• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제18권1호
• /
• pp.233-262
• /
• 2024

Due to the rapid evolution of vehicular ad hoc networks (VANETs), effective communication and security are now essential components in providing secure and reliable vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) communication. However, due to their dynamic nature and potential threats, VANETs need to have strong security mechanisms. This paper presents a novel approach to improve VANET security by combining the Vehicular Delay-Tolerant Network (VDTN) protocol with the Deep Reinforcement Learning (DRL) technique known as the Twin Delayed Deep Deterministic Policy Gradient (TD3) algorithm. A store-carry-forward method is used by the VDTN protocol to resolve the problems caused by inconsistent connectivity and disturbances in VANETs. The TD3 algorithm is employed for capturing and detecting Worm Hole Attack (WHA) behaviors in VANETs, thereby enhancing security measures. By combining these components, it is possible to create trustworthy and effective communication channels as well as successfully detect and stop rushing attacks inside the VANET. Extensive evaluations and simulations demonstrate the effectiveness of the proposed approach, enhancing both security and communication efficiency.

• 한국컴퓨터산업학회논문지
• /
• 제5권4호
• /
• pp.427-434
• /
• 2004

최근 시스템과 네트워크를 위협하는 해킹, 바이러스 등의 공격이 증간하고 있다. 기존의 시스템 보안이나, 네트워크 관리 시스템(NMS)만 가지고는 다양하고 강력한 위협들에 대해서 안전하지 못하다. 따라서 Firewall, IDS, VPN, LAS(Log Analysis System) 등의 보안 시스템을 구축하여 시스템과 네트워크를 위협으로부터 방어해 왔다. 하지만 보안 시스템간의 상호 연계성이 부족하여 효과적인 대응체계를 마련하지 못하고 중복 보안으로 인한 비효율성이 지적되었다. 이에 대한 대책으로 통합 보안 관리가 필요하게 되었고 위협에 대해 적극적으로 대처할 수 있는 능동형 보안이 필요하게 되었다. 최근에는 통합 보안 관리(Enterprise Security Management), 침입자 추적(Intrusion Tracking), 침입자 유인(Intrusion Induction) 등으로 좀 더 효과적이고 적극적인 보안네트워크를 구성할 수 있다. 하지만 이 시스템들 또한 업체별 보안 시스템간의 상호 연통이 어려운 실정이고 대응 조치 또한 체계적이지 못하며 위협을 사전에 방지하지 못하고 사후 대처에 급급한 실정이다. 따라서 본 논문에서는 원격에서 안전하게 네트워크를 관리할 수 있는 능동형 통합관리 모듈을 제안한다.

• 정보보호학회논문지
• /
• 제25권1호
• /
• pp.61-73
• /
• 2015

빠르게 증대되고 있는 다양한 보안 위협에 신속하게 대응하기 위해 기업들은 보안관제 담당자에게 방화벽, IDS 등의 보안장비에서 생성되는 방대한 양의 로그 등을 신속하게 분석하여 보안 위협을 파악하도록 요구하고 있다. 그러나 인간의 정보처리 능력의 한계로 인하여 방대한 양의 보안 관련 로그를 분석하는 데 있어 보안 관제 담당자는 많은 시간을 필요로 하게 되고 결과적으로 보안 위협 탐지와 대응이 늦어진다는 문제점이 존재해 왔다. 시각화 기법은 이러한 문제를 해결할 수 있는 효과적인 방법으로 본 논문은 RGB palette를 이용하여 보안 로그를 시각화, 보안 위협 상황 발생 여부를 보다 빠르고 효과적으로 인지할 수 있는 방법을 제안하고 이를 VAST Challenge 2012 데이터 세트에 실증적으로 적용하였다.

• 융합보안논문지
• /
• 제18권5_1호
• /
• pp.75-81
• /
• 2018

근래에 산업이 융합됨에 따라, 산업 간 융합 도구 활용이 조직 내 보안성에 미치는 영향이 증가하고 있다. 그러나, 조직구성원들은 기존의 시스템을 중심으로 비즈니스를 활동하기 때문에 새로운 시스템 도임에 대한 적응력이 부족하고, 이에 따라서, 보안에 대한 고려는 후 순위로 나타날 수 밖에 없는 환경이다. 본 연구에서는 의료융합산업에서 중소형 의료기관을 대상으로 보안 체계를 구축하기 위해 우선적으로 고려해야 할 요소들에 대한 비용 효율적인 선택방안에 대하여 연구하였다. 구체적으로 선행연구들을 통하여 현재의 법제도 체계를 고려하고 보안현황을 분석하였을 때, 중소형 의료기관에서 필요한 보안 솔루션/시스템/체계에 대하여 도출하였다. 그리고, 실제 비즈니스 환경에서 중소형 의료기관 관련자들을 대상으로 비용 효율적으로 보안 체계를 구축하기 위한 상대적 우선순위에 대하여 분석하고 전반적인 보안체계를 구축하기 위한 방안을 제시하였다.

