• International Journal of Computer Science & Network Security
• /
• v.21 no.12
• /
• pp.228-234
• /
• 2021

The article defines the problems of forming the models of government regulation of clustering, marketing management and labor market in the context of globalization, business bankruptcy risk and services market development. The clustering models based on the optimal partner network cooperation were proposed in order to ensure the strategic development of territories, to attract budget leading enterprises and to support small businesses. A descriptive model of government regulation of clustering, marketing management and labor market in the context of globalization, business bankruptcy risk and Covid-19 was determined.

• International Journal of Computer Science & Network Security
• /
• v.24 no.5
• /
• pp.205-211
• /
• 2024

The increasing number of botnet attacks incorporating new evasion techniques making it infeasible to completely secure complex computer network system. The botnet infections are likely to be happen, the timely detection and response to these infections helps to stop attackers before any damage is done. The current practice in traditional IP networks require manual intervention to response to any detected malicious infection. This manual response process is more probable to delay and increase the risk of damage. To automate this manual process, this paper proposes to automatically select relevant countermeasures for detected botnet infection. The propose approach uses the concept of flow trace to detect botnet behavior patterns from current and historical network activity. The approach uses the multiclass machine learning based approach to detect and classify the botnet activity into IRC, HTTP, and P2P botnet. This classification helps to calculate the risk score of the detected botnet infection. The relevant countermeasures selected from available pool based on risk score of detected infection.

• Convergence Security Journal
• /
• v.10 no.4
• /
• pp.31-37
• /
• 2010

The risks and threats in IT security systems to protect, prevent damage and Risk should be minimized. Context of information security products such as information processing, storage, delivery, and in the process of information system security standards, That is the basic confidentiality, availability, integrity and secondary clarity, potential evidence, detection, warning and defense capabilities, to ensure sufficient and should be. Web services are the most important elements in the security, the web nature of port 80 for the service to keep the door open as a structure, Web applications, web sources and servers, networks, and to hold all the elements are fundamental weaknesses. Accordingly, these elements through a set of Web application development errors and set-up errors and vulnerabilities in Web applications using their own home pages and web servers to prevent hacking and to improve the efficiency of Web services is proposed methodology performs security BMT.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.1
• /
• pp.59-74
• /
• 2020

The web space where web applications run is the cyber information warfare of attackers and defenders due to the open HTML. In the cyber attack space, about 84% of worldwide attacks exploit vulnerabilities in web applications and software. It is very difficult to detect web vulnerability attacks with security products such as web firewalls, and high labor costs are required for security verification and assurance of web applications. Therefore, rapid vulnerability detection and response in web space by automated software is a key and effective cyber attack defense strategy. In this paper, we establish a security risk management model by intensively analyzing security threats against web applications and software, and propose a method to effectively diagnose web and application vulnerabilities. The testing results on the commercial service are analyzed to prove that our approach is more effective than the other existing methods.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.18 no.2
• /
• pp.144-155
• /
• 2019

One of the issues of the automotive industry today is autonomous driving vehicles. In order to achieve level 3 or higher as defined by SAE International, harmonization of autonomous driving technology and connected technology is essential. Current vehicles have new features such as autonomous driving, which not only increases the number of electrical components, but also the amount and complexity of software. As a result, the attack surface, which is the access point of attack, is widening, and software security vulnerabilities are also increasing. However, the reality is that the essential security requirements for vehicles are not defined. In this paper, based on real attacks and vulnerability cases and trends, we identify the assets in the in-vehicle network and derive the threats. We also defined the security requirements and derived essential security requirements that should be applied at least to the safety of the vehicle occupant through risk analysis.

