• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.691-705
• /
• 2012

Buffer overflow vulnerability is the most representative one that an attack method and its countermeasure is frequently developed and changed. This vulnerability is still one of the most critical threat since it was firstly introduced in middle of 1990s. Shellcode is a machine code which can be used in buffer overflow attack. Attackers make the shellcode for their own purposes and insert it into target host's memory space, then manipulate EIP(Extended Instruction Pointer) to intercept control flow of the target host system. Therefore, a lot of research to defend have been studied, and attackers also have done many research to bypass security measures designed for the shellcode defense. In this paper, we investigate shellcode defense and attack techniques briefly and we propose our new methodology which can hide shellcode in the 24bit BMP image. With this proposed technique, we can easily hide any shellcode executable and we can bypass the current detection and prevention techniques.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.601-613
• /
• 2012

It is required to design and implement secure web applications to provide safe web services. For this reason, there are several scoring frameworks to measure vulnerabilities in web applications. However, these frameworks do not classify according to seriousness of vulnerability because these frameworks simply accumulate score of individual factors in a vulnerability. We rate and score vulnerabilities according to probability of privilege acquisition so that we can prioritize vulnerabilities found in web applications. Also, our proposed framework provides a method to score all web applications provided by an organization so that which web applications is the worst secure and should be treated first. Our scoring framework is applied to the data which lists vulnerabilities in web applications found by a web scanner based on crawling, and we show the importance of categorizing vulnerabilities according to privilege acquisition.

• 한국정보통신설비학회:학술대회논문집
• /
• 2003.08a
• /
• pp.66-69
• /
• 2003

이동통신 단말기의 지능이 높아짐에 따라, 통신망과 연동되는 휴대폰을 결재수단으로 사용하는 m-commerce와 같은 다양한 부가서비스가 가능하게 되었다. 본 논문에서는 단말기의 고기능화에 따른 응용부가서비스의 하나로, 휴대폰을 통해 통제되는 Security System을 제안하고 시스템의 구현 방법에 대해서 기술한다.

• Korean Security Journal
• /
• no.22
• /
• pp.145-168
• /
• 2010

Since Alarm Monitoring Service was introduced in Korea in 1981, the market has been increasing and is expected to increase continually. Some factors such as the increase of social security need and the change of safety consciousness, increase of persons who live alone could be affected positively on Alarm Monitoring Service industry. As Alarm Monitoring Service come into wide use, the understanding of electronic security service is spread and consumer's demand is difficult, so consideration about new developmental plan is need to respond to the change actively. Electronic security system is consist of various kinds of element, so every element could do their role equally. Alarm Monitoring Service should satisfy consumer's various needs because it is not necessary commodity, also electronic security device could be easily operated and it's appearance has to have a good design. To solve the false alarm problem, detection sensor's improvement should be considered preferentially and development of new type of sensor that operate dissimilarly to replace former sensor is needed. On the other hand, to settle the matter that occurred by response time, security company could explain the limit on Alarm Monitoring System to consumer honestly and ask for an understanding. If consumer could be joined into security activity by security agent's explanation, better security service would be provided with mutual confidence. To save response time the consideration on the introduction of GIS(Global Information System) is needed rather than GPS(Global Positioning System). Although training program for security agents is important, several benefits for security agents should be considered together. The development of new business model is required for preparation against market stagnation and the development of new commodity to secure consumer for housing service rather than commercial facility service. for the purpose of those, new commodity related to home-network system and video surveillance system could be considered, also new added service with network between security company and consumer for a basis is to be considered.

• Convergence Security Journal
• /
• v.12 no.1
• /
• pp.89-96
• /
• 2012

Information society which came due to advance of Information Technology improved the social and economical productivity as well as the quality of national life. But behind the right function the adverse effect as cyber terror is serious and become a big issue. Recently, hackings on a big scale occur frequently. The personal information stored in Internet company is leaked and customers are badly damaged by paralysis of banking system. Also hacking attacks by North Korea occur frequently. It causes confusion in our society and a threat to national security. In this paper, the trend of domestic cyber terror is observed and the countermeasure against cyber terror is proposed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1059-1065
• /
• 2015

Hard disk passwords are commonly not well known. If the passwords are set, forensic investigators are not allowed to access data on hard disks, so they can be used to obstruct investigations. Expensive tools such as PC-3000 are necessary for unlocking such hard disk passwords. But it would be a burden on both organizations that should pay for these tools and forensic investigators that are unfamiliar with these tools. This paper discusses knowledge required for unlocking hard disk passwords and proposes methods for unlocking the passwords without high-priced tools. And with a vendor-specific method, this paper provides procedures for acquiring passwords and unlocking hard disk drives.

