• Nuclear Engineering and Technology
• /
• v.55 no.1
• /
• pp.37-44
• /
• 2023

Using the Kalman filtering technique, we propose a novel method for estimating the missing video frames to monitor the activities inside the control room of a nuclear power plant (NPP). The purpose of this study is to reinforce the existing security and safety procedures in the control room of an NPP. The NPP control room serves as the nervous system of the plant, with instrumentation and control systems used to monitor and control critical plant parameters. Because the safety and security of the NPP control room are critical, it must be monitored closely by security cameras in order to assess and reduce the onset of any incidents and accidents that could adversely impact the safety of the NPP. However, for a variety of technical and administrative reasons, continuous monitoring may be interrupted. Because of the interruption, one or more frames of the video may be distorted or missing, making it difficult to identify the activity during this time period. This could endanger overall safety. The demonstrated Kalman filter model estimates the value of the missing frame pixel-by-pixel using information from the frame that occurred in the video sequence before it and the frame that will occur in the video sequence after it. The results of the experiment provide evidence of the effectiveness of the algorithm.

• Journal of Digital Convergence
• /
• v.19 no.2
• /
• pp.231-238
• /
• 2021

SNS data can catch the user's thoughts and actions. And the trend of the search portal is a representative service that can observe the interests of users and their changes. In this paper, the relationship was analyzed by comparing statistics on narcotics incidents and the degree of exposure to narcotics related words in tweets of SNS and in the trends of search portal. It was confirmed that the trend of SNS and search portal trends was the same in the statistics of the prosecution office with a certain time difference.In addition, cluster analysis was performed to understand the meaning of tweets in which narcotics related words were mentioned. In the 50,000 tweets collected in January 2020, it was possible to find meaning related to the sale of actual drugs. Therefore, through SNS monitoring alone it is possible to monitor narcotics-related incidents and to find specific sales or purchase-related information, and this can be used in the investigation process. In the future, it is expected that crime monitoring and prediction systems can be proposed as related crime analysis may be possible not only with text but also images.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.9 no.2
• /
• pp.267-271
• /
• 2014

Nuclear power plant data networks and their associated safety systems are being modernized to include many information technology (IT) networks and applications. Along with the advancement of plant data networks (PDN), instrumentation and control systems are being upgraded with modern digital, microprocessor-based systems. However, nuclear PDN is confronted significant side-effects, which PDN is exposed to prevalent cyber threats typically found in IT environments. Therefore, cyber security vulnerabilities and possibilities of cyber incidents are dramatically increased in nuclear PDN. Consequently, it should be designed fully ensuring the PDN meet all reliability, performance and security requirements in order to overcome the disadvantages raised from adaption of IT technology. In this paper, we provide technical security criteria should be used in design and evaluation of secure PDN. It is believed PDN, which is designed and operated along with these technical security critera, effectively protect against possible outside cyber threats.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.1
• /
• pp.259-273
• /
• 2016

After realizing through the three large-scale data leakage incidents that intentional or accidental insider jobs are more serious than external intrusions, financial companies in Korea have been taking measures to prevent data leakage from occuring again. But, the IT system architecture reflecting the domestic financial environment is highly complicated and thereby difficult to grasp. It is obvious that despite administrative, physical, and technical controls, insider threats are likely to cause personal data leakage. In this paper, we present a process that based on metadata defines and manages personally identifiable attribute data, and that through inter-table integration identifies personal information broadly and controls access. This process is to decrease the likelihood of violating compliance outlined by the financial supervisory authority, and to reinforce internal controls. We derive and verify a decision-making model that reflects the proposed process.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.4
• /
• pp.737-744
• /
• 2012

Recently VoIP has provided voice(both wired and wireless from IP-based) as well as the transmission of multimedia information. VoIP used All-IP type, Gateway type, mVoIP etc. Wired and wireless VoIP has security vulnerabilities that VoIP call control signals, illegal eavesdropping, service misuse attacks, denial of service attack, as well as wireless vulnerabilities etc. from WiFi Zone. Therefore, the analysis of security vulnerabilities in wired and wireless VoIP and hacking incidents on security measures for research and study is needed. In this paper, VoIP (All-IP type, and for Gateway type) for system and network scanning, and, IP Phone to get the information and analysis of the vulnerability. All-IP type and Gateway type discovered about the vulnerability of VoIP hacking attacks (Denial of Service attacks, VoIP spam attacks) is carried out. And that is a real VoIP system installed and operated in the field of security measures through research and analysis is proposed.

