• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.51-55
• /
• 2004

Currently, internet is deeply rooted in everyday life and many things are performed using internet in real-world, increased internet user because convenience. But then, internet accident is on the increase rapidly. Therefore, it is necessary that testing system generate automatically various attack patterns and traffic. In this paper, we describe method of design and implementation about AGT(attack generation test suite : simulator) system which generate various attack patterns using multiple agents.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.11a
• /
• pp.941-944
• /
• 2005

본 논문에서는 인터넷을 통해 다양한 컨테츠 서비스를 사용자가 편리하게 이용할 수 있도록 EAP-TLS 인증 방식과 SKKE(Symmetric-Key Key Establishment)방식을 이용하여 보다 효율적인 인증 메커니즘을 설계하였다. 제안하고 있는 메커니즘에서는 사용자가 인증서 방식을 통해 AS(AAA Server)로부터 인증을 받으면 AS 와 가맹 관계에 있는 CP(Contents Provider)에는 별도의 로그인 과정없이 서비스를 이용할 수 있는 SSO 서비스, 사용자 익명성, 프라이버시를 제공한다. 사용자가 익명성을 필요로 하는 컨텐츠 서비스를 이용할 경우 사용자의 익명성을 보장 해주고 AS 모르게 사용자와 CP 가 안전하게 서비스를 전송하기 위해 사용 할 세션키를 교환하고 CP 마다 다른 세션키를 사용함으로써 사용자의 프라이버시를 보장해 준다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.11c
• /
• pp.1811-1814
• /
• 2003

CC는 정보보호시스템의 국제표준이며 CC평가 및 인증체계에서는 평가기관을 운영하며 평가기관에서는 적정한 평가비 산정을 위한 근거가 필요하다. 본 연구에서는 CC기준과 기존의 PP 및 ST만을 바탕으로 하여 제품유형별 및 보증수준별 평가업무량의 상대적 배수를 평가실무자들의 경험, 보안기능의 사용율 개념, 기능점수방법 등을 이용하여 산정하였다. 본 결과는 CC평가환경에서 정보보호제품의 평가비 및 기간의 산정을 위한 기본자료로 활용될 수 있다.

• International Journal of Computer Science & Network Security
• /
• v.21 no.7
• /
• pp.159-168
• /
• 2021

Detecting cyber-attacks using machine learning or deep learning is being studied and applied widely in network intrusion detection systems. We noticed that the application of deep learning algorithms yielded many good results. However, because each deep learning model has different architecture and characteristics with certain advantages and disadvantages, so those deep learning models are only suitable for specific datasets or features. In this paper, in order to optimize the process of detecting cyber-attacks, we propose the idea of building a new deep learning network model based on the association and combination of individual deep learning models. In particular, based on the architecture of 2 deep learning models: Convolutional Neural Network (CNN) and Long Short Term Memory (LSTM), we combine them into a combined deep learning network for detecting cyber-attacks based on network traffic. The experimental results in Section IV.D have demonstrated that our proposal using the CNN-LSTM deep learning model for detecting cyber-attacks based on network traffic is completely correct because the results of this model are much better than some individual deep learning models on all measures.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.11a
• /
• pp.637-638
• /
• 2009

디지털 ID는 온라인 환경에서 사용자를 식별하기 위한 수단으로 사용되고 있다. 하지만 온라인상에 저장된 개인정보 노출뿐만 아니라 신원도용에 따른 사용자의 프라이버시 침해 및 금전적 피해 등으로 이어질 수 있어 이에 대한 관심과 중요성이 높아지고 있다. 따라서 본 논문에서는 전자적인 수단을 통해 정보 시스템에 제시되는 사용자 신원을 확인하는 전자 인증 과정과 신원 인증에 대한 보증 레별별 요구사항을 마련하고 있는 NIST SP 800-63을 분석하고자 한다.

• International Journal of Computer Science & Network Security
• /
• v.23 no.10
• /
• pp.157-163
• /
• 2023

The attack technique targeting end-users through phishing URLs is very dangerous nowadays. With this technique, attackers could steal user data or take control of the system, etc. Therefore, early detecting phishing URLs is essential. In this paper, we propose a method to detect phishing URLs based on supervised learning algorithms and abnormal behaviors from URLs. Finally, based on the research results, we build a framework for detecting phishing URLs through end-users. The novelty and advantage of our proposed method are that abnormal behaviors are extracted based on URLs which are monitored and collected directly from attack campaigns instead of using inefficient old datasets.

