• Title/Summary/Keyword: information security system

Search Result 6,599, Processing Time 0.035 seconds

Analysis of the IP Spoofing Attack Exploiting Null Security Algorithms in 5G Networks

  • Park, Tae-Keun;Park, Jong-Geun;Kim, Keewon
    • Journal of the Korea Society of Computer and Information
    • /
    • v.27 no.9
    • /
    • pp.113-120
    • /
    • 2022
  • In this paper, we analyze the feasibility of the IP spoofing attack exploiting null security algorithms in 5G networks based on 3GPP standard specifications. According to 3GPP standard specifications, the initial Registration Request message is not protected by encryption and integrity. The IP spoofing attack exploits the vulnerability that allows a malicious gNB (next generation Node B) to modify the contents of the initial Registration Request message of a victim UE (User Equipment) before forwarding it to AMF (Access and Mobility Management Function). If the attack succeeds, the victim UE is disconnected from the 5G network and a malicious UE gets Internet services, while the 5G operator will charge the victim UE. In this paper, we analyze the feasibility of the IP spoofing attack by analyzing whether each signaling message composing the attack conforms to the 3GPP Rel-17 standard specifications. As a result of the analysis, it is determined that the IP spoofing attack is not feasible in the 5G system implemented according to the 3GPP Rel-17 standard specifications.

IaC-VIMF: IaC-Based Virtual Infrastructure Mutagenesis Framework for Cyber Defense Training (IaC-VIMF: 사이버 공방훈련을 위한 IaC 기반 가상 인프라 변이 생성 프레임워크)

  • Joo-Young Roh;Se-Han Lee;Ki-Woong Park
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.33 no.3
    • /
    • pp.527-535
    • /
    • 2023
  • To develop experts capable of responding to cyber security incidents, numerous institutions have established cyber training facilities to cultivate security professionals equipped with effective defense strategies. However, these challenges such as limited resources, scenario-based content development, and cost constraints. To address these issues, this paper proposes a virtual infrastructure variation generation framework. It provides customized, diverse IT infrastructure environments for each organization, allowing cyber defense trainers to accumulate a wide range of experiences. By leveraging Infrastructure-as-Code (IaC) containers and employing Word2Vec, a natural language processing model, mutable code elements are extracted and trained, enabling the generation of new code and presenting novel container environments.

A Study on the Multiple Texture Rendering System for 3D Image Signal Recognition (3차원 영상인식을 위한 다중영상매핑 시스템에 대한 연구)

  • Kim, Sangjune;Park, Chunseok
    • Journal of the Society of Disaster Information
    • /
    • v.12 no.1
    • /
    • pp.47-53
    • /
    • 2016
  • Techniques to be developed in this study is intended to apply to an existing integrated control system to "A Study on the multiple Texture Rendering system for three-dimensional Image Signal Recognition" technology or become a center of the building control system in real time video. so, If the study plan multi-image mapping system developed, CCTV camera technology and network technology alone that is, will be a number of security do not have to build a linked system personnel provide services that control while the actual patrol, the other if necessary systems and linked to will develop a system that can reflect the intention Ranger.

A Correction Security Framework for Reliable Internet Services (신뢰성 있는 인터넷 서비스 제공을 위한 교정 보안 프레임워크)

  • Lee, Seung-Min;Nam, Taek-Yong;Sohn, Sung-Won;Han, Chi-Moon
    • The KIPS Transactions:PartC
    • /
    • v.10C no.6
    • /
    • pp.779-786
    • /
    • 2003
  • We propose a correction security framework as next generation security technology to provide secure and reliable Internet services. The framework guarantees durability of the services in spite of external attack, intrusion, vulnerability for fault tolerance, and network management technology that covers the set of techniques aimed at providing rapid service recovery. The improvement technology includes system itself improvement and synamic improvement preventing faults from being re-activated, in cooperation with other systems such as vulnerability anaysis system, NMS, ESM. It is expected that our framework will be applied to global networks as well as system alone, and be able to guarantee the network survivability and reliable Internet services.

Security Analysis on Password Authentication System of Web Sites (웹사이트 패스워드 인증 시스템의 보안성 분석)

  • Noh, Heekyeong;Choi, Changkuk;Park, Minsu;Kim, Seungjoo
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.3 no.12
    • /
    • pp.463-478
    • /
    • 2014
  • Portal site is not only providing search engine and e-mail service but also various services including blog, news, shopping, and others. The fact that average number of daily login for Korean portal site Naver is reaching 300 million suggests that many people are using portal sites. With the increase in number of users followed by the diversity in types of services provided by portal sites, the attack is also increasing. Most of studies of password authentication is focused on threat and countermeasures, however, in this study, we analyse the security threats and security requirement of membership, login, password reset first phase, password reset second phase. Also, we measure security score with common criteria of attack potential. As a result, we compare password authentication system of domestic and abroad portal sites.

Security Measures in Response to Future Warfare and Changes in the Network Environment (미래전과 네트워크 환경 변화에 따른 보안대책)

  • Donghan Oh;Kwangho Lee
    • Convergence Security Journal
    • /
    • v.21 no.4
    • /
    • pp.49-57
    • /
    • 2021
  • The 4th industrial revolution will develop the network environment of future warfare through the increase of IoT devices, individual warrior platforms, the operation of manned and unmanned weapon systems, intelligent command post. They are leading to the weapon system combined with hundreds or thousands of sensors will be used for surveillance and reconnaissance, electronic warfare, and deception operations on the battlefield. This change to the environment brings superiority in operational performance on the battlefield, but if the weapon system is exposed to the outside, it will lead to fatal results. In this paper, we analyze the network environment that is changing in the future warfare environment, focusing on the currently used network. In addition, it considers information security issues that must correspond to the evolving network technology and suggests various security measures to suggest the direction our military should take in the future.

