• Annual Conference of KIPS
• /
• 2022.05a
• /
• pp.118-121
• /
• 2022

국내 산업재해 사고 사망자의 상당수가 건설업에서 발생하고 있다. 건설 현장에는 굴삭기, 크레인과 같은 중장비가 많고 높은 곳에서 작업하는 경우가 흔해 위험 요소에 노출될 가능성이 높다. 물리적 사고 외에도 작업 중 발생하는 미세먼지에는 여러 유해 인자가 존재하여 건설근로자들에게 호흡기질환과 같은 직업병을 유발한다. 정부에서는 산업현장 안전 관리의 중요성이 증가함에 따라 각종 산업재해로부터 근로자를 보호하기 위한 법안을 마련하였다. 따라서 건설 현장의 경우 산업재해를 방지하기 위해서 위험요소를 사전에 인지하고 즉각 대응할 수 있는 기술이 필요하다. 본 연구에서는 인공지능(AI)과 사물인터넷(IoT)을 통한 자동화 기술을 활용하여 24시간 안전 관리 시스템을 제안한다. 제안하는 IoT 기반 통합안전 관리 시스템은 AI를 적용한 CCTV를 통해 산업 현장을 모니터링하고, 다수의 IoT 센서가 측정한 수치를 근로자 및 관리자가 실시간으로 확인할 수 있게 하여 산업 현장 내 안전사고를 예방한다. 구체적으로 어플리케이션을 통해 미세먼지 농도, 가스 농도, 온도, 습도, 안전모 착용 여부 등을 모니터링할 수 있다. 모니터링 중에 유해물질의 농도가 일정 수치를 넘기거나 안전모를 착용하지 않은 근로자가 발견될 경우 근로자 및 관리자에게 경고 알림을 발송한다. 유해물질 농도는 IoT 센서를 통해 측정하며 안전모 착용 여부는 카메라 센서에 딥러닝 모델을 적용하여 인식하였다. 본 연구에서 제시한 통합안전관리시스템을 통해 건설현장을 비롯한 산업현장의 산업재해 감소와 근로자 안전 증진에 기여할 수 있을 것으로 기대한다.

• Proceedings of the Korea Society of Information Technology Applications Conference
• /
• 2005.11a
• /
• pp.281-284
• /
• 2005

Kerberos is system that offer authorization in internet and authentication service. Can speak that put each server between client and user in distributed environment and is security system of symmetry height encryption base that offer authentication base mutually. Kerberos authentication is based entirely on the knowledge of passwords that are stored on the Kerberos Server. A user proves her identity to the Kerberos Server by demonstrating Knowledge of the key. The fact that the Kerberos Server has access to the user's decrypted password is a rwsult of the fact that Kerberos does not use public key cryptogrphy. It is a serious disadvantage of the Kerbercs System. The Server must be physically secure to prevent an attacker from stealing the Kerberos Server and learning all of the user passwords. Kerberos was designend so that the server can be stateless. The Kerberos Server simply answers requests from users and issues tickets. This study focused on designing a SIP procy for interworking with AAA server with respect to user authentication and Kerberos System. Kerberos is security system of encryption base that offer certification function mutually between client application element and server application element in distributed network environment. Kerberos provides service necessary to control whether is going to approve also so that certain client may access to certain server. This paper does Credit-Control Server's function in AAA system of Diameter base so that can include Accounting information that is connected to Rating inside certification information message in Rating process with Kerberos system.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.5 no.4
• /
• pp.425-434
• /
• 2010

This study shows a limit to attacks that the prevention system, which is used as the mutual third aggressive packet path between open heterogeneous networks and applies prevention techniques according to the trace like IP tracking and attack methods, can prevent. Therefore, the study aims to learn information of constant attack routing protocol and of the path in network, the target of attack and build a database by encapsulating networks information routing protocol operates in order to prevent source attack paths. In addition, the study is conducted to divide network routing protocols developed from the process of dividing the various attack characters and prevent various attacks. This study is meaningful in that it analyzes attack path network and attacks of each routing protocol and secure exact mechanism for prevention by means of 3D-Puzzle, Path, and Cube of the integrated security system which is an implementation method of integrated information protection for access network defense.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.18 no.5
• /
• pp.17-23
• /
• 2018

The rapid development of mobile technology has increased the use of mobile devices, and the possibility of security incidents is also increasing. The leakage of information through photos is the most representative. Previous methods for preventing this are disadvantageous in that they can not take pictures for other purposes. In this paper, we design and implement a system to prevent information leakage through photos using object recognition and beacon. The system inspects pictures through object recognition based on deep learning and verifies whether security policies are violated. In addition, the location of the mobile device is identified through the beacon and the appropriate rules are applied. Web applications for administrator allow you to set rules for taking photos by location. As soon as a user takes a photo, they apply appropriate rules to the location to automatically detect photos that do not conform to security policies.

