• Convergence Security Journal
• /
• v.6 no.2
• /
• pp.71-80
• /
• 2006

Sensor network is made from very small and restrictive-power nodes, and they collect some information of environment like as thermal and tremor, etc. And they transfer the information to each other. Generally, supporting the Security service of sensor network is a difficult work, because the nodes have very small cpu-power and low electronic-power. So, More effective management scheme will needed for the maintenance of stability. In this paper, we propose the location based management scheme with circular coordinates. We were make the with the relative location information from one node to other. The new scheme show more simple and effective result then the other method for key management.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37B no.12
• /
• pp.1160-1167
• /
• 2012

Identifying traffic is an important issue for many networking applications including quality of service, firewall enforcement, and network security. Once we know the purpose of using the traffic in the firewall, we can allow or deny it and provide quality of service, and effective operation in terms of security. However, a number of applications encrypts traffics in order to enhance security or privacy. As a result, effective traffic monitoring is getting more difficult. In this paper, we analyse SSH encrypted traffic and identify differences among SSH tunneling, SFTP, and normal SSH traffics. By using EM clustering, we identify traffics and validate experiment results.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.4
• /
• pp.1751-1767
• /
• 2016

Home security has become the prime concern for everyone in present scenario. In this work an attempt has been made to develop a home security system which is accessible, affordable and yet effective.The proposed system is based on 'Remote Embedded Control System' (RECS) which works both on the web and gsm platform for authentication and monitoring. This system is therefore cost effective as it relies on existing network infrastructure. As PCA is most popular and efficient algorithm for face recognition, it has been usedin this work. Next to it an interface has been developed for communication purpose in the embedded security system through the ZigBee module. Based on this embedded system, automated control of door movement has been implemented through electromagnetic door lock technology. This helps the users to monitor the real-time activities through web services/SMS. The web service consists of either web browser command or e-mail provision. The system establishes the communication between the system and authenticated user. The e-mail received by the system from the authorized person will monitor and control the real-time operation and door lock. The entire control system is reinforced using ARM1176JZF-S microcontroller and tested for actual use in the home environment. The result shows the experimental verification of the proposed system.

• Journal of Broadcast Engineering
• /
• v.13 no.1
• /
• pp.92-98
• /
• 2008

Network data modeling is a essential research for the evaluation for intrusion detection systems performance, network modeling and methods for analyzing network data. In network data modeling, real data from the network must be analyzed and the modeled data must be efficiently composed to reflect a sufficient amount of the original data. In this parer the useful elements of real network data were quantified from packets captured from a huge network. Futhermore, a statistical analysis method was used to find the most effective element for efficiently classifying the modeled data.

• International Journal of Computer Science & Network Security
• /
• v.24 no.7
• /
• pp.101-107
• /
• 2024

Cloud computing is a widely used technology that has changed the way people and organizations store and access information. This technology is quite versatile, which is why extensive amounts of data can be stored in the cloud. Furthermore, businesses can access various services over the cloud without having to install applications. However, the cloud computing services are provided over a public domain, which means that both trusted and non-trusted users can access the services. Though there are several advantages of cloud computing services, especially to business owners, various challenges are also posed in terms of the privacy and security of information and online services. A kind of threat that is widely faced in the cloud environment is the on/off attack. In this kind of attack, a few entities exhibit proper behavior for a given time period to develop a highly a positive reputation and gather trust, after which they exhibit deception. A viable solution is provided by the given trust model for preventing the attacks. This method works by providing effective security to the cloud services by identifying malicious and inappropriate behaviors through the application of trust algorithms that can identify on-off attacks.

• Convergence Security Journal
• /
• v.9 no.2
• /
• pp.7-21
• /
• 2009

Strategies have to be employed in information systems security in order to build and operate systems for information systems security in effective and structured manner. It is also essential for the entire organization to participate for successful implementation of the strategies and making them work. Current researches on information systems security strategy in organizations, however, have mainly been focused on deployment and operation of countermeasures based on strategic thinking and decision. In consequence, it is lack of research on overall frame for containing consideration factors required for moving and leading the whole enterprise for the holistic security purpose. Therefore, this paper proposes a framework for use in establishment of organization-wide information systems security strategies based on the concept of grand strategy from the traditional strategy research and on the four dimensional features of it.

• Convergence Security Journal
• /
• v.19 no.4
• /
• pp.143-150
• /
• 2019

Recently, As ICT technology develops, cyber attacks are becoming more intelligent and advanced. In order to cope with such cyber attacks, the security control system must be maintained 24 hours a day, 365 days a year. Security personnel should be able to respond in real time to cyber attacks through shift work for 24 hours, but the workforce law was revised in 2018 to affect manpower and security control work systems. Therefore, in this paper, we propose an effective security control work system by reducing 52 working hours per week.

• The Journal of Society for e-Business Studies
• /
• v.16 no.4
• /
• pp.53-73
• /
• 2011

Many governments have tried to develop a liability and compliance law that can improve cyber security in a sustainable way. This paper explores whether a liability and compliance law is effective in motivating firms' information security activities. In particular, I empirically investigate the impact of the 2007 Electronic Financial Transaction Act (EFTA), a liability and compliance law in Korea, on the information security activities of financial institutions and services providers. In spite of various criticisms of the effectiveness of EFTA, the empirical findings of this study clearly show that EFTA is having a positive impact on information security activities. From these findings, this article concludes that a liability and compliance law is likely to contribute to a certain degree to the achievement of sustainable development of cyber security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.877-884
• /
• 2019

As technology advances, equipment installed in Nuclear facilities are changing from analog system to digital system. Nuclear facilities have been exposed to cyber threats as the proportion of computers and digital systems increases. As a result, interest in cyber security has increased and there has been a need to protect the system from cyber attacks. KINAC presented 101 cyber security controls for critical digital asset. However, this is a general measure that does not take into account the characteristics of digital assets. Applying all cyber security controls to critical digital assets is a heavy task and can be lower efficient. In this paper, we propose an effective cyber security controls by identifying the characteristics of critical digital assets and presenting proper security measures.

• Journal of the Society of Naval Architects of Korea
• /
• v.61 no.4
• /
• pp.278-288
• /
• 2024

According to International Association of Classification Societies (IACS) Unified Requirement (UR) E26, ships contracted for construction after July 1, 2024 should be designed, constructed, commissioned and operated taking into account of cyber security. In particular, ship network monitoring tools should be installed in accordance with requirement 4.3.1 in IACS UR E26. In this paper, we propose a Security Information and Event Management (SIEM) security policy model for ships as an effective threat detection method by analyzing the cyber security regulations and ship network status in the maritime domain. For this purpose, we derived the items managed in the SIEM from the maritime cyber security regulations such as those of International Maritime Organization (IMO) and IACS, and defined 14 detection policies considering the status of the ship network. We also presents the detection policy for non-expert crews to understand it, and occurrence conditions depending on the ship's network environment to minimize indiscriminate alarms. We expect that the results of this study will help improve the efficiency of ship SIEM to be installed in the future.