• Convergence Security Journal
• /
• v.12 no.4
• /
• pp.71-76
• /
• 2012

As the use of Mashups, web3.0, JavaScript and AJAX(Asynchronous JavaScript XML) widely increases, the new security threats for web vulnerability also increases when the web application services are provided. In order to previously diagnose the vulnerability and prepare the threats, in this paper, the classification of security threats and requirements are presented, and the web vulnerability is analyzed for the domestic web sites using WVS(Web Vulnerability Scanner) automatic evaluation tool. From the results of vulnerability such as XSS(Cross Site Scripting) and SQL Injection, the total alerts are distributed from 0 to 31,177, mean of 411, and standard deviation of 2,563. The results also show that the web sites of 22.5% for total web sites has web vulnerability, and the previous defenses for the security threats are required.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.9 no.1
• /
• pp.19-24
• /
• 2009

In these days, security threat is ever increasing as computer systems and networking is everywhere. This paper is on the development of security scanner using search engine, with which site managers can easily check security vulnerability on their systems. Our security server automatically collects security-related information on the Internet, and indexes them in the database. To check the vulnerability of a customer server, the client system collects various system-specific information, and sends necessary queries to our security server for vulnerability checking. Up-to-date and site-specific vulnerability information is retrieved through the viewer, which allows the customer effectively to check and respond to security threat on client systems.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.10
• /
• pp.1392-1397
• /
• 2018

Nuclear power plants(NPPs) are protected as core facilities managed by major countries. Applying general IT technology to facilities of NPPs, the proportion of utilizing the digitized resources for the rest of the assets except for the existing installed analog type operating resources is increasing. Using the network to control the IT assets of NPPs can provide significant benefits, but the potential vulnerability of existing IT resources can lead to significant cyber security breaches that threaten the entire NPPs. In this paper, we analyze the nuclear cyber security vulnerability regulatory requirements, characteristics of existing vulnerability scanners and their requirements and investigate commercial and free vulnerability scanners. Based on the proposed application method, we can improve the efficiency of checking the network security vulnerability of NPPs when applying vulnerability scanner to NPPs.

• Journal of KIISE:Computing Practices and Letters
• /
• v.14 no.2
• /
• pp.246-250
• /
• 2008

This paper presents the design of network vulnerability analysis system which can integrate various vulnerability assessment tools to improve the preciseness of the vulnerability scan result. Manual checking method performed by a security expert is the most precise and safe way. But this is not appropriate for the large-scale network which has a lot of systems and network devices. Therefore automatic scanning tool is recommended for fast and convenient use. The scanning targets may be different according to the kind of vulnerability scanners, or otherwise even for the same scanning target, the scanning items and the scanning results may be different by each vulnerability scanner, Accordingly, there are the cases in which various scanners, instead of a single scanner, are simultaneously utilized with the purpose of complementing each other. However, in the case of simultaneously utilizing various scanners on the large-scale network, the integrative analysis and relevance analysis on vulnerability information by a security manager becomes time-consumable or impossible. The network vulnerability analysis system suggested in this paper provides interface which allows various vulnerability assessment tools to easily be integrated, common policy which can be applied for various tools at the same time, and automated integrative process.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2016.10a
• /
• pp.202-205
• /
• 2016

취약점 스캐너(Vulnerability Scanner)는 이름 그대로 기업의 네트워크나 시스템(컴퓨터, 서버, 라우터 등)을 스캔하고 오픈 포트, 활성화된 IP주소와 로그온, 운영체제, 설치되어 실행되는 소프트웨어와 서비스 등을 식별하고 보고하는 도구이다. 가용성과 데이터의 신뢰성이 우선적으로 중요시되고 있는 제어시스템 환경에서는 이러한 취약점 스캐너 도구의 사용은 운영에 영향을 미칠 수 있다. 본 저자는 기존에 상용화된 스캐너 제품의 취약점 식별 방법을 분석하고 현재까지 발표된 제어시스템 풀랫폼의 공개 취약점 정보를 이용하여 폐쇄적인 제어시스템 운영환경에 적합한 새로운 제어시스템 플랫폼 취약점 스캐너를 제안한다.