• Journal of Multimedia Information System
• /
• v.6 no.4
• /
• pp.165-172
• /
• 2019

Machine-learning techniques have been actively employed to information security in recent years. Traditional rule-based security solutions are vulnerable to advanced attacks due to unpredictable behaviors and unknown vulnerabilities. By employing ML techniques, we are able to develop intrusion detection systems (IDS) based on anomaly detection instead of misuse detection. Moreover, threshold issues in anomaly detection can also be resolved through machine-learning. There are very few datasets for network intrusion detection compared to datasets for malicious code. KDD CUP 99 (KDD) is the most widely used dataset for the evaluation of IDS. Numerous studies on ML-based IDS have been using KDD or the upgraded versions of KDD. In this work, we develop an IDS model using CSE-CIC-IDS 2018, a dataset containing the most up-to-date common network attacks. We employ deep-learning techniques and develop a convolutional neural network (CNN) model for CSE-CIC-IDS 2018. We then evaluate its performance comparing with a recurrent neural network (RNN) model. Our experimental results show that the performance of our CNN model is higher than that of the RNN model when applied to CSE-CIC-IDS 2018 dataset. Furthermore, we suggest a way of improving the performance of our model.

• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 2008.02a
• /
• pp.21-24
• /
• 2008

컴퓨터가 대중화 되면서 다양한 소프트웨어에 대한 수요가 증가하게 되었고, 많은 소프트웨어들이 단시간에 개발되어지고 있다. 이런 이유로 많은 소프트웨어들에 대한 취약점들이 생겨나게 되었고, 이를 해결하기 위해서 소프트웨어 벤더들은 패치를 만들고 배포를 하고 있다. 하지만, 다양한 시스템과 소프트웨어를 관리하는 곳에서 일일이 패치를 벤더로부터 받아 대상시스템에 설치하고 관리하기에는 어려움이 많으며, 일괄적이고 통합적인 방법이 필요하다. 이런 문제와 요구를 해결하기 위해 패치관리시스템에 관한 많은 연구들이 진행되어 왔으며 상용제품들도 하나둘씩 개발되고 있다. 하지만, 안타깝게도 많은 패치관련연구들이 안전한 패치관리시스템 설계나 구성에 관해서만 연구되고 진행되어 왔다. 안전한 패치관리시스템을 설계하거나 구성하기 전에 무엇보다도 우선시 되어야 하는 것이 필수적인 패치관리시스템 구성요소들을 정의하는 것이며, 이와 관련된 표준이나 연구가 많이 부족하다. 따라서 본 논문은 패치관리시스템을 구성하기 위한 기본적이면서 필수적인 구성요소들을 고려하고 정의했으며, 이를 바탕으로 기본 패치관리시스템 프레임워크를 설계했다.

• The Journal of the Korea Contents Association
• /
• v.6 no.3
• /
• pp.85-92
• /
• 2006

Problem-Based Learning(PBL) is one of constructionism's model which is learner-centered learning. In this paper, a role-play base PBL using character is proposed to study importance of information security. It is different from the other PBL models in that it reflects the characteristics of learners, learning task. And it is learning support system which the learners preside their own learning activities using Internet and mobile devices. By experimental result showed that proposed method was more effective than traditional teacher-oriented teaching method about information security in self-directed learning, cooperative learning, contents-making and attraction.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.3
• /
• pp.139-146
• /
• 2008

Despite of information security installation, leakage of personal information in web services has not decreased. This is because traffics to web applications are still vulnerable by permitting external sources to access services in port HTTF 80 and HTTPS 443, even with firewall systems in place. This thesis analyzes various attack patterns resulted from web service environment and vulnerable traffic and categorizes the traffics into normal and abnormal traffics. Also this proposes ways to analyze web application attack patterns from those abnormal traffics based on weak points warned in OWASF(Open Web Application Security Project), design a system capable of detect and isolate attacks in real time, and increase efficiency of preventing attacks.