• Journal of the Korea Safety Management & Science
• /
• v.15 no.4
• /
• pp.17-24
• /
• 2013

On this study, we extracted pending problem and controversial point from management of disaster such as terror for domestic massive performance and then, investigated countermeasure plan against disaster for massive performance through comparison and analysis between anti-disaster strategy of Korea and U.S. U.S are conducting security system actively for passenger of major facilities such as public institution. Nonetheless, In U.S that has the world's best security system, serious affair such as 911 terror and Boston marathon terror are continued to happen. When considering domestic situation that North Korea and South Korea are antagonistic to each other, it is judged when it is high time to prepare for threat of terrorism. Accordingly, On this study, through analyzing of latest terror attacks in U.S and disaster risk in the nation, we analyzed in detail countermeasure plan classified as legislation, operation of security system, instilling a sense. As the result of this analyzing, using by flow-chart, we suggested domestic optimized disaster management system for massive performance. Consequently, we propose to establish systematized disaster management system such as preliminary survey of disaster influence for massive performance.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.13 no.7
• /
• pp.2895-2902
• /
• 2012

The Occupational health and safety is an important factor in the competitiveness of an enterprise. In this paper, activation strategies of OHSMS(Occupational health and safety management system) were systematically and quantitatively analyzed and suggested using SWOT/AHP(Strengths, Weaknesses, Opportunity, Threat/Analytic Hierarchy Process) analysis. In these results, activation strategies of this system can be suggested as followings ; Making worker safety-friendly image of enterprise, developing the quantitative indices related to management results in accreditation programs of OHSMS, constructing the relationship between OHSMS and product safety management, and developing the customized integrated accreditation system.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.16 no.12
• /
• pp.8908-8914
• /
• 2015

The Internet continues to grow and develop, but there are going to generate a variety of Internet attacks that exploit it. In the initial Internet environment, the attackers maliciously exploited Internet environments for ostentations and hobbies. but these days many malicious attempts purpose the financial gain so systematic and sophisticated attacks that are associated with various crimes are occurred. The structures, such as viruses and worms were present in the form of one source multi-target before. but recently, APT(Advanced Persistent Threat, intelligent continuous attacks) in the form of multi-source single target is dealing massive damage. The performance evaluation analyzed whether to generate audit data and detect integrity infringement, and false positives for normal traffic, process detecting and blocking functions, and Agent policy capabilities with respect to the application availability.

• Journal of Internet of Things and Convergence
• /
• v.8 no.5
• /
• pp.1-9
• /
• 2022

As various services are linked to IoT(Internet of Things) and portable communication terminals, cyber attacks that exploit security vulnerabilities of the devices are rapidly increasing. In particular, cyber attacks targeting heterogeneous devices in large-scale network environments through advanced persistent threat (APT) attacks are on the rise. Therefore, in order to improve the effectiveness of the response system in the event of a breach, it is necessary to apply a data enrichment mechanism for the collected artifact data to improve threat analysis and detection performance. Therefore, in this study, by analyzing the data supplementation common elements performed in the existing incident management framework for the artifacts collected for the analysis of intrusion accidents, characteristic elements applicable to the actual system were derived, and based on this, an improved accident analysis framework The prototype structure was presented and the suitability of the derived data supplementary extension elements was verified. Through this, it is expected to improve the detection performance when analyzing cyber incidents targeting artifacts collected from heterogeneous devices.

• Journal of The Geomorphological Association of Korea
• /
• v.28 no.4
• /
• pp.15-30
• /
• 2021

This study analyzed the changes in land-cover and sedimentary environment before and after flooding through drone images and sediment analysis for the Seomjin River Chimsil Wetland. The results showed that the area of some land-covers such as sand bar, grass, and trees were continuously changed. The acidity level of the sediments in the Seomjin River Chimsil Wetland was weakened gradually by flooding and EC was also decreased. The levels of organic matter, effective phosphoric acid, and CEC, however, were fluctuating depending on branches, which seems to be the result of landization as new sedimentary environment was developed and vegetation was settled after the flood. Average mean size of river sediments was found to be fine sand, and it exhibited various particle size characteristics from granule to medium silt depending on the location. As the sedimentary environment changed due to the effects of floods and typhoons, the particles were granulated or grain refined depending on the position. In the Seomjin River Chimsil Wetland, there were factors that could interfere with geomorphic development and sedimentary environment, contamination sources in and around the wetland, and natural threat factors. Therefore, in this study, a conservation and management plan was proposed to remove these threat factors and to preserve the scarcity, naturalness, and dynamics of Seomjin River Chimsil Wetland.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.6
• /
• pp.43-54
• /
• 2016

The occurrence of cyber crime is on the rise every year, and the security control center, which should play a crucial role in monitoring and early response against the cyber attacks targeting various information systems, its importance has increased accordingly. Every endeavors to prevent cyber attacks is being attempted by information security personnel of government and financial sector's security control center, threat response Center, cyber terror response center, Cert Team, SOC(Security Operator Center) and else. The ordinary method to monitor cyber attacks consists of utilizing the security system or the network security device. It is anticipated, however, to be insufficient since this is simply one dimensional way of monitoring them based on signatures. There has been considerable improvement of the security control system and researchers also have conducted a number of studies on monitoring methods to prevent threats to security. In accordance with the environment changes from ESM to SIEM, the security control system is able to be provided with more input data as well as generate the correlation analysis which integrates the processed data, by extraction and parsing, into the potential scenarios of attack or threat. This article shows case studies how to detect the threat to security in effective ways, from the initial phase of the security control system to current SIEM circumstances. Furthermore, scenarios based security control systems rather than simple monitoring is introduced, and finally methods of producing the correlation analysis and its verification methods are presented. It is expected that this result contributes to the development of cyber attack monitoring system in other security centers.

