• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.5
• /
• pp.961-968
• /
• 2014

In order to prevent leakage of personal information by insiders a large number of companies install pc security solutions like DRM(Digital Right Management), DLP(Data Loss Prevention), Personal information filtering software steadily. However, despite these investments anomalies personal information occurred. To establish proper security policy before implementing pc security solutions, companies can prevent personal information leakage. Furthermore by analyzing the log from the solutions, companies verify the policies implemented effectively and modify security policies. In this paper, we define the required security solutions installed on PC to prevent disclosure of personal information in a variety of PC security solution, plan to integrate operations of the solutions in the blocking personal information leakage point of view and propose security policies through PC security solution log analysis.

• The Transactions of the Korean Institute of Electrical Engineers A
• /
• v.48 no.2
• /
• pp.107-114
• /
• 1999

This paper presents an application of artificial neural networks(ANN) to assess the dynamic security of power systems. The basic role of ANN is to provide assessment of the system's stability based on training samples from off-line analysi. The critical clearing time(CCT) is an attribute which provides significant information about the quality of the post-fault system behaviour. The function of ANN is a mapping of the pre-fault, fault-on, and post-fault system conditions into the CCT's. In previous work, a feed forward neural network is used to learn this mapping by using the generation outputs during the fault as the input data. However, it takes significant calculation time to make the input data through the network reduction at a fault as the input data. However, it takes significant calculation time to make the input data through the network reduction at a fault considered. In order to enhance the speed of security assessment, the bus data and line powers are used as the input data of the ANN in thil paper. Test results show that the proposed neural networks have the reasonable accuracy and can be used in on-line security assenssment efficiently.

• Journal of KIISE:Databases
• /
• v.36 no.5
• /
• pp.352-365
• /
• 2009

Recently, data access control policies have not been applied for authorized or unauthorized persons properly and information leakage incidents have occurred due to database security vulnerabilities. In the traditional database access control methods, administrators grant permissions for accessing database objects to users. However, these methods couldn't be applied for diverse access control policies to the database. In addition, another database security method which uses data encryption is difficult to utilize data indexing. Thus, this paper proposes an enhanced database access control system via a packet analysis method between client and database server in network to apply diverse security policies. The proposed security system can be applied the applications with access control policies related to specific factors such as date, time, SQL string, the number of result data and etc. And it also assures integrity via a public key certificate and MAC (Message Authentication Code) to prevent modification of user information and query sentences.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.5
• /
• pp.831-847
• /
• 2013

The various types of data are being created in large quantities resulting from the spread of social media and the mobile popularization. Many companies want to obtain valuable business information through the analysis of these large data. As a result, it is a trend to integrate the big data technologies into the company work. Especially, Hadoop is regarded as the most representative big data technology due to its terabytes of storage capacity, inexpensive construction cost, and fast data processing speed. However, the authentication token system of Hadoop Distributed File System(HDFS) for the user authentication is currently vulnerable to the replay attack and the datanode hacking attack. This can cause that the company secrets or the personal information of customers on HDFS are exposed. In this paper, we analyze the possible security threats to HDFS when tokens or datanodes are exposed to the attackers. Finally, we propose the secure authentication protocol in HDFS based on hash chain.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.2
• /
• pp.345-352
• /
• 2014

As the utilization rate of smart device increases, various applications for smart device have been developed. Since these applications can contain important data related to user behaviors in digital forensic perspective, the analysis of them should be conducted in advance. However, lots of applications get to have new data format or type when they are updated. Therefore, whether the applications are updated or not should be checked one by one, and if they are, whether their data are changed should be also analyzed. But observing application data repeatedly is a time-consuming task, and that is why the effective method for dealing with this problem is needed. This paper suggests the automatic system which gets updated information and checks changed data by collecting application information.

