• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.6 no.4
• /
• pp.39-52
• /
• 1996

Networking revolution provides users with data and resources sharing, distributed processing, and computer communication in cyberspace. However, users may use computers as a way of unauthorized access, system destruction, and leakage of the stored data. In recent trend, incresing of hacking instances which are from domestic as well as abroad reaches to the level of seriousness. It, therefore, is required to develop a secure system for the National Depense computing resources and deploy in practice in the working field as soon as possible. In this paper, we focuss on finding the security requirements of a network and designing Intrusion Detection System using statical intrusion detection and rule-based intrusion detection analysis through accumulating audit data.

• International Journal of Computer Science & Network Security
• /
• v.22 no.6
• /
• pp.212-222
• /
• 2022

There has been a rapid increase in the use of cloud email services. As a result, email encryption has become more commonplace as concerns about cloud privacy and security grow. Nevertheless, this increase in usage is creating the challenge of how to effectively be searching and filtering the encrypted emails. They are popular technologies of solving the issue of the encrypted emails searching through searchable public key encryption. However, the problem of encrypted email filtering remains to be solved. As a new approach to finding and filtering encrypted emails in the cloud, we propose a ciphertext-based encrypted policy attribute-based encryption scheme and keyword search procedure based on hidden policy ciphertext. This feature allows the user of searching using some encrypted emails keywords in the cloud as well as allowing the emails filter-based server toward filter the content of the encrypted emails, similar to the traditional email keyword filtering service. By utilizing composite order bilinear groups, a hidden policy system has been successfully demonstrated to be secure by our dual system encryption process. Proposed system can be used with other scenarios such as searching and filtering files as an applicable method.

• International Journal of Computer Science & Network Security
• /
• v.23 no.9
• /
• pp.134-140
• /
• 2023

The distributed system is playing a vital role in storing and processing big data and data generation is speedily increasing from various sources every second. Hadoop has a scalable, and efficient distributed system supporting commodity hardware by combining different networks in the topographical locality. Node support in the Hadoop cluster is rapidly increasing in different versions which are facing difficulty to manage clusters. Hadoop does not provide Node management, adding and deletion node futures. Node identification in a cluster completely depends on DHCP servers which managing IP addresses, hostname based on the physical address (MAC) address of each Node. There is a scope to the hacker to theft the data using IP or Hostname and creating a disturbance in a distributed system by adding a malicious node, assigning duplicate IP. This paper proposing novel node management for the distributed system using DNA hiding and generating a unique key using a unique physical address (MAC) of each node and hostname. The proposed mechanism is providing better node management for the Hadoop cluster providing adding and deletion node mechanism by using limited computations and providing better node security from hackers. The main target of this paper is to propose an algorithm to implement Node information hiding in DNA sequences to increase and provide security to the node from hackers.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.6
• /
• pp.221-235
• /
• 2010

Internet service providers provide various security services, such as firewall, intrusion detection, intrusion prevention, anti-virus, along with their main Internet services. Those security service users have no idea what kind of quality services they are guaranteed. And therefore, Internet users interest in Security Service Level Agreement(SLA) increases as their interest in secure Internet service increases. However, there wasn't any researches in the S-SLA area domestically and there are only limited SLA indexes related to system or service maintenances at the moment. Therefore, this paper analyses security functions in IPS services and categorize them into common and independent security functions. Finally to improve quality of security services, this paper proposes S-SLA indexes depending on the different security levels. This will be subdivide into agreement on security service.

• Information Systems Review
• /
• v.25 no.4
• /
• pp.27-45
• /
• 2023

The importance of information security has grown alongside the development of information and communication technology. However, companies struggle to select suitable countermeasures within their limited budgets. Sönmez and Kılıç (2021) proposed a model using AHP and mixed integer programming to determine the optimal investment combination for mitigating information security breaches. However, their model had limitations: 1) a lack of objective measurement for countermeasure efficacy against security threats, 2) unrealistic scenarios where risk reduction surpassed pre-investment levels, and 3) cost duplication when using a single countermeasure for multiple threats. This paper enhances the model by objectively quantifying countermeasure efficacy using the beta probability distribution. It also resolves unrealistic scenarios and the issue of duplicating investments for a single countermeasure. An empirical analysis was conducted on domestic SMEs to determine investment budgets and risk levels. The improved model outperformed Sönmez and Kılıç's (2021) optimization model. By employing the proposed effectiveness measurement approach, difficulty to evaluate countermeasures can be quantified. Utilizing the improved optimization model allows for deriving an optimal investment portfolio for each countermeasure within a fixed budget, considering information security costs, quantities, and effectiveness. This aids in securing the information security budget and effectively addressing information security threats.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.12
• /
• pp.181-190
• /
• 2009

