• Convergence Security Journal
• /
• v.22 no.1
• /
• pp.11-17
• /
• 2022

Cyber attacks on national infrastructure, including large-scale power outages in Ukraine, have continued in recent years. As a result, ICS-CERT vulnerabilities have doubled compared to last year, and vulnerabilities to industrial control systems are increasing day by day. Most control system operators develop vulnerability countermeasures based on the vulnerability information sources provided by ICS-CERT in the United States. However, it is not applicable to the security of domestic control systems because it does not provide weaknesses in Korean manufacturers' products. Therefore, this study presents a vulnerability analysis framework that integrates CVE, CWE, CAPE, and CPE information related to the vulnerability based on ICS-CERT information (1843 cases). It also identifies assets of nuclear facilities by using CPE information and analyzes vulnerabilities using CVE and ICS-CERT. In the past, only 8% of ICS-CERT's vulnerability information was searched for information on any domestic nuclear facility during vulnerability analysis, but more than 70% of the vulnerability information could be searched using the proposed methodology.

• Journal of the Korea Computer Industry Society
• /
• v.2 no.9
• /
• pp.1233-1238
• /
• 2001

Security is very important at EC(Electronic Commerce) Environments. The reason is that exchanged data(that is user private information(accounts, card-no, password), transaction items, etc) is various and is very sensitive. In this paper, we propose the Secure-XML Messaging System(S-XMS) which is implemented to support Message Level Security, Encryption and Digital Signature. And we implement Message Confidentiality Service, User Authentication & Message Integrity Service and Non-Repudiation Service among the various Security Services.

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 2001.05a
• /
• pp.55-63
• /
• 2001

IMT-2000 mobile system will serve many application services such as mobile internet, wireless electronics commerce applications using high data rate air interface. These applications require high data integrity, data confidentiality, user authentication, user identity confidentiality and non-repudiation. In this study, we analyze air interface performance fur network access security services in IMT-2000 mobile systems. Signal traffic for network access security services increase all link between IMT-2000 system elements. Our study focus on air interface, which is very sensitive signal traffic increase.

• International Journal of Computer Science & Network Security
• /
• v.24 no.9
• /
• pp.97-104
• /
• 2024

Leukemia induced death has been listed in the top ten most dangerous mortality basis for human being. Some of the reason is due to slow decision-making process which caused suitable medical treatment cannot be applied on time. Therefore, good clinical decision support for acute leukemia type classification has become a necessity. In this paper, the author proposed a novel approach to perform acute leukemia type classification using sequential neural network classifier. Our experimental result only covers the first classification process which shows an excellent performance in differentiating normal and abnormal cells. Further development is needed to prove the effectiveness of second neural network classifier.

• KIISE Transactions on Computing Practices
• /
• v.22 no.7
• /
• pp.332-337
• /
• 2016

System administrator or security managers need to collect logs of computing device (desktop or server), which are used for the purpose of cause-analysis of security incident and discover if damage to system was either caused by hacking or computer virus. Furthermore, appropriate log maintenance helps preventing security breech incidents through identification of vulnerability. In addition, it can be utilized for prevention of data leakage through the insider. In the paper, we present log collection system developed using open source supported by commands and basic methods of Windows. Furthermore, we aim to collect log information to enable search and analysis from diverse perspectives and to propose a way to integrate with open source-based search engine system.

• The KIPS Transactions:PartC
• /
• v.8C no.5
• /
• pp.535-542
• /
• 2001

Mobile codes such as Java, Java-Script, ActiveX, and Script code are loaded into a client system first and then run without any notice to the client user. Executing code by this mechanism may cause various security problems such as flowing out system information, deleting or modifying files, and exhausting system resources. In this paper we propose an integrated authentication system to establish the uniform security countermeasure on various mobile codes. The system helps to solve to problems mentioned above. An integrated authentication system allows to load into an interpreter using ACL (Access Control List) which sets up an access authority to the executable contents and communicates with an interpreter using client/server model.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.2
• /
• pp.423-437
• /
• 2015

The IPv6 which solved the exhaustion problem of IPv4's IP address is going to be used for many kinds of industries. As a result, there are some products which can be connected to other connectable things, it called Internet of Things (IoT). With growing new propagated products including networking, each product can get an IP address of IPv6, which means it is possible that things also have their own IP addresses. Thus, IP address management system is more important and needs tracking and collecting system for unused products with IP addresses. This study suggests new distribution tracking and inventory management system for IoT products, which offers a current location of things and manages stocks in the warehouse with the static IP address and the location-based service.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.3
• /
• pp.499-505
• /
• 2018

Shipping and logistics safety, security system is strengthening worldwide, the development of shipping and logistics safety security core technology for national security logistics system construction has been carried out. In addition, it is necessary to localize the Array Detection System, which is a core component of the container search machine, to cope with the 100% pre-inspection of the container scheduled for 2018 in the United States. In this research, we propose a test software program developed by using TI-RTOS (Texas Instruments - Real Time Operating System) with a test digital signal processing board which is developed self development. We have developed a program that can test GPIO, SRAM, TCP/IP, and SDcard using M4 MCU. Also we propose a study on a self-developed Digital Signal Processing Board among the array detection systems that replace foreign products. We have developed a test board that can test M4 MCU and developed an X-Ray Detector Digital Signal Processing Board that combines MCU and FPGA.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.3
• /
• pp.1101-1107
• /
• 2010

DVR is widely used in the security monitoring system because it has excellent performance compared with VCR. In this paper, the new DVR interfaces and repeaters enhancing the performance of the existing DVR have been designed and implemented, which enables a large-scaled security monitoring system to be built economically. A repeater in this paper connects 8 monitoring terminals to 2 channels of DVR and a DVR interface manages 16 repeaters to be able to accommodate 128 monitoring terminals. Eventually, the implemented system has a quadruple scalability compared to the existing systems and can reduce the installation cost substantially by using cost-effective UTP cables instead of coaxial cables. And the system could be effectively used in various environments and conditions because various functions such as video transmission, audio communication, emergency call, and RFID card are integrated into the system.

• Journal of the Korea Convergence Society
• /
• v.10 no.7
• /
• pp.7-14
• /
• 2019

Users who use smartphone can using knowledge-based authentication, possession-based authentication, biometric-based authentication, and token-based authentication in order to access rights to systems requiring authentication. However, desktop computer users use method only ID and password, which are knowledge-based authentication factors, due to limitations of authentication devices, despite various authentication methods. In this paper, we designed and implemented a raspberry pi based authentication system that provides multiple authentication method of a user's desired type. The implementation system uses knowledge-based authentication, possessive-based authentication, biometric-based authentication, and token-based authentication. The proposed system can provide a security function that can be used by SMEs, which is difficult to hire a security officer due to the economic burden. The implemented system can be used not only for personal use but also for enterprise, and it can be applied to various fields such as finance and game.