• Convergence Security Journal
• /
• v.15 no.7
• /
• pp.31-38
• /
• 2015

Recently the government civil affairs administration system has been advanced to a cloud computing environment from a simple network environment. The electronic civil affairs processing environment in recent years means cloud computing environment based bid data services. Therefore, there exist lots of problems in processing big data for the government civil affairs service compared to the conventional information acquisition environment. That is, it processes new information through collecting required information from different information systems much further than the information service in conventional network environments. According to such an environment, applications of providing administration information for processing the big data have been becoming a major target of illegal attackers. The objectives of this study are to prevent illegal uses of the electronic civil affairs service based on IPs nationally located in civil affairs centers and to protect leaks of the important data retained in these centers. For achieving it, the safety, usability, and security of services are to be ensured by using different authentication processes and encryption methods based on these processes.

• Strategy21
• /
• s.46
• /
• pp.29-56
• /
• 2020

Despite the deep concerns against the DPRK and the harsh sanctions imposed on it, the country renders the sanctions futile by facilitating various illegal trades such as the ship-to-ship transfers of petroleum or coal. Recently, the international community went into paying attention to solve this matter. Among the measures the community can take, "reinforcing the search and inspection of the DPRK related vessels transiting in the high and territorial seas" is the best policy approach to reduce the sanction evasion and provide the international community with considerable bargaining advantages. This measure requires the forceful action by legal enforcement agencies, also known as VBSS. (Visit, Board, Search, and Seizure) It would make the deals prohibited by the UNSCRs (United Nation Security Council Resolutions) less profitable by reducing the expected return on the deals and increasing the cost for them. So, it would make the illegal deals under the table less attractive. The DPRK has been able to render the sanctions futile by exploiting the limitations of the current maritime sanctions. The resolutions are short of being specific about law enforcement, and the PSI (Proliferation Security Initiative) is legally nonbinding. However, if the UNSCRs and the PSI are combined, they can generate a new source of power and exploit the weakness of the DPRK. Noting that the recent UNSCRs stipulated all the legal discussions in the resolutions are confined and applied only to the DPRK, the PSI can target the commercial trade as well as the WMD-related materials in the case of the DPRK's illegal maritime practices. Therefore, the PSI endorsing partners should go beyond mere commitments. They should discuss action plans to implement the maritime interdictions to the extent that they discourage the DPRK and its business partners continuing the illegal activities.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.6
• /
• pp.1447-1461
• /
• 2019

Evaluating battle damage after conducting an attack on selected targets during warfare is essential. However, regarding the assessment of battle damage caused by cyber-attacks, some methods available under limited circumstances have been suggested so far. Accordingly, this paper suggests a militarily applicable, comprehensive, and specific method of battle damage assessment from battle damage assessment methods in combat assessment theories from the understanding of cyberspace. By using cyberspace components, this paper classifies cyber targets, suggests the assessment methods of data damage, social cognitive damage, derived damage, and the existing battle damage assessment methods such as physical damage, functional damage, and target systems, and provides an example to demonstrate that this method is applicable to the actual past cyberattack cases.

• The KIPS Transactions:PartC
• /
• v.10C no.6
• /
• pp.675-682
• /
• 2003

Attackers collect vulnerabilities of a target computer system to intrude into it. And using several attack methods, they acquire root privilege. They steal and alter information in the computer system, or destroy the computer sysem. So far many intrusion detection systems and firewallshave been developed, but recently attackers go round these systems and intrude into a computer system . In this paper, we propose security kernel module to prevent attackers having acquired root privilege from doing illegal behaviors. It enhances administrator authentication with additional password, so prevents attackers from doing illegal behaviors such as modification of important files and installation of rootkits. It sends warning mail about sttacker's illegal behaviors to administrators by real time. So using information in the mail, they can estabilish new security policies.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.2
• /
• pp.327-333
• /
• 2014