DBMS access that used high speed internet web service through WAS is increasing. Need application of DB security technology for 3-Tier about DBMS by unspecified majority and access about roundabout way connection and competence control. If do roundabout way connection to DBMS through WAS, DBMS server stores WAS's information that is user who do not store roundabout way connection user's IP information, and connects to verge system. To DBMS in this investigation roundabout way connection through WAS do curie information that know chasing station security thanks recording and Forensic data study. Store session about user and query information that do login through web constructing MetaDB in communication route, and to DBMS server log storing done query information time stamp query because do comparison mapping actuality user discriminate. Apply making Rule after Pattern analysis receiving log by elevation method of security authoritativeness, and develop Module and keep in the data storing place through collection and compression of information. Kept information can minimize false positives of station chase through control of analysis and policy base administration module that utilize intelligence style DBMS security client.

• Journal of Navigation and Port Research
• /
• v.36 no.1
• /
• pp.9-14
• /
• 2012

Maritime security incidents by pirates and by terrorists increase, but maritime incidents investigation models are limited to figure out the maritime security incidents. This paper provides the analysis model for maritime security incidents. To develop this analysis model, this categorizes five threat factors, the ship, the cargo type, port system, human factor, information flow system, makes the risk assessment matrix to quantify the risk related to threat factors and classifies four priority categories of risk assessment matrix. Also, this model makes from the frameworks which include a variety of security initiatives implementing in stakeholder levels like international organizations, individual governments, shipping companies, and the ship. Therefore, this paper develops the Analysis for Maritime Security Management model based on various security initiatives responding to the stakeholder levels of maritime security management and top-bottom/bottom-up decision trees, and shows the validity through verifying the real maritime security incident of M/V Petro Ranger.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.5
• /
• pp.163-170
• /
• 2008

As the degree of dependency and application of component increases, the need to strengthen security of component is also increased as well. The component gives an advantage to improve development productivity through its reusable software. Even with this advantage, vulnerability of component security limits its reuse. When the security level of a component is raised in order to improve this problem, the most problematic issue will be that it may extend its limitation on reusability. Therefore, a component model concerning its reusability and security at the same time should be supplied. We suggest a Separation of Concerns Security Model for Extension of Component Reuse which is integrated with a wrapper model and an aspect model and combined with a reuse model in order to extend its security and reusability by supplying information hiding and easy modification, and an appropriate application system to verify the model's compatibility is even constructed. This application model gives the extension of component function and easy modification through the separation of conceits, and it raise its security as doll as extends its reusability.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.2
• /
• pp.331-346
• /
• 2019

Global cyber threats to industrial control systems are increasing. As a result, related research and cooperation are actively underway. However, we are focusing on strengthening security for physical network separation and perimeter. Internal threats are still vulnerable. This is because the easiest and strongest countermeasure is to enhance border security, and solutions for enhancing internal security are not easy to apply due to system availability problems. In particular, there are many vulnerabilities due to the large number of legacy systems remaining throughout industrial control systems. Unless these vulnerable systems are newly built according to the security framework, it is necessary to respond to these vulnerable systems, and therefore, a security solution considering availability has been verified and suggested. Using Sysmon and ELK, security solutions can detect Cyber-threat that are difficult to detect in unstructured ICS.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.2
• /
• pp.203-212
• /
• 2013

Recently, cloud computing is one of the parts showing the biggest growth in the IT market and is expected to continue to grow into. Especially, many companies are adopting virtual desktop infrastructure as private cloud computing to achieve in saving the cost and enhancing the efficiency of the servers. However, current digital forensic investigation methodology of cloud computing is not systematized scientifically and technically. To do this, depending on the type of each cloud computing services, digital evidence collection system for the legal enforcement should be established. In this paper, we focus on virtual desktop infrastructure as private cloud computing and introduce the most widely used around the world desktop virtualization solutions of VMware, Citrix, and Microsoft. And We propose digital forensic investigation methodology for private cloud computing that is constructed by these solutions.