• Journal of the Korea Society of Computer and Information
• /
• v.14 no.12
• /
• pp.157-167
• /
• 2009

Recently, the leakage of confidential information and personal information is taking place on the Internet more frequently than ever before. Most of such online security incidents are caused by attacks on vulnerabilities in web applications developed carelessly. It is impossible to detect an attack on a web application with existing firewalls and intrusion detection systems. Besides, the signature-based detection has a limited capability in detecting new threats. Therefore, many researches concerning the method to detect attacks on web applications are employing anomaly-based detection methods that use the web traffic analysis. Much research about anomaly-based detection through the normal web traffic analysis focus on three problems - the method to accurately analyze given web traffic, system performance needed for inspecting application payload of the packet required to detect attack on application layer and the maintenance and costs of lots of network security devices newly installed. The UTM(Unified Threat Management) system, a suggested solution for the problem, had a goal of resolving all of security problems at a time, but is not being widely used due to its low efficiency and high costs. Besides, the web filter that performs one of the functions of the UTM system, can not adequately detect a variety of recent sophisticated attacks on web applications. In order to resolve such problems, studies are being carried out on the web application firewall to introduce a new network security system. As such studies focus on speeding up packet processing by depending on high-priced hardware, the costs to deploy a web application firewall are rising. In addition, the current anomaly-based detection technologies that do not take into account the characteristics of the web application is causing lots of false positives and false negatives. In order to reduce false positives and false negatives, this study suggested a realtime anomaly detection method based on the analysis of the length of parameter value contained in the web client's request. In addition, it designed and suggested a WAF(Web Application Firewall) that can be applied to a low-priced system or legacy system to process application data without the help of an exclusive hardware. Furthermore, it suggested a method to resolve sluggish performance attributed to copying packets into application area for application data processing, Consequently, this study provide to deploy an effective web application firewall at a low cost at the moment when the deployment of an additional security system was considered burdened due to lots of network security systems currently used.

• Journal of Korea Game Society
• /
• v.16 no.2
• /
• pp.51-60
• /
• 2016

The incidents of massive personal information being leaked are occurring continuously over recent years. Personal information leaked outside is used for an illegal use of other's name and account theft. Especially it is happening on online games whose virtual goods, online game money and game items can be exchanged with real cash. When we research the real identity theft cases that happened in an online game, we can see that they happen massively in a short time. In this study, we define the characteristics of the mass attacks of the automated identity theft cases that occur in online games. Also we suggest a system to detect and prevent identity theft attacks in real time.

• The Journal of the Korea Contents Association
• /
• v.13 no.12
• /
• pp.568-574
• /
• 2013

In recent years, IT companies offer various cloud services using hardware-based technologies or software-based technologies. User can access these cloud services without the constraints of location or devices. The technologies are virtualization, provisioning, and big data processing. However, security incidents are constantly occurring even with these techniques. Thus, many companies build and operate private cloud service to prevent the leak of critical data. If virtual environment are different according to user permission, many system are needed, and user should login several virtual system to execute an program. In this paper, I suggest the access control method for application software on virtual operating system using the Open Authentication protocol in the Cloud system.

• The Journal of the Korea Contents Association
• /
• v.15 no.4
• /
• pp.179-187
• /
• 2015

Social unrest from retaliatory crimes is increasingly becoming problematic. Recently, there was an accident involving a suspect who went to a hospital and committed acts of retaliatory violence 11 times. This person's reasoning was that he was imprisoned due to the hospital's reporting to the police. He was consequently arrested in Boeun Choongbook on December 27th 2014. Accidents like this one take place frequently around our surroundings. There are regulations and systems in place. Nevertheless, similar cases that continue to take place makes us wonder if criminal judicial systems work well. Lukewarm responses to retaliatory crimes is not only threatening social security, but also placing fears in the minds of ordinary citizens. If retaliatory crimes take place, most citizens become apprehensive about criminal judicial activities of the police and mistrust for criminal judicial system. This at times discourages people from reporting incidents and could eventually increase crime rate and cause various social problems. Even though there are legal and systemic control measures, retaliatory crime is an increasing trend. This study is going to examine tendencies of internal retaliatory crimes and discuss legal-systemical responses.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.327-331
• /
• 2004

The new cyber world has created by Internet that is prosperous rapidly. But with the expansion of Internet the hacking and intrusion are also increased very much. Actually there were many incidents in Internet, but the damage was restricted within a local area and local system. However, the Great 1.25 Internet Disturbance has paralyzed the national wide Internet environment. It because the Slammer Worm. The worm is a malformed program that uses both of the hacking and computer virus techniques. It autonomously attacks the vulnerability of Windows system, duplicates and spreads by itself. Jus like the Slammer Worm, almost every worms attack the vulnerability of Windows systems that installed in personal PC. Therefore, the vulnerability in personal PC could destroy the whole Internet world. So, in this paper we propose a Internet Worm Expanding Prevention System that could be installed in personal PC to prevent from expanding the Internet Worm. And we will introduce the results of developed system.