• 한국정보시스템학회지:정보시스템연구
• /
• 제29권4호
• /
• pp.57-76
• /
• 2020

Purpose Although examining the antecedents of employees' extra-role behavior (i.e. information security participation behavior) in the information security context is significant for researchers and practitioners, most behavioral security studies have focused on employees' in-role behavior (i.e. information security policy compliance). Thus, this research addresses this gap by investigating how organizational information security climate influences information security participation behavior based on social information processing theory and Griffin and Neal's safety model. Design/methodology/approach We developed a research model by applying Griffin and Neal's safety model to the information security context and then tested our research model by conducting an online survey for employees of organizations with information security policies. Structural equation modeling (SEM) with SmartPLS 3.3.2 is used to test the corresponding hypothesis. Findings Our results show that organizational information security climate, information security knowledge, information security motivation are effective in motivating information security participation behavior. Also, we find that organizational information security climate positively influences both information security knowledge and information security motivation. Our findings emphasize the importance of organizational information security climate because it is capable of affecting employees on information security participation behavior. Our study contributes to the literature on information security by exploring the role of organizational information security climate in enhancing employees' information security participation behavior.

• 시큐리티연구
• /
• 제7호
• /
• pp.29-59
• /
• 2004

This is a study on hostage crisis and effective resolution of the crisis. First, we surveyed the theoretical guidance for our study: definition, patterns, of hostage crisis; psychology of hostage-takers. And we explores a great variety of hostage crisis cases to develop principles and methods for negotiation and subjugation. We suggest, throughout this study, some action program to be developed, as follow: First, we need to broaden and deepen the understanding on the issue of hostage-crisis by expanding educational opportunity on the issue, while raising hostage negotiators. Second, information sharing system among hostage management related offices, and complete training for SWAT team are required. Third, when a hostage-crisis is raised, police enforcement must corporate with mass-media in a way of close manner. Fourth, in a critical hostage crisis, the commander should appear on site for effective command. Lastly, the top-priority for the commander who is in charge of the crisis should be put on the security of hostage and hostage-taker, as well.

• 한국멀티미디어학회논문지
• /
• 제21권1호
• /
• pp.61-68
• /
• 2018

In this paper, we present an effective encryption algorithm for 3D printing models in the frequency domain of discrete cosine transform to prevent illegal copying, access in the secured storage and transmission. Facet data of 3D printing model is extracted to construct a three by three matrix that is then transformed to the frequency domain of discrete cosine transform. The proposed algorithm is based on encrypting the DC coefficients of matrixes of facets in the frequency domain of discrete cosine transform in order to generate the encrypted 3D printing model. Experimental results verified that the proposed algorithm is very effective for 3D printing models. The entire 3D printing model is altered after the encryption process. The proposed algorithm is provide a better method and more security than previous methods.

• 한국정보과학회:학술대회논문집
• /
• 한국정보과학회 2007년도 가을 학술발표논문집 Vol.34 No.2 (A)
• /
• pp.118-119
• /
• 2007

• 시큐리티연구
• /
• 제4호
• /
• pp.319-341
• /
• 2001

Most of protecting security activity is carried out by manpower partly by security equipment. The protecting security market and the area of protecting security activity is increasing in spite of change of economic and social environment situation. For more effective protecting security activity, the coordination of electronic equipment and manpower is required. So some application method is suggested throughout the thesis, which is especially focused on new approaching method. The integration of intrusion detecting system, C.C.TV system and Access control system is introduced for general application in chapter III, and some application systems are proposed for protecting security activity in chapter IV. But the security equipment is only aid for manpower, so manpower and equipment should be coordinated well.

• 한국정보통신학회:학술대회논문집
• /
• 한국정보통신학회 2013년도 춘계학술대회
• /
• pp.256-259
• /
• 2013

Data and network security for e-Healthcare Systems are a primary concern due to the easiest deployment area accessibility of the sensor devices. Furthermore, they are often interacting closely in cooperation with the physical environment and the surrounding people, where such exposure increases security vulnerabilities in cases of improperly managed security of the information sharing among different healthcare organizations. Hence, healthcare-specific security standards such as authentication, data integrity, system security and internet security are used to ensure security and privacy of patients' information. This paper discusses security threats on e-Healthcare Systems where an attacker can access both data and network using masquerade attack. Moreover, an efficient and cost effective approach for countermeasures is discussed for the delivery of secure services.