• Convergence Security Journal
• /
• v.6 no.4
• /
• pp.29-40
• /
• 2006

Recent trends for cyber threat such as worm and virus exploit vulnerabilities inherent to main information communication infrastructures like the internet to achieve economical and political goals. It needs to develop checking programs for new vulnerabilities published in prompt and apply them to vulnerable systems for the defense of those cyber threats. In this paper, we study of methodologies for new vulnerability checking module development proper to user level. First, we analyze current 7 methodologies for the development of new vulnerability checking modules including GFI LANGuard and Nessus and then compare them. Second, We define and propose the 5 unique methodologies for the development of new vulnerability checking modules in depth. Finally, we induct the best methodology proper to a certain user level by assessing each methodology according to conditions which is set virtually.

• KIPS Transactions on Computer and Communication Systems
• /
• v.3 no.1
• /
• pp.23-30
• /
• 2014

In this paper, we propose an efficient agent framework for host-based vulnerability assessment system by analyzing the operational concept of traditional vulnerability assessment framework and proposed vulnerability assessment agent framework in virtualization environment. A proposed agent framework have concept by using the features of virtualization technology, it copy and execute checking agent in targeted virtual machines. In order to embody a propose agent framework, we design function block of checking agent and describe a vulnerability checking scenario of proposed agent framework. Also we develop pilot system for vulnerability checking scenario. We improve the shortcomings of the traditional vulnerability assessment system, such as unnecessary system load of the agent, inefficiency due to duplication agent installation. Moreover, the proposed agent framework is maximizing the scalability of the system because there is no agent installation when adding a targeted system.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.18 no.10
• /
• pp.2482-2488
• /
• 2014

This paper proposes that a user account of the MS-SQL is checked whether expirated or not in C++ program environment. Vulnerability checking module decides security weakness for password change time or user configuration time. The proposed module prevents and protects a user account from a malicious user account. Recently, Information Assets becomes more important. If the loss of database information it would make large damage in our life. This paper develops user account checking module, which checks whether user password have not been changed for a long time or whether the user account expirated in the MS-SQL Database. By checking security vulnerability using this feature, a malicious user cannot access the Database.

• KIPS Transactions on Computer and Communication Systems
• /
• v.4 no.3
• /
• pp.97-104
• /
• 2015

This paper will feature designs for security vulnerability based on MS-SQL Database and OLE connectivity by checking the MS-SQL database password policy, the user account password access attempts, a user without password, and password does not be changed for a period of time. This paper uses the MS-SQL database and C++ linkage in order to use the OLE DB function. The design module should judge presence or absence of security vulnerability by checking database password policy, the user account password access attempts, a user without password, password does not be changed for a period of time. The MS-SQL database password associated with a feature, judging from the many features allows you to check for security vulnerability. This paper strengthen the security of the MS-SQL database by taking the advantage of the proposed ability.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.5 no.2
• /
• pp.289-296
• /
• 2015

Java is an interpreted language that can run on a variety of platforms, also Java has a number of useful features for network. Due to theses features of Java language, Java is used in various fields. In this paper, we will talk about how the malware that threaten the Java Security Manager of the Java Virtual Machine is using the vulnerability of the Java Virtual Machine. And for corresponding measures, this paper suggest vulnerability analysis method of Java system class by using Java Call Graph and Java Access Permission Checking Tree. By suggesting that, we want to lay groundwork for preventing Java security threats in advance.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.9 no.1
• /
• pp.19-24
• /
• 2009

In these days, security threat is ever increasing as computer systems and networking is everywhere. This paper is on the development of security scanner using search engine, with which site managers can easily check security vulnerability on their systems. Our security server automatically collects security-related information on the Internet, and indexes them in the database. To check the vulnerability of a customer server, the client system collects various system-specific information, and sends necessary queries to our security server for vulnerability checking. Up-to-date and site-specific vulnerability information is retrieved through the viewer, which allows the customer effectively to check and respond to security threat on client systems.

• 한국방재학회:학술대회논문집
• /
• 2008.02a
• /
• pp.505-508
• /
• 2008

When it grasps a total property losses and relationship of damage factors, there is possibility of reducing the natural disaster damage which is a yearly repeated. Also, checking and supply to vulnerability should be presupposed. This study aims to find out a damage factor vulnerability using a natural disaster database by Park et al(2007). And added 2005 year data to database. Total 10 damage factors are deaths(person, including missing person) injury(person), victims(person), building(thousand), vessel(thousand), cultivated land(thousand), public facilities(thousand), others(thousand), total property losses(thousand). We analyzed of correlation analysis, ratio, population, area, regional character etc for damage factors.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.10
• /
• pp.1392-1397
• /
• 2018

Nuclear power plants(NPPs) are protected as core facilities managed by major countries. Applying general IT technology to facilities of NPPs, the proportion of utilizing the digitized resources for the rest of the assets except for the existing installed analog type operating resources is increasing. Using the network to control the IT assets of NPPs can provide significant benefits, but the potential vulnerability of existing IT resources can lead to significant cyber security breaches that threaten the entire NPPs. In this paper, we analyze the nuclear cyber security vulnerability regulatory requirements, characteristics of existing vulnerability scanners and their requirements and investigate commercial and free vulnerability scanners. Based on the proposed application method, we can improve the efficiency of checking the network security vulnerability of NPPs when applying vulnerability scanner to NPPs.

• Journal of Internet Computing and Services
• /
• v.18 no.5
• /
• pp.113-121
• /
• 2017

Company A's core competency is IT internet security services. The Web diagnosis team analyzes the vulnerability of customer's internet web servers and provides remedy reports. Traditionally, Company A management has utilized a simple table format report for resource planning. But these reports do not notify the timing of human resource commitment. So, upper management asked its team leader to organize a task team and design a visual dashboard for decision making with the help of outside professional. The Task team selected the web security diagnosis practice process as a pilot and designed a dashboard for performance evaluation. A structural design process was implemented during the heuristic working process. Some KPI (key performance indicators) for checking the productivity of internet web security vulnerability reporting are recommended with the calculation logics. This paper will contribute for security service management to plan and address KPI design policy, target process selection, and KPI calculation logics with actual sample data.

• Journal of KIISE:Computing Practices and Letters
• /
• v.14 no.2
• /
• pp.246-250
• /
• 2008

This paper presents the design of network vulnerability analysis system which can integrate various vulnerability assessment tools to improve the preciseness of the vulnerability scan result. Manual checking method performed by a security expert is the most precise and safe way. But this is not appropriate for the large-scale network which has a lot of systems and network devices. Therefore automatic scanning tool is recommended for fast and convenient use. The scanning targets may be different according to the kind of vulnerability scanners, or otherwise even for the same scanning target, the scanning items and the scanning results may be different by each vulnerability scanner, Accordingly, there are the cases in which various scanners, instead of a single scanner, are simultaneously utilized with the purpose of complementing each other. However, in the case of simultaneously utilizing various scanners on the large-scale network, the integrative analysis and relevance analysis on vulnerability information by a security manager becomes time-consumable or impossible. The network vulnerability analysis system suggested in this paper provides interface which allows various vulnerability assessment tools to easily be integrated, common policy which can be applied for various tools at the same time, and automated integrative process.