• Journal of the Society of Disaster Information
• /
• v.7 no.3
• /
• pp.240-246
• /
• 2011

The professional ethics for the guard is defined as the professional ethics that the person working as a guard to have. The professional ethics education builds the certainty and confidence about professional ethics recognition as well as behavior for guards so that helps the successful performance of the job. Therefore, this study tried to consider previous researches, understand the current professional ethics education for the department related to the guard and the case studies of incidents due to lack of professional ethics education to suggest the measures of activating professional ethics education. First, it is to consider the specialty of the guard to build the guard-martial spirit. Second, the professional ethics education must be out of the central culture study but develop as a major subject. Third, the quality and professionalism of the responsible professor of the professional ethics subject shall be considered. Forth, the professional ethics education must be performed not only at school but also continuously through the various ethics programs of the work places as well as organizations.

• Korean System Dynamics Review
• /
• v.16 no.3
• /
• pp.5-29
• /
• 2015

The importance of the concept of safety culture has increased in the security of high-risk facility after Chernobyl accident in 1986. This paper elaborated the concept of safety culture and its main factors by Causal Loop Diagram. Due to the decline of safety culture, the occurrence of incidents and accidents require more and more corrective actions to the members of high-risk facilities and thereby increasing their workloads. Employees who must complete the task within the given time have to have time pressures and don't comply with the rules and procedures. Also, a schedule pressure is a big stress for employees, causing mistakes in precision work. In order to improve these problems, CLD of the safety culture in this paper suggests hiring more workers, re-allocation of given workloads and strengthen the learning, communication capabilities and safety leadership. In addition, the two real accident cases were analyzed to test the feasibility of the System Dynamic simulation model through the process of structuring the fault trees on the stationary black out accident in Kori unit 1 in South Korea and Kleen Energy power station explosion in US. The simulation results show that the various safety factors cause the serious accident combined with mechanical failure and safety culture will reduce the possibility of the accidents in these high-risk organizations. This simulation model can contribute to analyzing the impact of the organizational and human factors of safety culture and can provide the alternatives in high-risk facilities.

• Journal of Internet of Things and Convergence
• /
• v.7 no.1
• /
• pp.9-19
• /
• 2021

The data mining design incorporated with big data based cloud computing system is investigated for the nuclear terrorism prevention where the conventional physical protection system (PPS) is modified. The networking of terror related bodies is modeled by simulation study for nuclear forensic incidents. It is needed for the government to detect the terrorism and any attempts to attack to innocent people without illegal tapping. Although the mathematical algorithm of the study can't give the exact result of the terror incident, the potential possibility could be obtained by the simulations. The result shows the shape oscillation by time. In addition, the integration of the frequency of each value can show the degree of the transitions of the results. The value increases to -2.61741 in 63.125th hour. So, the terror possibility is highest in later time.

• Journal of the Society of Disaster Information
• /
• v.17 no.2
• /
• pp.375-390
• /
• 2021

Purpose: Most of cybersecurity breaches occur in SMEs. As the existing cybersecurity framework and certification system are mainly focused on financial and large companies, it is difficult for SMEs to utilize it due to lack of cybersecurity budget and manpower. So it is necessary to come up with measures to allow SMEs to voluntarily manage cyber risks. Method: After reviewing Cybersecurity market, cybersecurity items of financial institutions, cybersecurity framework comparison and cybersecurity incidents reported in the media, the criticality of cybersecurity items was analyzed through AHP analysis. And cybersecurity items of non-life insurers were also investigated and made a comparison between them. Result: Cyber risk management methods for SMEs were proposed for 20 major causes of cyber accidents. Conclusion: We hope that the cybersecurity risk assessment measures of SMEs in Korea will help them assess their risks when they sign up for cyber insurance, and that cyber risk assessment also needs to be linked to ERM standardization.

• Journal of Internet of Things and Convergence
• /
• v.8 no.1
• /
• pp.65-72
• /
• 2022

The Internet of Things (IoT) provides data convergence and sharing functions, and IoT technology is the most fundamental core technology in creating new services by convergence of various cutting-edge technologies. However, there are different classification systems for the Internet of Things, and when it is limited to the domestic public sector, it is difficult to properly grasp the current status of which devices are installed and operated with what share, and systematic data or research The results are very difficult to find. Therefore, in this study, the relevance of the classification system for IoT devices was analyzed according to reality based on sales, shipments, and growth rate, and based on this, the actual share of IoT devices among domestic public institutions was analyzed in detail. The derived detailed analysis results are expected to be efficiently utilized in the process of selecting IoT devices for research and analysis to advance information protection technology such as responding to malicious code attacks on IoT devices, analyzing incidents, and strengthening security vulnerabilities.