The rapid expansion of the software industry has brought a serious security threat and vulnerability. Many softwares are constantly attacked by exploit codes using security vulnerabilities. Smart fuzzing is automated method to find software vulnerabilities. However, Many resources are consumed in fuzzing, because the fuzzing needs to create data model for target software and to analyze a data file and software binary. Therefore, The automated method for efficient smart fuzzing is needed to develop the automated data model. In this paper, through analysing the input file format and optimizing the data structure, we propose an efficient data modeling framework for smart fuzzing and implement the framework for detect software vulnerabilities.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.5
• /
• pp.1211-1221
• /
• 2016

In IoT environment, making sure of trust of IoT devices is the most important one than others. The security threats of nowadays almost stay at exposure or tampering of information. However, if human life is strongly connected to the Internet by IoT devices, the security threats will probably target human directly. In case of devices, authentication is verified using the device-known private key. However, if attacker can modify the device physically, knowing the private key cannot be the evidence of trust any more. Thus, we need stronger verification method like code attestation. In this paper, we use software-based code attestation for efficiency. We also suggest secure code attestation method against copy of original code and implement it on embedded device and analyze its performance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.3
• /
• pp.95-105
• /
• 2009

Spam call is one of the main security threat in VoIP services. In this paper, we have designed simulation model for performance evaluation of VoIP spam defense mechanism. The simulation model has functions for performance evaluation such as calls generation and input/output comparison. Four representative caller models have been developed for performance evaluation and each model has its own characteristics as statistical parameters. The target mechanism of performance evaluation is SPIT(Spam over Internet Telephony) level decision algorithm, and we have derived SPIT levels of caller models. The performance evaluation model is designed using the DEVS formalism and DEVSJAVA$^{TM}$ is exploited for development and execution of simulation models.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.4
• /
• pp.89-100
• /
• 2011

Physical memory analysis has been an issue on a field of live forensic analysis in digital forensics until now. It is very useful to make the result of analysis more reliable, because record of user behavior and data can be founded on physical memory although process is hided. But most memory analysis focuses on windows based system. Because the diversity of target system to be analyzed rises up, it is very important to analyze physical memory based on other OS, not Windows. Mac OS X, has second market share in Operating System, is operated by loading kernel image to physical memory area. In this paper, We propose a methodology for physical memory analysis on Mac OS X using symbol information in kernel image, and acquire a process information, mounted device information, kernel information, kernel extensions(eg. KEXT) and system call entry for detecting system call hooking. In additional to the methodology, we prove that physical memory analysis is very useful though experimental study.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.6
• /
• pp.141-152
• /
• 2011

Growing efforts and interests of security techniques in a diverse surveillance environment, the intelligent surveillance system, which is capable of automatically detecting and tracking target objects in multi-cameras environment, is actively developing in a security community. In this paper, we propose an effective visual surveillance system that is avaliable to track objects continuously in multiple non-overlapped cameras. The proposed object tracking scheme consists of object tracking module and tracking management module, which are based on hand-off scheme and protocol. The object tracking module, runs on IP camera, provides object tracking information generation, object tracking information distribution and similarity comparison function. On the other hand, the tracking management module, runs on video control server, provides realtime object tracking reception, object tracking information retrieval and IP camera control functions. The proposed object tracking scheme allows comprehensive framework that can be used in a diverse range of application, because it doesn't rely on the particular surveillance system or object tracking techniques.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.6
• /
• pp.1355-1362
• /
• 2012

As the utilization of cloud computing service rapidly increases to meet demands for various forms of service recently, the virtualization technology has made a rapid rise, further leading to some issues related to security, such as safety and reliability. As a system to provide environments what multiple virtual operating systems can be loaded, hypervisors may be a target of various attacks, such as control loss and authority seizure, since all the agents fcan be damaged by a malicious access to the virtualization layer. Therefore, this paper was conducted to investigate the access control for agents and suggest a plan to control malicious accesses to the cloud virtualization internal environment. The suggested technique was verified not to have effect on the performance of the system and environment through an analysis of its performance.