• International Journal of Computer Science & Network Security
• /
• v.24 no.10
• /
• pp.159-163
• /
• 2024

In a system we use to share the data over the around the world. While sharing the data is to keep up the information confidentially. Attacker in the system may capture this privately data or distorted. So security is the principle piece of concern. There are a few security attacks in system. A standout among the most critical and modern day dangers is DDoS (Distributed disavowal of administrations) attacks. It gives an opportunity to an attacker to expand access to a huge number of computers by use their vulnerabilities to set up attacks systems or Botnets. The fundamental thought of this paper is to concentrate on modern day approaches managing and Detection of DDoS attacks

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.05a
• /
• pp.187-188
• /
• 2022

As information processing technology develops with the trend of the times, the possibility of cyber threats to nuclear facilities is increasing. In the 2000s, there was a growing perception that cyberattacks on nuclear facilities were needed, and in fact, a cybersecurity regulatory system for nuclear power plants began to be established to prepare for cyberattacks. In Korea, in order to prepare for cyber threats, in 2013 and 2014, the Act on Protection and Radiation Disaster Prevention, Enforcement Decree, and Enforcement Rules of Nuclear Facilities, etc., and notices related to the Radioactive Disaster Prevention Act were revised. In 2015, domestic nuclear operators prepared information system security regulations for each facility in accordance with the revised laws and received approval from the Nuclear Safety Commission for implementation of information system security regulations divided into seven stages. In 2019, a special inspection for step-by-step implementation was completed, and since 2019, the cybersecurity system of operators has been continuously inspected through regular inspections. In this paper, we present some measures to build improved training to suit the steadily revised inspection of the nuclear facility cybersecurity system to counter cyber threats to the ever-evolving nuclear facilities.

• Journal of the Society of Disaster Information
• /
• v.3 no.2
• /
• pp.95-117
• /
• 2007

With rapid changes taking place in every field, the expansion and specialization of various social service activities are one of the characteristics of the modem society. However, the increase of crimes and inefficiency of public police service to cope with this situation have caused discontent and distrust on the service among the public, making people more inclined to solve safety-related problems by themselves. Private Security Service(PSS) and Private Investigation Service(PIS) were introduced to satisfy these needs. In the area of PIS, Public Investigation Service System(PISS) has been established for a quite long time in foreign countries. However in Korea, PIS is being provided by unregulated service providers such as errand service center due to the lack of legal system, causing many problems related with illegal practices by the service providers. This paper is the result of the research on how to adopt a relevant PISS in Korea and develop it in the future. This kind of research is much needed to curb the rising illegal practices of the errand service centers, complement the insufficient operation of public police service, and strengthen the competitiveness of our country by taking more efficient actions in the changing public security environment. Based on the research, this paper also examines positively the possibility of introduction of PIS in Korea. This paper also recommends a prompt enactment of PIS regulation and improvement on the legal environment for such introduction of the relevant and suitable PISS in Korea.

• Convergence Security Journal
• /
• v.4 no.2
• /
• pp.9-15
• /
• 2004

The Internet is aggregate of trustless networks essentially Because the Internet is very difficult to control flowing of information, taking advantage of enough sporadic resource, security problem that can protect internal important stock from the Internet is risen seriously. Recently, virus accident and generation rate about system intrusion that happen become much higher and various than past. On these time, is progressing researcher for invasion cutout to keep away illegal act vigorouslyand do continuous development. In this paper, reporting administrator log information about invader's illegal act depending on XML format form, and I wished to solve problem that happen in administration side developing invasion interception system that can control to remote.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.2
• /
• pp.329-337
• /
• 2013

Cyber threats of the ICS(Industrial Control System) has been researched on the level to the threat to the network service as well as a specific system, even if the extent of damage was not intended. Although some range of "security" just include the protection of systems against the deliberate attacks of terrorists or cyber hackers, often more damage is done by carelessness, and equipment failures than by those deliberate attacks. This paper presented a taxonomy for classifying all abnormal behaviors of ICS, including deliberate attacks, inadvertent mistakes, equipment failures, and software problems. The classification criteria of ICS abnormal behaviors was selected to highlight commonalities and important features of deliberate attacks as well as inadvertent actions.

• Journal of Satellite, Information and Communications
• /
• v.10 no.3
• /
• pp.114-120
• /
• 2015

In this paper, we show the design requirements of the cryptographic module and its security algorithm designed to prevent the exposure of the command signal applied to Flight Termination System. The cryptographic module consists of two separate devices that are Command Insertion Device and Command Generation Device. The cryptographic module designed to meet the 3 principles(Confidentiality, Integrity and Availability) for the information security. AES-256 block encryption algorithm and SHA-256 Hash function were applied to the encrypted symmetric key encryption method. The proposed cryptographic module is expected to contribute to the security and reliability of the Flight Termination System for Space Launch Vehicle.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.3
• /
• pp.437-445
• /
• 2006

The security key management function is a key element to secure network environment, and many protocols include IPSec, HIP, etc. demand this function. There are two solutions to provide the key management function in the network layer, one is a method for storing security key material in the directory, and the other is a method for storing security key material in DNS. In this paper we present an implementation of key management system by LDAP. We deployed the open source solutions for directory service(OpenLDAP), cryptographic algorithm (FLINT/C), IPSec(FreeS/WAN), and verified the key management system by the encrypted message exchange and the interoperability test by un daemon.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.10B
• /
• pp.1013-1020
• /
• 2009

This paper proposes an authentication protocol using the key server in the ECPglobai RFID system. The proposed authentication protocol uses the key server and the time-out mechanism to resist various attacks including DoS(Denial of Service) attack. For easy implementation, the proposed protocol also uses the function existing in EPCglobal class 1 gen2 protocol without additive function such as hash function. The proposed protocol is evaluated through two analytical methods. The correctness of the proposed protocol is proved using the GNY analysis. By the security analysis, this paper showed that the proposed protocol is resistant to various attacks including DoS attack. The analytical results demonstrated that the proposed protocol offered a secure RFID system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.3
• /
• pp.579-589
• /
• 2017

The cloud environment is hypervisor-based, and many virtual machines are interconnected, which makes propagation of malicious code easier than other environments. Accordingly, this paper proposes a malicious traffic dynamic analysis system for secure cloud environment. The proposed system continuously monitors and analyzes malicious activity in an isolated virtual network environment by distinguishing malicious traffic that occurs in a cloud environment. In addition, the analyzed results are reflected in the distinguishment and analysis of malicious traffic that occurs in the future. The goal of this research is secure and efficient malicious traffic dynamic analysis by constructing the malicious traffic analysis environment in the cloud environment for detecting and responding to the new and variant malicious traffic generated in the cloud environment.

• Journal of the Society of Disaster Information
• /
• v.9 no.1
• /
• pp.113-122
• /
• 2013

As the patronage of railroad increased, the government tried to introduce several the railroad safety program. The introduction of security inspection system in railroad is also considered with this background. In this paper, we examined the foreign cases in U.S., Spain, and China. Also, we surveyed the railroad users' opinion with the security inspection system and analyzed the results of survey for the sufficient preparation for it. Consequently, we suggested the introduction of high-speed rail station by way of showing an example.