CIA-Level Driven Secure SDLC Framework for Integrating Security into SDLC Process (CIA-Level 기반 보안내재화 개발 프레임워크)

  • Kang, Sooyoung;Kim, Seungjoo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.30 no.5
    • /
    • pp.909-928
    • /
    • 2020
  • From the early 1970s, the US government began to recognize that penetration testing could not assure the security quality of products. Results of penetration testing such as identified vulnerabilities and faults can be varied depending on the capabilities of the team. In other words none of penetration team can assure that "vulnerabilities are not found" is not equal to "product does not have any vulnerabilities". So the U.S. government realized that in order to improve the security quality of products, the development process itself should be managed systematically and strictly. Therefore, the US government began to publish various standards related to the development methodology and evaluation procurement system embedding "security-by-design" concept from the 1980s. Security-by-design means reducing product's complexity by considering security from the initial phase of development lifecycle such as the product requirements analysis and design phase to achieve trustworthiness of product ultimately. Since then, the security-by-design concept has been spread to the private sector since 2002 in the name of Secure SDLC by Microsoft and IBM, and is currently being used in various fields such as automotive and advanced weapon systems. However, the problem is that it is not easy to implement in the actual field because the standard or guidelines related to Secure SDLC contain only abstract and declarative contents. Therefore, in this paper, we present the new framework in order to specify the level of Secure SDLC desired by enterprises. Our proposed CIA (functional Correctness, safety Integrity, security Assurance)-level-based security-by-design framework combines the evidence-based security approach with the existing Secure SDLC. Using our methodology, first we can quantitatively show gap of Secure SDLC process level between competitor and the company. Second, it is very useful when you want to build Secure SDLC in the actual field because you can easily derive detailed activities and documents to build the desired level of Secure SDLC.

Rights Control for the Exchange and Sharing of IFC Model-based Standard Construction Drawing Information (IFC 모델기반 표준건설도면 정보의 교환 및 공유를 위한 권한제어에 관한 연구)

  • Hong, Kang-Han;Kim, In-Han
    • Korean Journal of Computational Design and Engineering
    • /
    • v.13 no.4
    • /
    • pp.286-295
    • /
    • 2008
  • Construction industry, which is a composite industry being performed by organic combination of various tasks, gives birth to a various of information in the stages of planning, designing, and maintenance management. In particular, the drawing information is broad in the scope of use because it contains all information about buildings as wall as bid, materials, contracts. Therefore, the management of drawing information security is one of the most important factors, which determines the success of failure of business. The major findings and result of this study are as follows to control the distributed drawing information in the collaboration environment. 1) Analysis for function and practical use of DRM in the construction industry. 2) Proposal for applications of DRM that can secure IFC model-based drawing information in the collaboration environment. 3) Extraction from additional IFC entities to apply DRM to part 21 physical files 4) Analysis for functions which are necessary in DRM application prototype system and development of the system. 5) Development IFC model-based DRM prototype system.

A Study on the Effects of Earnings Management in Outside Directors System for Information Security Company (정보보안기업의 사외이사제도가 이익조정에 미치는 영향에 관한 연구)

  • Kim, Dong Young
    • The Journal of Society for e-Business Studies
    • /
    • v.19 no.2
    • /
    • pp.143-158
    • /
    • 2014
  • Country ownership and management of information security companies generally do not clearly separate from the Board of Directors to function smoothly controlling shareholders do not participate in management decision-making and internal control board does not perform the task correctly, they said the issue was raised. The purpose of this study is to improve corporate governance, information security companies of the outside director system was introduced as part of the transparency of accounting information to investigate whether the effectiveness of the overall business management is also part of the efficient management of operations and earnings being with respect to the empirical data would be analyzed using the. This means that with the specific purpose of the characteristics of a technology-intensive company focusing on information security proportion of outside directors and outside directors of the board of directors of the board of directors of the target attendance rate for identifying the relationship between earnings management purposes. The empirical results is the ratio of outside directors and the relationship between discretionary accruals as a temporary negative (-) boyimyeo significant relationship, so was adopted. is discretionary accruals and attendance of outside directors, as is the hypothesis that the regression coefficient negative (-) shows the relationship between the mind, so was adopted.

A Method to Find Feature Set for Detecting Various Denial Service Attacks in Power Grid (전력망에서의 다양한 서비스 거부 공격 탐지 위한 특징 선택 방법)

  • Lee, DongHwi;Kim, Young-Dae;Park, Woo-Bin;Kim, Joon-Seok;Kang, Seung-Ho
    • KEPCO Journal on Electric Power and Energy
    • /
    • v.2 no.2
    • /
    • pp.311-316
    • /
    • 2016
  • Network intrusion detection system based on machine learning method such as artificial neural network is quite dependent on the selected features in terms of accuracy and efficiency. Nevertheless, choosing the optimal combination of features, which guarantees accuracy and efficienty, from generally used many features to detect network intrusion requires extensive computing resources. In this paper, we deal with a optimal feature selection problem to determine 6 denial service attacks and normal usage provided by NSL-KDD data. We propose a optimal feature selection algorithm. Proposed algorithm is based on the multi-start local search algorithm, one of representative meta-heuristic algorithm for solving optimization problem. In order to evaluate the performance of our proposed algorithm, comparison with a case of all 41 features used against NSL-KDD data is conducted. In addtion, comparisons between 3 well-known machine learning methods (multi-layer perceptron., Bayes classifier, and Support vector machine) are performed to find a machine learning method which shows the best performance combined with the proposed feature selection method.