• Journal of the Korea Society of Computer and Information
• /
• v.11 no.2 s.40
• /
• pp.75-82
• /
• 2006

The service use management for keeping up stable and effective environment is hard little by little by according to increase of internet user and being complicated network environment of the Internet little by little. being various of the requirements of the service which is provided and the user demand. And the beginning flag security was limited in IDS, But recently the integrated civil management is coming to be considered seriously according to adventting IDS. Firewall , Security or system. The development of integrated security civil management system to analyze widely through observation and detection at Network or host base, the judgment of attack, and integrated analysis of infiltration information is necessary because of detecting the various type attack.

• Journal of the Korea Convergence Society
• /
• v.8 no.6
• /
• pp.17-27
• /
• 2017

Recently, as cyber attacks have been activated, many such attacks have come into contact with various media. Research on security engineering and reverse engineering is active, but there is a lack of research that integrates them and applies attack systems through cost effective attack engineering. In this paper, security - enhanced information systems are developed by security engineering and reverse engineering is used to identify vulnerabilities. Using this vulnerability, we compare and analyze lifecycle models that construct or remodel attack system through attack engineering, and specify structure and behavior of each system, and propose more effective modeling. In addition, we extend the existing models and tools to propose graphical attack specification models that specify attack methods and scenarios in terms of models such as functional, static, and dynamic.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.5
• /
• pp.1189-1199
• /
• 2017

With the rapid increase in mobile device users, there are many cyber attacks using SMS messages to infect the mobile device. The monetary demage from those attacks are also increasing. Since those demage are generally related to mobile micropayement systems, we study the details of the incidents on smishing and mobile micropayment. We have identified several limitations of current regulations and laws of them. Thus, we propose new regulations and laws to reduce the financial demage from simishing and to strengthen the security and responsibility of the mobile network operator, payment gateway, and content providers who are participating in the structure of a mobile micropayment systems, such as a regulation for information security evaluation system, several laws for compensation of financial demage within mobile micropayement system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.3
• /
• pp.101-115
• /
• 2011

A botnet is a huge network of hacked zombie PCs. Recognizing the fact that the majority of email spam is sent out by botnets, a system that is capable of detecting botnets and zombie PCS will be designed in this study by analyzing email spam. In this study, spam data collected in "an email spam trail system", Korea's national spam collection system, were used for analysis. In this study, we classified the spam groups by the URLs or attached files, and we measured how much the group has the characteristics of botnet and how much the IPs have the characteristics of zombie PC. Through the simulation result in this study, we could extract 16,030 zombie suspected PCs for one hours and it was verified that email spam can provide considerably useful information in tracing zombie PCs.

• Journal of the Korea Society of Computer and Information
• /
• v.28 no.9
• /
• pp.81-92
• /
• 2023

A privacy model is a technique that quantitatively restricts the possibility and degree of privacy breaches through privacy attacks. Representative models include k-anonymity, l-diversity, t-closeness, and differential privacy. While many privacy models have been studied, research on selecting the most suitable model for a given dataset has been relatively limited. In this study, we develop a system for recommending the suitable privacy model to prevent privacy breaches. To achieve this, we analyze the data features that need to be considered when selecting a model, such as data type, distribution, frequency, and range. Based on privacy model background knowledge that includes information about the relationships between data features and models, we recommend the most appropriate model. Finally, we validate the feasibility and usefulness by implementing a recommendation prototype system.

• Convergence Security Journal
• /
• v.6 no.1
• /
• pp.1-11
• /
• 2006

The exponential increase of malicious and criminal activities in cyber space is posing serious threat which could destabilize the foundation of modem information society. In particular, unexpected network paralysis or break-down created by the spread of malicious traffic could cause confusion and disorder in a nationwide scale, and unless effective countermeasures against such unexpected attacks are formulated in time, this could develop into a catastrophic condition. As a result, there has been vigorous effort and search to develop a functional state-level cyber-threat early-warning system however, the efforts have not yielded satisfying results or created plausible alternatives to date, due to the insufficiency of the existing system and technical difficulties. The existing cyber-threat forecasting and early-warning depend on the individual experience and ability of security manager whose decision is based on the limited security data collected from ESM (Enterprise Security Management) and TMS (Threat Management System). Consequently, this could result in a disastrous warning failure against a variety of unknown and unpredictable attacks. It is, therefore, the aim of this research to offer a conceptual design for "Knowledge-based Real-Time Cyber-Threat Early-Warning System" in order to counter increasinf threat of malicious and criminal activities in cyber suace, and promote further academic researches into developing a comprehensive real-time cyber-threat early-warning system to counter a variety of potential present and future cyber-attacks.