• Journal of the Korea Society of Computer and Information
• /
• v.23 no.12
• /
• pp.95-105
• /
• 2018

As the IT industry developed, the information held by the company soon became a corporate asset. As this information has value as an asset, the number and scale of various cyber attacks which targeting enterprises and institutions is increasing day by day. Therefore, research are being carried out to protect the assets from cyber attacks by using the attack graph to identify the possibility and risk of various attacks in advance and prepare countermeasures against the attacks. In the attack graph, security metric is used as a measure for determining the importance of each asset or the risk of an attack. This is a key element of the attack graph used as a criterion for determining which assets should be protected first or which attack path should be removed first. In this survey, we research trends of various security metrics used in attack graphs and classify the research according to application viewpoints, use of CVSS(Common Vulnerability Scoring System), and detail metrics. Furthermore, we discussed how to graft the latest security technologies, such as MTD(Moving Target Defense) or SDN(Software Defined Network), onto the attack graphs.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.221-223
• /
• 2014

Power analysis attack on cryptographic hardware device aims to study the power consumption while performing operations using secrets keys. Power analysis is a form of side channel attack which allow an attacker to compute the key encryption from algorithm using Simple Power Analysis (SPA), Differential Power Analysis (DPA) or Correlation Power Analysis (CPA). The theoretical weaknesses in algorithms or leaked informations from physical implementation of a cryptosystem are usually used to break the system. This paper describes how power analysis work and we provide an overview of countermeasures against power analysis attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.4
• /
• pp.187-194
• /
• 2008

This paper proposes an effective countermeasure to an intrinsic hardware vulnerability of the keyboard controller that causes sniffing problem on the password authentication system based on the keyboard input string. Through the vulnerability, some possible attacker is able to snoop whole the password string input from the keyboard even when any of the existing keyboard protection software is running. However, it will be impossible for attackers to gather the exact password strings if the proposed policy is applied to the authentication system though they can sniff the keyboard hardware protocol. It is expected that people can use secure Internet commerce after implementing and applying the proposed policy to the real environment.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12
• /
• pp.207-212
• /
• 2021

A buffer overflow attack is carried out to subvert privileged program functions to gain control of the program and thus control the host. Buffer overflow attacks should be prevented by risk managers by eradicating and detecting them before the software is utilized. While calculating the size, correct variables should be chosen by risk managers in situations where fixed-length buffers are being used to avoid placing excess data that leads to the creation of an overflow. Metamorphism can also be used as it is capable of protecting data by attaining a reasonable resistance level [1]. In addition, risk management teams should ensure they access the latest updates for their application server products that support the internet infrastructure and the recent bug reports [2]. Scanners that can detect buffer overflows' flaws in their custom web applications and server products should be used by risk management teams to scan their websites. This paper presents an experiment of buffer overflow vulnerability and attack. The aims to study of a buffer overflow mechanism, types, and countermeasures. In addition, to comprehend the current detection plus prevention approaches that can be executed to prevent future attacks or mitigate the impacts of similar attacks.

• The Journal of the Convergence on Culture Technology
• /
• v.6 no.2
• /
• pp.437-447
• /
• 2020

The purpose of this study is to research the countermeasures and expected effects through the use of drones in the field of disaster prevention as a drone-based smart quarantine performance method. The environmental, market, and technological approaches to the review of the current quarantine performance task and its countermeasures are as follows. First, in terms of the environment, the effectiveness of the quarantine performance business using drone-based control is to broaden the utilization of forest, bird flu, livestock, facility areas, mosquito larvae, pests, and to simplify and provide various effective prevention systems such as AI and cholera. Second, in terms of market, the standardization of livestock and livestock quarantine laws and regulations according to the use of disinfection and quarantine missions using domestic standardized drones through the introduction of new technologies in the quarantine method, shared growth of related industries and discovery of new markets, and animal disease prevention It brings about the effect of annual budget savings. Third, the technical aspects are (1) on-site application of disinfection and prevention using multi-drone, a new form of animal disease prevention, (2) innovation in the drone industry software field, and (3) diversification of the industry with an integrated drone control / control system applicable to various markets. (4) Big data drone moving path 3D spatial information analysis precise drone traffic information ensures high flight safety, (5) Multiple drones can simultaneously auto-operate and fly, enabling low-cost, high-efficiency system deployment, (6) High precision that this was considered due to the increase in drone users by sector due to the necessity of airplane technology. This study was prepared based on literature surveys and expert opinions, and the future research field needs to prove its effectiveness based on empirical data on drone-based services. The expected effect of this study is to contribute to the active use of drones for disaster prevention work and to establish policies related to them.