• International Journal of Computer Science & Network Security
• /
• v.23 no.12
• /
• pp.107-114
• /
• 2023

The attack technique by the malware distribution form is a dangerous, difficult to detect and prevent attack method. Current malware detection studies and proposals are often based on two main methods: using sign sets and analyzing abnormal behaviors using machine learning or deep learning techniques. This paper will propose a method to detect malware on Endpoints based on Event IDs using deep learning. Event IDs are behaviors of malware tracked and collected on Endpoints' operating system kernel. The malware detection proposal based on Event IDs is a new research approach that has not been studied and proposed much. To achieve this purpose, this paper proposes to combine different data mining methods and deep learning algorithms. The data mining process is presented in detail in section 2 of the paper.

• The Journal of Information Systems
• /
• v.16 no.1
• /
• pp.201-230
• /
• 2007

Recently, the growth of e-Learning systems and its related information technology has presented a unique challenge for both schools and industry. It would make an extremely phenomenal paradigm shift in the educational method and practice. Methods of assessing the quality of e-teaming services and contents are critical issue in both practice and research. Moreover, many researchers are interested in what qualify factors more affect to the Performance of e-Learning service. Nevertheless, service quality is a construct that is difficult to define and measure. e-Learning services are composed of many factors, and they are more complicated than the traditional education services because they we performed on the distance basis and the many platforms of IT infrastructure. The purposes of our research are to classify the e-Learning service dimension and identify their factors, to develop the measurement of the factors, and finally to test empirically their relationship between the service factors and e-Learning service performance. For the development of the service factors we considered SERVQUAL model and SERVPERF model which were developed in the service marketing area. The SERVQUAL model was more fitted to the e-Learning services than the latter. From that we derived several factors that fit to our research domain, ie, tangibles, access, reliability, credibility, security, responsiveness, assurance, empathy. We combined three factors of them(reliability, credibility, security) into a factor, system stability for the semantic simplicity, and divided responsiveness factor into system operator responsiveness and teacher responsiveness as the entity based dimension classification. In the e-Learning services research, Most researcher are mentioned the quality factors of contents, so we added to two contents quality factors, ie, contents production method and richness of contents itself. We examined the relationship between the service quality factors and e-Learning performance(student satisfaction and service reuse intention). As result three quality factors(contents production method, teacher responsiveness, empathy) significantly affected student satisfaction. To the other performance variable, ie, service reuse intention, the teacher related quality factors(such as teacher responsiveness, assurance, empathy) affected only. In conclusion, even in the on-line distance teaming, the teacher's role md earnestness is as important as ever.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.45 no.9
• /
• pp.67-74
• /
• 2008

This paper proposes, designs and implements an architecture of a server involved with the network camera based video surveillance systems to solve common problems including lack of inter-network operability at the video information sharing, drawback of bandwidth and processing-overhead caused by increase of the number of users, and difficulty of continuous monitoring over changes of network configurations. The proposed saver was designed to manage and service numerous network cameras and users as well as solving the existing problems by providing video distribution facility. Through the empirical study after applying the implemented server to a real video surveillance system we proved that the server can provide reasonable service quality while it processes several hundreds of simultaneous user connections under persisting more than one hundred connections to network cameras. We expect the developed video distribution server to enhance service quality of the large scale video surveillance systems for citizen-wide services such as traffic reporting informatics or natural calamities supporting.

• Strategy21
• /
• s.31
• /
• pp.220-250
• /
• 2013

South Korean national security strategy should be developed to effectively handle and counter increasing maritime threats and challenges. There are three major maritime threats South Korea faces today; maritime disputes on the EEZ boundary and Dokdo islet issues, North Korean threats, and international maritime security. Maritime disputes in the region are getting intensified and turned into a military confrontation after 2010. Now regional countries confront each other with military and police forces and use economic leverage to coerce the others. They are very eager to create advantageous de facto situations to legitimize their territorial claims. North Korean threat is also increasing in the sea as we witnessed in the Cheonan incident and Yeonpyoung shelling in 2010. North Korea resorts to local provocations and nuclear threats to coerce South Korea in which it may enjoy asymmetric advantages. The NLL area of the west sea would be a main hot spot that North Korea may continue to make a local provocation. Also, South Korean national economy is heavily dependent upon foreign trade and national strategic resources such as oil are all imported. Without an assurance on the safety of sea routes, these economic activities cannot be maintained and expanded. This paper argues that South Korea should make national maritime strategy and enhance the strength of naval forces. As a middle power, its national security strategy needs to consider all the threats and challenges not only from North Korea but also to maritime security. This is not a matter of choice but a mandate for national survival and prosperity. This paper discusses the importance of maritime security, changing characteristics of maritime threats and challenges, regional maritime disputes and its threat to South Korea's security, and South Korea's future security strategy and ways to enhance the role of naval forces. Our national maritime strategy needs to show middle and long term policy directions on how we will protect our maritime interests. Especially, it is important to build proper naval might to carry out all the roles and missions required to the military.