• Journal of KIISE:Databases
• /
• v.36 no.5
• /
• pp.352-365
• /
• 2009

Recently, data access control policies have not been applied for authorized or unauthorized persons properly and information leakage incidents have occurred due to database security vulnerabilities. In the traditional database access control methods, administrators grant permissions for accessing database objects to users. However, these methods couldn't be applied for diverse access control policies to the database. In addition, another database security method which uses data encryption is difficult to utilize data indexing. Thus, this paper proposes an enhanced database access control system via a packet analysis method between client and database server in network to apply diverse security policies. The proposed security system can be applied the applications with access control policies related to specific factors such as date, time, SQL string, the number of result data and etc. And it also assures integrity via a public key certificate and MAC (Message Authentication Code) to prevent modification of user information and query sentences.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.2C
• /
• pp.119-131
• /
• 2012

Recently smart phones have been proliferating widely and quickly. Since the number of mobile apps that are being developed and deployed to domestic/international app stores is rising, more apps are being installed and deleted by users without any difficulty. The deployed apps are each attested through distinct verification framework of specific app stores. However, such verification frameworks are insufficient in checking security concerns. Unfortunately, the security verification framework is necessary since the incidents of leaking privacy and confidential information are being increased in lately. The aim of this paper is to provide the security verification framework that assures security and reliability of the e-government mobile apps. In order to verify proposed verification framework, a few apps were selected and inspected through proposed framework and these inspection results are included in this paper.

• KIPS Transactions on Computer and Communication Systems
• /
• v.4 no.2
• /
• pp.65-72
• /
• 2015

According to recent statistics published by the National Industrial Security Center, former and current employees are responsible for 80.4% of companies' technology leakages, and employees of cooperative firms are responsible for another 9.6%. This means that 90% of technology leakages are intentionally or mistakenly caused by insiders. In a recent incident, a credit card company leaked private information, and the person responsible was an employee of a cooperative firm. These types of incidents have an adverse effect not only on a company's assets but also on its reputation. Therefore, most institutions implement various security solutions to prevent information from being leaked. However, security solutions are difficult to analyze and distinguish from one another because their logs are independently operated and managed. A large number of logs are created from various security solutions. This thesis investigates how to prevent internal data leakage by setting up individual scenarios for each security solution, analyzing each scenario's logs, and applying a monitoring system to each scenario.

• Journal of the Korea Convergence Society
• /
• v.10 no.6
• /
• pp.33-39
• /
• 2019

As cyber attack methods are becoming more intelligent, incidents such as security breaches and international crimes are increasing. In order to predict and respond to these cyber attacks, the characteristics, methods, and types of attack techniques should be identified. To this end, many security companies are publishing security intelligence reports to quickly identify various attack patterns and prevent further damage. However, the reports that each company distributes are not structured, yet, the number of published intelligence reports are ever-increasing. In this paper, we propose a method to extract structured data from unstructured security intelligence reports. We also propose an automatic intelligence report analysis system that divides a large volume of reports into sub-groups based on their topics, making the report analysis process more effective and efficient.

• International Journal of Computer Science & Network Security
• /
• v.22 no.3
• /
• pp.135-140
• /
• 2022

Scientific and technological progress is also fundamental to the evolving merchant shipping industry, both in terms of the size and speed of modern ships and in the level of their technical capabilities. While the freight performance of ships is growing, the number of crew on board is steadily decreasing, as more work processes are being automated through the implementation of information technologies, including ship management systems. Although there have been repeated appeals from international maritime organizations to focus on building effective maritime security defenses against cyber attacks, the problems have remained unresolved. Owners of shipping companies do not disclose information about cyberattack attempts or incidents against them due to fear of commercial losses or consequences, such as loss of image, customer and insurance claims, and investigations by independent international organizations and government agencies. Issues of cybersecurity of control systems in the world today have gained importance, due to the fact that existing threats concern not only the security of technical means and devices, but also issues of environmental safety and safety of life at sea. The article examines the implementation of cyber risk management in the shipping industry, providing recommendations for the safe ship operation and its systems in order to improve vulnerability to external threats related to cyberattacks, and to ensure the safety and security of such a technical object as a seagoing ship.