisition and analysis based on android platform's unique characteristics so far. Android system stores all the related recent systemwide logs from the system components to applications in volatile memory, and therefore, the logs can potentially serve as important evidences. In this paper, we propose a digital data acquisition and analysis system for android which extracts meaningful information based on the correlation of android logs and user activities from a device at runtime. We also present an efficient search scheme to facilitate realtime analysis on site. Finally, we demonstrate how the proposed system can be used to reconstruct the sequence of user activities in a more intuitive manner, and show that the proposed search scheme can reduce overall search and analysis time approximately 10 times shorter than the normal regular search method.

• International Journal of Computer Science & Network Security
• /
• v.22 no.12
• /
• pp.37-50
• /
• 2022

Modern supply chains include multiple activities from collecting raw materials to transferring final products. These activities involve many parties who share a huge amount of valuable data, which makes managing supply chain systems a challenging task. Current supply chain management (SCM) systems adopt digital technologies such as the Internet of Things (IoT) and blockchain for optimization purposes. Although these technologies can significantly enhance SCM systems, they have their own limitations that directly affect SCM systems. Security, performance, and scalability are essential components of SCM systems. Yet, confidentiality and scalability are one of blockchain's main limitations. Moreover, IoT devices are lightweight and have limited power and storage. These limitations should be considered when developing blockchain-based IoT-SCM systems. In this paper, the requirements of efficient supply chain systems are analyzed and the role of both IoT and blockchain technologies in providing each requirement are discussed. The limitations of blockchain and the challenges of IoT integration are investigated. The limitations of current literature in the same field are identified, and a secure and scalable blockchain-based IoT-SCM system is proposed. The proposed solution employs a Hyperledger fabric blockchain platform and tackles confidentiality by implementing private data collection to achieve confidentiality without decreasing performance. Moreover, the proposed framework integrates IoT data to stream live data without consuming its limited resources and implements a dualstorge model to support supply chain scalability. The proposed framework is evaluated in terms of security, throughput, and latency. The results demonstrate that the proposed framework maintains confidentiality, integrity, and availability of on-chain and off-chain supply chain data. It achieved better performance through 31.2% and 18% increases in read operation throughput and write operation throughput, respectively. Furthermore, it decreased the write operation latency by 83.3%.

• Korean Security Journal
• /
• no.24
• /
• pp.67-90
• /
• 2010

Today, the police alone can not prevent a crime. And the police is limited to meet for people's the increased needs on public safety. So the police and the community needs the cooperation of a variety of resources. Police in cooperation with community resources to respond to the crime's most professional and the private sector is a private security. However, the role of private security for cooperation policing is insufficient in South Korea. So for this study to build a cooperative policing in South Korea as private security for the following four kinds of directions are presented. First, as a private security of the United States and Japan, specializes in diversified business sectors. Simple human-oriented private security of the building security get out. Instead, take the high-tech crime prevention or industry complex security should be changed to a professional organization. Second, the interaction between police and private security should be increased. Police and private security through regular meetings between the need for mutual interests and build consensus is needed. The role of private security companies to be represented on the Security Association of South Korea's active role in the matter. Third, efforts to improve the image of private security activities and the publiciy activity of private security is needed. Some of the private security in an effort to escape a negative image to the people and actively promote a positive image is necessary. Finally, for South Korea to the level the cooperation between the police and private security are required to develop system models. Front-line policing priority in the field and the mutual understanding between the police and private security in an effort to have a positive perception is needed. Equal partners, especially the police and private security to private security companies to have recognized experts in their own recruitment and training should be improved by strengthening the expertise.

• Korean Security Journal
• /
• no.56
• /
• pp.145-163
• /
• 2018

Recently, security behavior of members of organizations has been recognized as a critical part of information security at the corporate level. Leakage of customers' information brings more attention to information security behavior of organizations and the importance of a task force. Research on information breach and information security is actively conducted of personal behavior toward security threats or members of organizations who use security technology. This study aims to identify factors of influence on information security behavior of members of organizations and to empirically find out how these factors affect information security behavior through behavior toward attitude, subjective norm and perceived behavior control. On the basis of the research, this study will present effective and efficient ways to foster information security activities of members of organizations. To this end, the study presented a research model that applied significant variables based on integration of Theory of Planned Behavior (TPB) and Theory of Protection Motivation (TPM). To empirically verify this research model, the study conducted a survey of members of organizations who had security-related work experience at companies. So, it is critical for members of organizations to encourage positive word of mouth (WOM) about information security behavior. Results show that based on the integration of TPM and TPB, perceived vulnerability, perceived severity, perceived efficiency and perceived barriers of information security behavior of members of organizations had significant influences on mediating variables such as behavior toward attitude, subjective norm, perceived behavior control and intention. They also had significant influences on organization information security behavior which is a dependent variable. This study indicates companies should introduce various security solutions so that members of the organizations can prevent and respond to potential internal and external security risks. In addition, they will have to take actions to inspect vulnerability of information system and to meet security requirements such as security patches.