• Korean Security Journal
• /
• no.36
• /
• pp.227-253
• /
• 2013

The threat of crime became a global issue nowadays. Terrorism, organized crime, crime by nation can be mentioned as typical examples. The crimes in modern society can't be identified to happen when, where and how being different from those traditional crimes(murder, robbery, sexual abuse, arson). This was the result of changed security environment that needs to address wide range of crimes as being indicated sporadic characteristics of modern threat of crime such as terrorism threat targeting unidentified masses as well as the emergence of systemic phenomenon of organized crimes and crime committed by nation. In this regard, the case of 9.11 occurred in 2001 can be deemed as an example that made a dramatic turn around to the security environment. After the terrorism, it provided an opportunity to rethink not only USA but also to the institutions all over the world that deals with crime about gathering, management, utilization of crime intelligence. As a result of which there appeared a change in police activities more effectively in gathering & managing crime information and ILP is the very activity that emerged from the USA/UK countries. This aims police activities to minimize the threat of crime being the system reflecting a framework to manage more directly to control crime by gathering and processing information. In view of the global change of security environment as a common phenomenon, the need to direct to ILP has increased in Korea in line with such security environmental change. Accordingly, this study focused on the method of introduction of ILP and presentation of matters for discussion by reviewing ILP activities of the USA/UK countries.

• Asia pacific journal of information systems
• /
• v.18 no.4
• /
• pp.1-26
• /
• 2008

Rapid progress of information technology and widespread use of the personal computers have brought various conveniences in our life. But this also provoked a series of problems such as hacking, malicious programs, illegal exposure of personal information etc. Information security threats are becoming more and more serious due to enhanced connectivity of information systems. Nevertheless, users are not much aware of the severity of the problems. Using appropriate password is supposed to bring out security effects such as preventing misuses and banning illegal users. The purpose of this research is to empirically analyze a research model which includes a series of factors influencing the effectiveness of passwords. The research model incorporates the concept of risk based on information systems risk analysis framework as the core element affecting the selection of passwords by users. The perceived risk is a main factor that influences user's attitude on password security, security awareness, and intention of security behavior. To validate the research model this study relied on questionnaire survey targeted on evening class MBA students. The data was analyzed by AMOS 7.0 which is one of popular tools based on covariance-based structural equation modeling. According to the results of this study, while threat is not related to the risk, information assets and vulnerability are related to the user's awareness of risk. The relationships between the risk, users security awareness, password selection and security effectiveness are all significant. Password exposure may lead to intrusion by hackers, data exposure and destruction. The insignificant relationship between security threat and perceived risk can be explained by user's indetermination of risk exposed due to weak passwords. In other words, information systems users do not consider password exposure as a severe security threat as well as indirect loss caused by inappropriate password. Another plausible explanation is that severity of threat perceived by users may be influenced by individual difference of risk propensity. This study confirms that security vulnerability is positively related to security risk which in turn increases risk of information loss. As the security risk increases so does user's security awareness. Security policies also have positive impact on security awareness. Higher security awareness leads to selection of safer passwords. If users are aware of responsibility of security problems and how to respond to password exposure and to solve security problems of computers, users choose better passwords. All these antecedents influence the effectiveness of passwords. Several implications can be derived from this study. First, this study empirically investigated the effect of user's security awareness on security effectiveness from a point of view based on good password selection practice. Second, information security risk analysis framework is used as a core element of the research model in this study. Risk analysis framework has been used very widely in practice, but very few studies incorporated the framework in the research model and empirically investigated. Third, the research model proposed in this study also focuses on impact of security awareness of information systems users on effectiveness of password from cognitive aspect of information systems users.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.13 no.1
• /
• pp.69-78
• /
• 2017

As the smartphone-based devices are diffused and developed rapidly, they provide the convenience to the users. The abovementioned sentence technologies are being used not only in the existing sensor and wireless network technology but also in the application services of the diverse fields application services such as smart appliance, smart car, smart health care, etc. and the new fusion paradigm from the industry is presented by undertaking the researches in diverse area by the enterprises and research institutions. However, the smart environment exposes its weaknesses in the mobile terminal area, existing wireless network and IT security area. In addition, due to new and variant ways of attack, not only the critical information are disclosed However also the financial damages occur. This paper proposed the protocol to perform the smartphone-based safe device monitoring and safe communication. The proposed protocol designed the management procedure of registration, identification, communication protocol and device update management protocol and the safety against the attack techniques such as the an-in-the-middle-attack, impersonation attack, credential threat, information leaks and privacy invasion was analyzed. It was observed that the proposed protocol showed the performance improved by approximately 52% in the communication process than the existing system.

• Journal of the Korea Safety Management & Science
• /
• v.16 no.3
• /
• pp.175-183
• /
• 2014

In spite of international efforts to control nuclear weapons and chemical, biological, and radiological (CBR) weapons, North Korea obtains and sells CBR weapons illegally. As a result, the worldwide threat of CBR weapons is increasing. Unfortunately, civil defense education and training for CBR weapons have not been adopted for real situations because of the long period of absence of an actual combat. In this study, virtual training scenarios that are applied to the simulation were made in 5 steps to cope with CBR situations. These scenarios are expected to have three effects. First, trainings can be improved with experience and education. Second, the problems and health hazards of CBR weapons and supplies can be solved with CBR virtual training simulation experience. Finally, corresponding effects can be recognized and predicted in real situations through roles and mission procedures of simulation scenario.