• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 2002.11a
• /
• pp.72-81
• /
• 2002

Management for security product and application is becoming more difficult because they became more specialized. Most of research is focused on combining policies for information security management policy, security standard, and security tools. However, there are no researches for total solution for both application and security policy. Thereby, the purpose of this research is to propose a remote integrated management system based on linux. The system could efficiently manage data update for application and policy update for a server supporting the distinct configuration of each server. By using the remote integrated management system, system manager with poor secure knowledge also could easily manage their system securely.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1995.11a
• /
• pp.51-58
• /
• 1995

The importance of the risk analysis tool has been recognized and its use also has been emphasized by a number of researchers recently The methodology were examined but neither algorithms nor practical applications have been implemented or practiced in Korea. In this paper, the architecture of the Buddy System, one of the automated risk assessment tools. is analyzed in depth to provide the algorithmic understanding and to promote the development of the risk analysis methodology. The Buddy System mainly uses three main factors of vulnerability, threat and countermeasures as a nucleus of the qualatative analysis with the modified loss expectancy value. These factors are identified and assessed by the separation of duties between the end user and security analyst. The Buddy System uses five axioms as its bases of assessment algorithm and the assessed vulnerability level is strictly within these axioms. Since the In-place countermeasures reduce the vulnerability level up to a certain level. the security analyst may use "what if " model to examine the impact of additional countermeasures by proposing each to reduce the vulnerability level further to within the acceptable range. The emphasis on the qualitative approach on vulnerability leveling is very well balanced with the quantitative analysis that the system performance is prominent.prominent.

• International Journal of Computer Science & Network Security
• /
• v.22 no.11
• /
• pp.33-42
• /
• 2022

One of the most pressing socioeconomic problems confronting humanity on a worldwide scale is food security, particularly in light of the expanding population and declining land productivity. These causes have increased the number of people in the world who are at risk of starving and have caused the natural ecosystems to degrade at previously unheard-of speeds. Happily, the Internet of Things (IoT) development provides a glimmer of light for those worried about food security through smart agriculture-a development that is particularly relevant to automating food production operations in order to reduce labor expenses. When compared to conventional farming techniques, smart agriculture has the benefit of maximizing resource use through precise chemical input application and regulation of environmental factors like temperature and humidity. Farmers may make data-driven choices about the possibility of insect invasion, natural disasters, anticipated yields, and even prospective market shifts with the use of smart farming tools. The technical foundation of smart agriculture serves as a potential response to worries about food security. It is made up of wireless sensor networks and integrated cloud computing modules inside IoT.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.5
• /
• pp.1466-1488
• /
• 2022

Recently, the importance and necessity of artificial intelligence (AI), especially machine learning, has been emphasized. In fact, studies are actively underway to solve complex and challenging problems through the use of AI systems, such as intelligent CCTVs, intelligent AI security systems, and AI surgical robots. Information security that involves analysis and response to security vulnerabilities of software is no exception to this and is recognized as one of the fields wherein significant results are expected when AI is applied. This is because the frequency of malware incidents is gradually increasing, and the available security technologies are limited with regard to the use of software security experts or source code analysis tools. We conducted a study on MalDC, a technique that converts malware into images using machine learning, MalDC showed good performance and was able to analyze and classify different types of malware. MalDC applies a preprocessing step to minimize the noise generated in the image conversion process and employs an image augmentation technique to reinforce the insufficient dataset, thus improving the accuracy of the malware classification. To verify the feasibility of our method, we tested the malware classification technique used by MalDC on a dataset provided by Microsoft and malware data collected by the Korea Internet & Security Agency (KISA). Consequently, an accuracy of 97% was achieved.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2007.06a
• /
• pp.782-785
• /
• 2007

If existing system need to expand security part, the security was established after paying much cost, processing of complicated installation and being patient with inconvenience at user's view because of closed structure. In this thesis, those defects could be overcome by using open security tools and constructing security server, which is firewall of 'bastion' form including proxy server, certification server and so on. Also each security object host comes to decide acceptance or denial where each packet comes from, then determines security level each hosts. Precisely it is possible choosing the packets from bastion host or following at the other policies. Although an intruder enter into inside directly, it is constructed safely because encryption algorithm is applied at communication with security object host. This thesis suggests more flexible, independent and open security system, which improves existing security through systematic linkage between system security and network security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.3
• /
• pp.445-451
• /
• 2014

The related-key attack is regarded as one of the important cryptanalytic tools for the security evaluation of block ciphers. This is due to the fact that this attack can be effectively applied to schemes like block-cipher based hash functions whose block-cipher keys can be controlled as their messages. In this paper, we improve the related-key attack on lightweight block cipher PRINCE proposed in FSE 2013. Our improved related-key attack on PRINCE reduces data complexity from $2^{33}$ [4] to 2.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.12 no.4
• /
• pp.643-650
• /
• 2008

If existing system need to expand security part, the security was established after paying much cost, processing of complicated installation and being patient with inconvenience at user's view because of closed structure. In this thesis, those defects could be overcome by using open security tools and constructing security server, which is firewall of 'bastion' form including proxy server, certification server and so on. Also each security object host comes to decide acceptance or denial where each packet comes from, then determines security level each hosts. Precisely it is possible choosing the packets from bastion host or following at the other policies. Although an intruder enter into inside directly, it is constructed safely because encryption algorithm is applied at communication with security object host. This thesis suggests more flexible, independent and open security system, which improves existing security through systematic linkage between system security and network security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.6
• /
• pp.1315-1324
• /
• 2012

Security visualization is a form of the data visualization techniques in the field of network security by using security-related events so that it is quickly and easily to understand network traffic flow and security situation. In particular, the security visualization that detects the abnormal situation of network visualizing connections between two endpoints is a novel approach to detect unknown attack patterns and to reduce monitoring overhead in packets monitoring technique. However, the session-based visualization doesn't notice a difference between normal traffic and attacks that they are composed of similar connection pattern. Therefore, in this paper, we propose an efficient session-based visualization method for analyzing and detecting between normal server activities and attacks by using the IP address splitting and port attributes analysis. The proposed method can actually be used to detect and analyze the network security with the existing security tools because there is no dependence on other security monitoring methods. And also, it is helpful for network administrator to rapidly analyze the security status of managed network.

• 한국정보컨버전스학회:학술대회논문집
• /
• 2008.06a
• /
• pp.181-184
• /
• 2008

This work was supported by the MIC(Ministry of Information and Communication), Korea, under the ITRC(Information Technology Research Center) support program supervised by the IITA(Institute of Information Technology Assessment) and Yonsei University Institute of TMS Information Technology, a Brain Korea 21 program, Korea. CAD Tools were supported by IDEC.

• Convergence Security Journal
• /
• v.18 no.5_1
• /
• pp.75-81
• /
• 2018

As industries converge in recent years, the impact of the use of convergence tools among industries on the security of the organization is increasing. However, organizational members lack the ability to adapt to introduction of new system because they are operating business around existing systems, and thus, security considerations are an environment that will inevitably emerge as a follow-up priority. In this study, we studied cost-effective options for factors that should be considered first in order to establish a security system for small and medium-sized healthcare institutions in the healthcare convergence industry. Specifically, the current legal system was considered and the security status was analyzed through prior research, and the necessary security solution/system was derived from small and medium-sized healthcare institutions. In addition, it analyzed relative priorities for cost-efficient deployment of security systems to those involved in small and medium-sized healthcare institutions in actual business environments and presented measures to establish a overall security.