• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.4
• /
• pp.735-743
• /
• 2020

Secure coding is a technique that detects malicious attack or unexpected errors to make software systems resilient against such circumstances. In many cases secure coding relies on static analysis tools to find vulnerable patterns and contaminated data in advance. However, secure coding has the disadvantage of being dependent on rule-sets, and accurate diagnosis is difficult as the complexity of static analysis tools increases. In order to support secure coding, we apply machine learning techniques, such as DNN, CNN and RNN to investigate into finding major weakness patterns shown in secure development coding guides and present machine learning models and experimental results. We believe that machine learning techniques can support detecting security weakness along with static analysis techniques.

• Convergence Security Journal
• /
• v.10 no.3
• /
• pp.61-68
• /
• 2010

Recently a malware is increasing for leaking personal data, credit information, financial information, etc. The secondary damage is also rapidly increasing such as the illegal use of stolen name, financial fraud, etc. But when a system is infected by a malware of leaking information, the existing malware evidence collection tools do not provide evidences conveniently or sometimes cannot provide necessary evidences. So security officials have much difficulty in responding to malwares. This paper analyzes the current status and problems of the existing malware evidence collection tools and suggests new ways to improve those problems.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.8
• /
• pp.1989-2009
• /
• 2013

How to discover router vulnerabilities effectively and automatically is a critical problem to ensure network and information security. Previous research on router security is mostly about the technology of exploiting known flaws of routers. Fuzzing is a famous automated vulnerability finding technology; however, traditional Fuzzing tools are designed for testing network applications or other software. These tools are not or partly not suitable for testing routers. This paper designs a framework of discovering router protocol vulnerabilities, and proposes a mathematical model Two-stage Fuzzing Test Cases Generator(TFTCG) that improves previous methods to generate test cases. We have developed a tool called RPFuzzer based on TFTCG. RPFuzzer monitors routers by sending normal packets, keeping watch on CPU utilization and checking system logs, which can detect DoS, router reboot and so on. RPFuzzer' debugger based on modified Dynamips, which can record register values when an exception occurs. Finally, we experiment on the SNMP protocol, find 8 vulnerabilities, of which there are five unreleased vulnerabilities. The experiment has proved the effectiveness of RPFuzzer.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.4
• /
• pp.633-646
• /
• 2023

The increases in UAVs(Unman Aerial Vehicle) such as drone result in safety issues and the threat of illegal drone as well. Recognizing the need for Drone forensics, domestic and foreign organizations and agencies are trying to establish drone forensic guidelines. The definition of Drone forensic artifacts and examination of forensic tools must be provided, in order to establish a practical drone forensic framework on security sites and also the concept of drone live forensic which provides meaningful data that can be extracted in a live state. In this study, the drone forensic methodology covering various types of drones is explained, and the practical forensic methodology with live forensic PoC(Proof Of Concept) tools; LiPFo(Live-PX4-Forenensic) is proposed.

• Journal of KIISE:Information Networking
• /
• v.31 no.2
• /
• pp.207-216
• /
• 2004

IPsec protocol has been developed to provide security services to Internet. Recently IPsec is implemented on the various operating systems Hence, it is very important to evaluate the stability of the Ipsec protocol as well as other protocols that provide security services. However, there has been little effort to develop the tools that require to evaluate the stability of IPsec protocols. Therefore, in this paper, we develope the security requirements and suggest a security evaluation system for the Internet packet protection protocols that provide security services at the If level that can be used to check if the security protocols Provide the claimed services correctly This system can be used as debugging tool for developing IPsec based security system.

• Convergence Security Journal
• /
• v.9 no.4
• /
• pp.55-62
• /
• 2009

Industrial Security is a management activity protecting industrial asset of enterprise by application of security elements(physical, IP, conversion security tools) and can be understood as a comprehensive term including software aspect(establishment of policy and strategy, maintenance operation, post- response act, etc.) as well as the operation of hardware elements. In this paper, after recognizing the definition and relative concept of industrial security, the role and its relative laws of the industrial security organizations, the management system and the reality, I will find some problems and submit a reform measure. Furthermore I would like to propose the policy direction to enhance the national competitiveness and to become one of the advanced nations in 21st industrial security through the effective industrial security activities of our enterprises.

• Korean Security Journal
• /
• no.40
• /
• pp.57-86
• /
• 2014

As the revision of Building Code including applying crime prevention design to buildings passed recently and target hardening ought to be evidence-based, we studied the Modus Operandi (MO) and intrusion tools of domestic burglary to earn basic data for improvement of crime prevention hardware in the future. To be specific, we reviewed related academic literature and police official statistics of domestic burglary critically and interviewed detectives in charge of burglary to specify and categorize MO and tools. We can derive some implications from research findings, including improvement of the statistical system for the MO of burglary, active sharing of the MO of burglary among the criminal justice agencies and related industries and experts. Also, crime prevention advice and education for the local residents focused on MO of burglary can be recommended. Based on this research, to enhance the level of community safety significantly, performance tests of crime prevention hardware such as security doors and windows etc. and the study on related certification system should be vitalized.

• KIISE Transactions on Computing Practices
• /
• v.22 no.4
• /
• pp.178-183
• /
• 2016

To enhance the reliability of programs, developers use fuzzing tools in test processes to identify vulnerabilities so that they can be fixed ahead of time. In this case, the developers consider the security-related vulnerabilities to be the most critical ones that should be urgently fixed to avoid possible exploitation by attackers. However, developers without much experience of analysis of vulnerabilities usually rely on tools to pick out the security-related crashes from the normal crashes. In this paper, we suggest a static analysis-based tool to help developers to make their programs more reliable by identifying security-related crashes among them. This paper includes experimental results, and compares them to the results from MSEC !exploitable for the same sets of crashes.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.1
• /
• pp.81-91
• /
• 2012

Presently in 2011, there are countless attacking tools oriented to invading security on the internet. And most of the tools are possible to conduct the actual invasion. Also, as the program sources attacking the weaknesses of PS3 were released in 2010 and also various sources for attacking agents and attacking tools such as Stuxnet Source Code were released in 2011, the part for defense has the greatest burden; however, it can be also a chance for the defensive part to suggest and develop methods to defense identical or similar patterned attacking by analyzing attacking sources. As a way to cope with such attacking, this study divides the network areas targeted for attack based on load balancing by the approach gateways and communication lines according to the defensive policies by attacking types and also suggests methods to multiply communication lines. The result of this paper will be provided as practical data to realize defensive policies based on high hardware performances through enhancing the price competitiveness of hardware infrastructure with 2010 as a start.

• Journal of Korea Multimedia Society
• /
• v.2 no.2
• /
• pp.166-175
• /
• 1999

Since the intranet is a combination of open internet technologies and private information systems, various technologies for information security are essentially needed. On recent, a lot of firewall systems are being constructed to be secure the informations from external networks such as Internet in many private companies. Even though internal attacks are more frequently happened than external ones in the intranet environments, there are quite few researches on secure intranet and the internal threats are underestimated so far. In this paper, we study the security threats for each service in the intranet and propose the security models appropriate to the intranet environments by using several cryptographic tools and protocols. Furthermore, we implement the proposed security models in Java applications through computer simulation.