• Journal of Digital Contents Society
• /
• v.1 no.1
• /
• pp.23-37
• /
• 2000

EDI is basically the concept of computer-to-computer exchange of messages relating to various types of activities or business areas, such as banking, trade, medicine, publishing, etc. Therefore, security, reliability and special functionality will be implicit requirements of EDI systems. We will design access control model to content security of these requirements. Access controls in information systems are responsible for ensuring that all direct access to the entities occur exclusively according to the access modes and rules fixed by security policies. On this paper, security policies for access control model are presented from the viewpoints of identity-based, rule-based, role-based policy. We give a design of access control model for secure EDI service based on the derived access control rules and operations to enforce the defined security policies. The proposed access control model provides integrity, confidentiality and a flow control of EDI messages.

• Convergence Security Journal
• /
• v.15 no.6_2
• /
• pp.3-10
• /
• 2015

Recent massive data breaches or major security incidents show that threats posed by insiders have greatly increased over time. Especially, authorized insiders can cause more serious problems than external hackers can. Therefore there is a growing need to introduce a system that can monitor the insider threats in real time and prevent data breaches or security incidents in early-stage. In this paper, we propose a EITMS(Enterprise Insider-Threats Management System). EITMS detects the abnormal behaviors of authorized insiders based on the normal patterns made from their roles, duties and private activities. And, in order to prevent breaches and incidents in early-stage, a scoring system that can visualize the insider threats is also included.

• Journal of the Korea Safety Management & Science
• /
• v.14 no.3
• /
• pp.119-126
• /
• 2012

Recently, the breakdown of online banking servers and the leakage of customer information give rise to much concern about the security of information systems in financial and banking companies in Korea. The enforcement of security for information system becomes much more important issue than earlier. However, the security reinforcement of information system is restricted by a budget. In addition, the activities' cost to secure information system from threatening are under uncertain circumstances and should be established by a human decision maker who is basically uncertain and vague. Thus, making the budget for information system is exposed to any extent of the risk for these reasons. First, we introduce brief fuzzy set theory and fuzzy AHP (Analytic Hierarchy Process) methodology. Then, the cost elements that comprise yearly budget are presented and the priorities among the cost elements are calculated by fuzzy AHP. The cost elements that are exposed to risk are evaluated from the both perspectives of the risk impact and risk occurrence possibility which are expressed as linguistic terms. To get information on the risk profiles-pessimistic, most likely, and optimistic-for each cost element, the evaluation is accomplished and the result is presented. At last, the budget ranges-minimum, mode, maximum-for each cost element are estimated with the consideration of the risk profiles.

• Nuclear Engineering and Technology
• /
• v.42 no.3
• /
• pp.231-236
• /
• 2010

The growth in global energy demand and the increased recognition of the impacts of carbon dioxide emissions from fossil fuel plants have aroused a renewed interest on nuclear energy. Many countries are looking afresh at building more nuclear power stations to deal with the twin problems of global warming and the need for more generating capacity. Many in the nuclear community are also anticipating a significant growth of new nuclear generation in the coming decades. If there is a nuclear renaissance, will the expansion of nuclear power be compatible with global non-proliferation and security? or will it add to the environmental burden from the large inventory of spent nuclear fuel already produced in existing nuclear power reactors? We learn from past peaceful nuclear activities that significant concerns associated with nuclear proliferation and spent-fuel management have resulted in a decrease in public acceptance for nuclear power in many countries. The terrorist attack in the United States (US) on September 11, 2001 also raised concern for security and worry that nuclear materials may fall into the wrong hands. As we increase the use of nuclear power, we must simultaneously reduce the proliferation, security and environmental risks in managing spent-fuel below where they are today.