• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.3
• /
• pp.537-547
• /
• 2023

As Internet of Things (IoT) technology evolves, IoT devices are being utilized in a variety of fields. However, it has become a new surface of cyber attacks and is affecting industries that did not previously consider cyber breaches. After a intrusion occurs, post-processing and damage spread prevention are important, but it is difficult to respond due to the lackof standards and guidelines. Therefore, in order to respond to such incidents, this paper establishes an incident data collection procedure and presents the data that can be collected to improve the intrusion data acquisition method for general IoT devices. In addition, we proved the efficiency and feasibility of the data collection procedure through experiments.

• Journal of Korea Society of Industrial Information Systems
• /
• v.26 no.5
• /
• pp.21-35
• /
• 2021

In this study, in order to find out how the quality factors of information system affected the technology acceptance model and user intention, the importance of IT security which had been recently emerged by including the security in the system, information and service is considered as the factors of information system quality. To verify how the information system quality affected the technology acceptance model and user intention, the study was conducted with expanded information system by classifying the technology acceptance model with perceived usefulness and perceived ease of use and classifying user intention with acceptance and utilization whether user had only acceptance intention or both acceptance and utilization intentions. The study results are as follows. First, the hypothesis that quality factors of information system affected the technology acceptance model significantly was partially adopted. Second, the hypothesis that the technology acceptance model affected user intention significantly was adopted.

• Proceedings of the Korea Contents Association Conference
• /
• 2006.11a
• /
• pp.287-291
• /
• 2006

E-learning has increased on importance as people realize that the use of technology can improve the teaming process. Consequently, new learning environments have been developed. However, in general they are oriented to address a specific e-learning functionality. Therefore, in most of the cases, they are not developed to interoperate with other e-learning tools, which makes the creation of a fully functional e-learning environment more difficult. We analyses of total information security infrastructure of school affairs information system for secure ubiquitous campus.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.05a
• /
• pp.650-653
• /
• 2011

In this paper, we describe Bluetooth system and Bluetooth security. And we analyze the structure of information security and vulnerability, introduced one of Bluetooth hacking techniques. We show a demo of the attack process to inject arbitrary hands-free voice messages and save the file information, recording a conversation through hands-free device.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.10
• /
• pp.5159-5178
• /
• 2018

Network Intrusion detection is a rapidly growing field of information security due to its importance for modern IT infrastructure. Many supervised and unsupervised learning techniques have been devised by researchers from discipline of machine learning and data mining to achieve reliable detection of anomalies. In this paper, a deep convolutional neural network (DCNN) based intrusion detection system (IDS) is proposed, implemented and analyzed. Deep CNN core of proposed IDS is fine-tuned using Randomized search over configuration space. Proposed system is trained and tested on NSLKDD training and testing datasets using GPU. Performance comparisons of proposed DCNN model are provided with other classifiers using well-known metrics including Receiver operating characteristics (RoC) curve, Area under RoC curve (AuC), accuracy, precision-recall curve and mean average precision (mAP). The experimental results of proposed DCNN based IDS shows promising results for real world application in anomaly detection systems.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.689-690
• /
• 2011

본 논문에서는 무선 센서네트워크 환경에 적용할 수 있는 불법 침입자를 감지하는 시스템으로 GPS의 위성시간과 단말기 노드 내부의 암호화 동기 시간 설정 알고리즘을 혼합하여 시간 중심의 암호화 인증시스템을 설계하여 불법적인 외부노드의 침입을 탐지하는 방법을 제안하고자 한다. 본 논문에서는 GPS의 시간 정보와 RTC(Real Time Clock) 칩과 동기화 하여 시간 정보를 실내에서도 사용할 수 있으며, 마이크로프로세서 내부 타이머 설정 시간 등을 고려하여 다중화된 시간 정보를 이용하여 보다 높은 수준의 침입 감지 시스템을 개발하여 효율성을 제시하고자 한다.

• Journal of Communications and Networks
• /
• v.11 no.3
• /
• pp.211-228
• /
• 2009

After clarifying the underlying problems in a secure network storage, we introduce two important requirements, leakageresilience and availability in higher levels respectively, for data keys that are used to protect remotely-stored data. As a main contribution of this paper, we give a new security layer for overlay networks by proposing a leakage-resilient authentication and data management system. In this system, we specifically propose a single mode and a cluster mode where the latter provides a higher level of both leakage-resilience and availability for the data key.

• Proceedings of the Korean Information Science Society Conference
• /
• 2004.10a
• /
• pp.397-399
• /
• 2004

오늘날 조직에서 공개된 소프트웨어를 이용한 오픈소스 내포형 정보보호시스템(OSS-embedded Information Security System) 개발이 증가되고 있으며 소스의 상당부분을 오픈소스 소프트웨어(OSS : Open source Software)를 이용함으로써 복잡한 IT환경 속에서 효율성 증대와 고가의 라이센스에 대한 비용 절감 효과 등을 통해 높은 시장성이 예상된다. 그러므로 오픈소스 내포형 정보보호시스템에 대한 평가 제출물 준비 및 평가에 대한 기준을 정의할 필요가 있으며 공통평가기준(CC : Common Criteria)과 공통평가방법론(CEM : Common Evaluation Methodology)에서 유도한 OSS 평가요구사항을 분석하고자 한다.

• Annual Conference of KIPS
• /
• 2015.10a
• /
• pp.780-783
• /
• 2015

MODBUS/TCP는 단순하며 기능이 다양해 산업제어시스템에서 높은 점유율로 사용되는 통신 프로토콜이다. 오랜 시간 많은 사용과 더불어 안전한 MODBUS/TCP를 위한 연구 또한 많이 이루어졌지만, 이는 공개키 적용, SSL과 같은 라이브러리 연동, SCTP와 연동한 Hybrid 형식 등이 대부분이다. hard real system에서 주로 사용되는 MODBUS/TCP는 무엇보다 정해진 timeout 시간 내에 통신이 이루어지도록 해야 한다. 따라서 앞서 말한 방법은 하드웨어 가속기, 충분한 메모리 요구량 등의 문제가 따른다. 본 논문은 hard real system의 산업제어시스템에서 요구하는 timeout 시간을 충족하며 안전한 통신을 제공하는 보안 적용 방안을 소개하며 실험의 결과를 통해 실질적으로 효과적인 대안임을 보이고자 한다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2009.10a
• /
• pp.1097-1100
• /
• 2009

Korean navy is developing an information system-based a computer - network for efficient business process and information exchange and management efficiency expansions. Naval welfare portal was developed to the part, and newly development at present to solve a problem. But inconvenient point in the army, most people do not has personal Internet PC. At this paper, we explain case study of naval welfare portal, and propose development strategy that consider of security issue.