• The KIPS Transactions:PartC
• /
• v.13C no.4 s.107
• /
• pp.427-434
• /
• 2006

Broadband Convergence Network(BcN) is a critical infrastructure to provide wired-and-wireless high-quality multimedia services by converging communication and broadcasting systems, However, there exist possible danger to spread the damage of an intrusion incident within an individual network to the whole network due to the convergence and newly generated threats according to the advent of various services roaming vertically and horizontally. In order to cope with these new threats, we need to analyze the vulnerabilities of BcN in a system architecture aspect and classify them in a systematic way and to make the results to be utilized in preparing proper countermeasures, In this paper, we propose a new classification of vulnerabilities which has been extended from the ITU-T recommendation X.805, which defines the security related architectural elements. This new classification includes system elements to be protected for each service, possible attack strategies, resulting damage and its criticalness, and effective countermeasures. The new classification method is compared with the existing methods of CVE(Common Vulnerabilities and Exposures) and CERT/CC(Computer Emergency Response Team/Coordination Center), and the result of an application to one of typical services, VoIP(Voice over IP) and the development of vulnerability database and its management software tool are presented in the paper. The consequence of the research presented in the paper is expected to contribute to the integration of security knowledge and to the identification of newly required security techniques.

• Journal of Korean Society of societal Security
• /
• v.1 no.1
• /
• pp.63-67
• /
• 2008

This study focuses on assessing the security ri sk or the terrorism in chemical process industries. This research modifies conventional method for assessing the terrorism risk. The risk assessment method is developed and it is implemented as software to analyze the possibility of terrorism and sabotage. This program includes five steps; asset characterization, threat assessment, vulnerability analysis, risk assessment and new countermeasures. It is a systematic, risk based approach in which risk is a function of the severity of consequences of an undesired event, the likelihood of adversary attack, and the likelihood of adversary success in causing the undesired event. The reliability of the program is verified using a dock zone case. The case dock zone includes a storage farm, a manufacturing plant, an electrical supply utility, a hydrotreater unit, many containers, and administration buildings. This study represents chemical terrorism response technology, the prevention plan, and new countermeasure to mitigate by using risk assessment methods in the chemical industry and public sector. This study suggests an effective approach to the chemical terrorism response management.

• KIISE Transactions on Computing Practices
• /
• v.21 no.11
• /
• pp.689-698
• /
• 2015

Currently, the itemized box loading operation at the Agriculture Products Processing Center which distributes agricultural products for the region is carried out manually. The process of loading agricultural products requires great manpower and had been resolved through the part-time employment of the residents of farm villages. However, recently it has become quite difficult to secure manpower as the aging within the rural community has been intensified. Hence, the necessity for countermeasures such as facility automation or use of robots have become necessary. This study suggests an automatic robot system for the itemized loading of apple boxes at the Agriculture Products Processing Center. The suggested method is to design and develop equipment such as a conveyer, robot, and bar code reader. In addition, a sorting plan, operational control, generation of control information, and software module that could monitor the inside of the Agriculture Products Processing Center is needed. After test-operating and evaluating the developed system, the existing manual work would be replaced with the automated robot system in order to enhance work efficiency and resolve safety issues.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.234-237
• /
• 2014

The increasing of Cloud Computing technology among several companies has been a key strategy for IT services to provide desirable IT solutions to consumers of cloud services. More attention is concentrated to these core technologies that enable cloud services and more particularly to the virtualization aspect. The accessibility to a larger number of users is possible because of the usage of the data-intensive, data management and data integrity. Unfortunately, those useful services are vulnerable to kind of attacks by hackers, thus the security of personal information is in critical situation. To solve this to leakage vulnerability, and with the proliferation of cloud services, the cloud service providers adopt a security system with firewall, antivirus software and a large number of virtualized servers and Host. In this paper, a variety of virtualization technologies, threats and vulnerabilities are described with a complement of different security solutions as countermeasures.

• Journal of Industrial Convergence
• /
• v.16 no.2
• /
• pp.25-31
• /
• 2018

An APT attack is a new hacking technique that continuously attacks specific targets and is called an APT attack in which a hacker exploits various security threats to continually attack a company or organization's network. Protect employees in a specific organization and access their internal servers or databases until they acquire significant assets of the company or organization, such as personal information leaks or critical data breaches. Also, APT attacks are not attacked at once, and it is difficult to detect hacking over the years. This white paper examines ongoing APT attacks and identifies, educates, and proposes measures to build a security management system, from the executives of each organization to the general staff. It also provides security updates and up-to-date antivirus software to prevent malicious code from infiltrating your company or organization, which can exploit vulnerabilities in your organization that could infect malicious code. And provides an environment to respond to APT attacks.