• The Korean Journal of Health Service Management
• /
• v.9 no.2
• /
• pp.23-32
• /
• 2015

In this paper, we evaluated web security vulnerability and privacy information management of hospital web sites which are registered at the Korea Hospital Association. Vulnerability Scanner (WVS) based on the OWASP Top 10 was used to evaluate the web security vulnerability of the web sites. And to evaluate the privacy information management, we used ten rules which were based on guidelines for protecting privacy information on web sites. From the results of the evaluation, we discovered tertiary hospitals had relatively excellent web security compared to other type of hospitals. But all the hospital types had not only high level vulnerabilities but also the other level of vulnerabilities. Additionally, 97% of the hospital web sites had a certain level of vulnerability, so a security inspection is needed to secure the web sites. We discovered a few SQL Injection and XSS vulnerabilities in the web sites of tertiary hospitals. However, these are very critical vulnerabilities, so all hospital types have to be inspected to protect their web sites against attacks from hacker. On the other hand, the inspection results of the tertiary hospitals for privacy information management had a better compliance rate than that of the other hospital types.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.2
• /
• pp.111-122
• /
• 2002

Malicious attackers generally attempt to intrude the target systems by taking advantage of existing system vulnerabilities and executing readily available code designed to exploit blown vulnerabilities. To the network security administrators, the rat and minimal step in providing adequate network security is to identify existing system vulnerabilities and patch them as soon as possible. Network-based vulnerability analysis scanners (NVAS), although widely used by network security engineers, have shortcomings in that they depend on limited information that is available and generally do not have access to hast-specific information. Host-based vulnerability analysis scanner (HVAS) can serve as an effective complement to NVAS. However, implementations of HVAS differ from one platform to another and from one version to another. Therefore, to security engineers who often have to maintain a large number of heterogeneous network of hosts, it is impractical to develop and manage a large number of HVAS. In this paper, we propose an agent-based architecture named ISMAEL and describe its prototype implementation. Manager process provides various agent processes with descriptiom on vulnerabilities to check, and an agent process automatically generates, compiles, and executes an Java code to determine if the target system is vulnerable or not. The result is sent back to the manager process, and data exchange occurs in % format. Such architecture provides maximal portability when managing a group of heterogeneous hosts and vulnerability database needs to be kept current because the manager process need not be modified, and much of agent process remains unchanged. We have applied the prototype implementation of ISMAEL and found it to be effective.

• Convergence Security Journal
• /
• v.6 no.4
• /
• pp.29-40
• /
• 2006

Recent trends for cyber threat such as worm and virus exploit vulnerabilities inherent to main information communication infrastructures like the internet to achieve economical and political goals. It needs to develop checking programs for new vulnerabilities published in prompt and apply them to vulnerable systems for the defense of those cyber threats. In this paper, we study of methodologies for new vulnerability checking module development proper to user level. First, we analyze current 7 methodologies for the development of new vulnerability checking modules including GFI LANGuard and Nessus and then compare them. Second, We define and propose the 5 unique methodologies for the development of new vulnerability checking modules in depth. Finally, we induct the best methodology proper to a certain user level by assessing each methodology according to conditions which is set virtually.

• Journal of Information Technology Services
• /
• v.2 no.2
• /
• pp.97-109
• /
• 2003

As the importance and the need for network security is increased, many organization uses the various security systems. They enable to construct the consistent integrated security environment by sharing the vulnerable information among firewall, intrusion detection system, and vulnerable scanner. And Policy-based network provides a means by which the management process can be simplified and largely automated. In this article we build a foundation of policy-based network modeling environment. The procedure and structure for policy rule induction from vulnerabilities stored in SVDB (Simulation based Vulnerability Data Based) is conducted. It also transforms the policy rules into PCIM (Policy Core Information Model).

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.601-613
• /
• 2012

It is required to design and implement secure web applications to provide safe web services. For this reason, there are several scoring frameworks to measure vulnerabilities in web applications. However, these frameworks do not classify according to seriousness of vulnerability because these frameworks simply accumulate score of individual factors in a vulnerability. We rate and score vulnerabilities according to probability of privilege acquisition so that we can prioritize vulnerabilities found in web applications. Also, our proposed framework provides a method to score all web applications provided by an organization so that which web applications is the worst secure and should be treated first. Our scoring framework is applied to the data which lists vulnerabilities in web applications found by a web scanner based on crawling, and we show the importance of categorizing vulnerabilities according to privilege acquisition.