• Korean Security Journal
• /
• no.48
• /
• pp.177-206
• /
• 2016

The purpose of this study is to verify the factors that affect the fear of crime by applying the risk interpretation model. Especially, whereas previous studies have not proven micro individual factor that the risk interpretation model had presented, This study includes micro individual elements such as neighborhood factor, perceived risk of crime, fears of crime as main variables. This study utilized secondary data of the National Crime Victimization Survey 2012, conducted by the Korean Institute of Criminology. In this study, multiple regression analysis of two stages and Sobel Test were conducted for verifying the individual influence of each independent variables and identifying the causal relationship between the variables set out in the risk analysis model. As the result, it appeared that the higher level of perceived risk of crime, neighborhood factor, crime experience, education, income cause the higher degree of the fear of crime. On the other hand, the lower degree of age was found to induce the higher level of the fear of crime. In addition, female showed the higher degree of the fear of crime than man. The causal relationship between the variables set out in the risk interpretation model was presented significantly in all variables, except for education.

• Journal of Korean Society of Disaster and Security
• /
• v.13 no.4
• /
• pp.47-63
• /
• 2020

This study aimed to investigate the effects of social disaster risk perception levels of Koreans on government trust. To this end, differences in disaster risk perception levels based on social disaster types and the effects of social disaster risk perception levels on government trust were analyzed. In the preliminary survey, three types of social disasters with high risk levels (bird flu, fine dust, and nuclear power plants) were selected. The survey was conducted on 1,109 Korean men and women aged 20 years and older. First, the analysis results demonstrated that social disaster perception levels differed based on social disaster types. Second, the results showed that, in terms of social disasters, proactivity, personal knowledge, familiarity, severity, fear, and risk associated with chances of recovery did not affect government trust. Third, the perception of delayed social disaster risk had a positive effect on government trust. Fourth, scientific knowledge about social disasters, control capabilities, lethality, and risk perception at the onset time had a negative effect on government trust. In conclusion, the implications and limitations of this study were discussed.

• Journal of Korean Society of Disaster and Security
• /
• v.15 no.3
• /
• pp.31-40
• /
• 2022

Domestic disaster risk maps are mainly produced and studied as a single disaster map by grid unit and disaster type. In particular, it is necessary to present an evaluation method of the disaster risk map that is more suitable for the relevant facility (local road) in order to utilize the work of practitioners who are mainly in charge of facility maintenance. In this study, an evaluation method was presented to evaluate the risk with a focus on local roads by using the landslide risk map and debris flow risk map provided by the Korea Forest Service. In addition, the risk was evaluated and verified for the provinces located in Gangwon-do. As a result of the evaluation, it was possible to evaluate the risk of grades 1 to 5 for 1,513 evaluation sections in the evaluation section with a total length of 234.59 km.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.9
• /
• pp.4588-4608
• /
• 2017

The measurement of information security levels is a very important but difficult task. So far, various measurement methods have studied the development of new indices. Note, however, that researches have focused on the problem of attaining a certain level but largely neglecting research focused on the issue of how different types of possible flaws in security controls affect each other and which flaws are more critical because of these effects. Furthermore, applying the same weight across the board to these flaws has made it difficult to identify the relative importance. In this paper, the interrelationships among security flaws that occurred in the security controls of K-ISMS were analyzed, and the relative impact of each security control was measured. Additionally, a case-control study was applied using empirical data to eliminate subjective bias as a shortcoming of expert surveys and comparative studies. The security controls were divided into 2 groups depending on whether or not a security flaw occurs. The experimental results show the impact relationship and the severity among security flaws. We expect these results to be applied as good reference indices when making decisions on the removal of security flaws in an enterprise.

• International journal of advanced smart convergence
• /
• v.5 no.3
• /
• pp.27-31
• /
• 2016

High-tech industries in a state well enough to troubleshoot hacking information introduction a big barrier to delay the growth of the market related to IoT(Internet of Things) as is likely to be on the rise. This early on, security issues introduced in the solution, a comprehensive solution, including the institutional laws/precautions needed. Recent examples of frequent security threats while IoT is the biggest issue of introducing state-of-the-art industry information due to the vulnerable security hacking. This high-tech industries in order to bridge the information responsible for the target attribute, target range, and the protection of security and how to protect the subject, IoT environment (domestic industrial environment) considering the approach is needed. IoTs with health care and a wide variety of services, such as wearable devices emerge. This ensures that RFID/USN-based P2P/P2M/M2M connection is the implementation of the community. In this study, the issue on the high-tech industrial information and the vulnerable security issues of IoT are described.