• Korean Security Journal
• /
• no.51
• /
• pp.11-35
• /
• 2017

The third industrial revolution, characterized by factory automation and informatization, are moving toward the fourth industrial revolution which is the era of superintelligence and supernetworking through rapid technology innovation. The most important resources in the fourth industrial revolution are information or data since the most of industrial and economic activities will be affected by information in the fourth industrial revolution. Therefore we can expect that more information will be utilized, shared and transfered through the networks or systems in real time than before so the significance of information management and security will also increase. As the importance of information resource management and security which is the core of the fourth industrial revolution increases, the threats on information security are also growing so security incidents such as data breeches and accidents take place more often. Various and thorough solutions are highly needed to protect information resources from security risks because information accidents or breaches seriously damage brand image and cause huge financial damage to organization. The purpose of this study is to research general trends on data breaches and accident that can be serious threat of information security. Also, we will provide resonable solutions to protect data from nine attack patterns or other risk factors after figuring out each characteristic of nin attack patterns in data breaches and accidents.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12
• /
• pp.53-60
• /
• 2021

Many standard methods are used for secret text files and secrete short messages cryptography, these methods are efficient when the text to be encrypted is small, and the efficiency will rapidly decrease when increasing the text size, also these methods sometimes have a low level of security, this level will depend on the PK length and sometimes it may be hacked. In this paper, a new method will be introduced to improve the data protection level by using a changeable secrete speech file to generate PK. Highly Secure Data Encryption (HSDE) method will be implemented and tested for data quality levels to ensure that the HSDE destroys the data in the encryption phase, and recover the original data in the decryption phase. Some standard methods of data cryptography will be implemented; comparisons will be done to justify the enhancements provided by the proposed method.

• ETRI Journal
• /
• v.44 no.2
• /
• pp.208-219
• /
• 2022

Crime amount prediction is crucial for optimizing the police patrols' arrangement in each region of a city. First, we analyzed spatiotemporal correlations of the crime data and the relationships between crime and related auxiliary data, including points-of-interest (POI), public service complaints, and demographics. Then, we proposed a crime amount prediction model based on 2D convolution and long short-term memory neural network (2DCONV-LSTM). The proposed model captures the spatiotemporal correlations in the crime data, and the crime-related auxiliary data are used to enhance the regional spatial features. Extensive experiments on real-world datasets are conducted. Results demonstrated that capturing both temporal and spatial correlations in crime data and using auxiliary data to extract regional spatial features improve the prediction performance. In the best case scenario, the proposed model reduces the prediction error by at least 17.8% and 8.2% compared with support vector regression (SVR) and LSTM, respectively. Moreover, excessive auxiliary data reduce model performance because of the presence of redundant information.

• Journal of Digital Contents Society
• /
• v.19 no.1
• /
• pp.181-191
• /
• 2018

With the development of IT, hacking crimes are becoming intelligent and refined. In Emergency response, Big data analysis in information security is to derive problems such as abnormal behavior through collecting, storing, analyzing and visualizing whole log including normal log generated from various information protection system. By using the full log data, including data we have been overlooked, we seek to detect and respond to the abnormal signs of the cyber attack from the early stage of the cyber attack. We used open-source ELK Stack technology to analyze big data like unstructured data that occur in information protection system, terminal and server. By using this technology, we can make it possible to build an information security control system that is optimized for the business environment with its own staff and technology. It is not necessary to rely on high-cost data analysis solution, and it is possible to accumulate technologies to defend from cyber attacks by implementing protection control system directly with its own manpower.

• Convergence Security Journal
• /
• v.4 no.3
• /
• pp.1-8
• /
• 2004

Large distributed systems such as computational and data grids require that a substantial amount of monitoring data be collected for various tasks such as fault detection, performance analysis, performance tuning, performance prediction, security analysis and scheduling. to cope with this problem, they are needed network monitoring architecture which can collect various network characteristic and analyze network security state. In this paper, we suggest network performance and security analysis system based on network monitoring. The System suggest that users can see distance network state with tuning network parameters.