• Proceedings of the IEEK Conference
• /
• 2004.08c
• /
• pp.693-698
• /
• 2004

The cyber attacks on the computer system in nowadays are focused on works that do not operate specific application. The main key point that we protect information security system has an access control to keep an application. Most of system has a main function to protect an infrastructure such as hardware, network and operating system. In this paper, we have presented an intrusion tolerance system that can service an application in spite of cyber attacks. The proposed system is based on the middle ware integrating security mechanism and separate function of application and intrusion tolerance. The main factor we use security system in nowadays is service to keep a persistency. The proposed intrusion tolerance system is applicable to such as medical, national defense and banking system.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.9 no.1
• /
• pp.19-24
• /
• 2009

In these days, security threat is ever increasing as computer systems and networking is everywhere. This paper is on the development of security scanner using search engine, with which site managers can easily check security vulnerability on their systems. Our security server automatically collects security-related information on the Internet, and indexes them in the database. To check the vulnerability of a customer server, the client system collects various system-specific information, and sends necessary queries to our security server for vulnerability checking. Up-to-date and site-specific vulnerability information is retrieved through the viewer, which allows the customer effectively to check and respond to security threat on client systems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.6
• /
• pp.1309-1318
• /
• 2014

In the past few years, data leakage of information assets has become a prominent social issue. According to the National Industrial Security Center in South Korea, 71 percent who suffer from technology leakage are small and medium sized enterprises. Hence, establishment and operation of ISMS (Information Security Management System) for small and medium sized enterprises become an important issue. Since it is not easy to obtain ISMS certification for a small or medium sized enterprise by itself, consultation with an expert firm in information security is necessary before the security implementation. However, how to select a proper security consulting company for a small or medium sized firm has not been studied yet. In this study, we analyze empirically the selection factors of ISMS certification consulting company for a small or medium sized firm through exploratory factor analysis (EFA). Our study identified the following four important factors in selecting a security consulting company: expertise of the staffs and human resource management proficiency, market leading capability, competence to make progress during the consultation, and the performance and the size of the physical assets and human resources.

• Journal of Electrical Engineering and Technology
• /
• v.10 no.3
• /
• pp.1284-1292
• /
• 2015

As visual surveillance systems become more and more common in human lives, approaches based on these systems to solve security problems in practice are boosted, especially in railway applications. In this paper, we first propose a robust snag detection algorithm and then present a railway security system by using a combination of multiple sensors and the vision based snag detection algorithm. The system aims safety at several repeatedly occurred situations including slope protection, inspection of the falling-object from bridges, and the detection of snags and foreign objects on the rail. Experiments demonstrate that the snag detection is relatively robust and the system could guarantee the security of the railway through these real-time protections and detections.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12spc
• /
• pp.719-725
• /
• 2021

The main purpose of the study is to determine the main aspects of information support for anti-crisis management in the context of ensuring national security. In modern conditions, under the influence of COVID-19, it becomes important to develop a modern paradigm for the transformation of anti-crisis management, based on the determination of the laws of state development on the basis of the imperative of national interests and territorial integrity. These are, firstly, the patterns of development of the state system of public administration, secondly, the patterns of development of a complex of state interests, and thirdly, patterns of development of the modern model of the country's territorial integrity. As a result of the study, the key aspects of the anti-crisis management system were identified in the context of ensuring the security of national interests.

• International Journal of Computer Science & Network Security
• /
• v.23 no.6
• /
• pp.181-192
• /
• 2023

Blockchain system brought innovation in the area of accounting, credit monitoring and trade secrets. Consensus algorithm that considered the central component of blockchain, significantly influences performance and security of blockchain system. In this paper we presented four consensus protocols specifically as Proof of Work (PoW), Proof of Stake (PoS), Delegated Proof of Stake (DPoS) and Practical Byzantine Fault-Tolerance (PBFT), we also reviewed different security threats that affect the performance of Consensus Protocols and precisely enlist their counter measures. Further we evaluated the performance of these Consensus Protocols in tabular form based on different parameters. At the end we discussed a comprehensive comparison of Consensus protocols in terms of Throughput, Latency and Scalability. We presume that our results can be beneficial to blockchain system and token economists, practitioners and researchers.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.4
• /
• pp.797-808
• /
• 2012

In smart work environment, a company provides employees a flexible work environment for tele-working using mobile phone or portable devices. On the other hand, such environment are exposed to the risks which the attacker can intrude into computer systems or leak personal information of smart-workers' and gain a company's sensitive information. To reduce these risks, the security administrator needs to analyze the usage patterns of employees and detect abnormal behaviors by monitoring VPN(Virtual Private Network) access log. This paper proposes a decision support system that can notify the status by using visualization and similarity measure through clustering analysis. On average, 88.7% of abnormal event can be detected by this proposed method. With this proposed system, the security administrator can detect abnormal behaviors of the employees and prevent account theft.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.11 no.12
• /
• pp.2280-2286
• /
• 2007

Information system contains various components, and these components can be categorized into some types. When preparing security level management activity, it is most important to define the target of management activity. And after deciding these targets, security level management activity can be started. This paper defines management targets by dividing information system into some parts, and shows these targets can be managed variously according to operation environments and characteristics.

• Convergence Security Journal
• /
• v.17 no.1
• /
• pp.39-44
• /
• 2017

The existing enterprise information security activities were centered on the information security organization, and the top management considers information security and enterprise management to be separate. However, various kinds of security incidents are constantly occurring. In order to cope with such incidents, it is necessary to protect information in terms of business management, not just information security organization. In this study, we examine the existing corporate governance and IT governance, and present an information security governance model that can reflect the business goals of the enterprise and the goals of the management. The information security governance model proposed in this paper induces the participation of top management from the planning stage and establishes information security goals. We can strengthen information security activities by establishing an information security plan, establishing and operating an information security system, and reporting the results to top management through compliance audit, vulnerability analysis and risk management.

• International Journal of Computer Science & Network Security
• /
• v.21 no.9
• /
• pp.151-154
• /
• 2021

State information policy is an important component of foreign and domestic policy of the country and covers all spheres of society. The rapid development of the information sphere is accompanied by the emergence of fundamentally new threats to the interests of the individual, society, state and its national security. The article considers the components of the state information policy to ensure information security of the country and identifies the main activities of public authorities in this area. Internal and external information threats to the national security of Ukraine and ways to guarantee the information security of the country are analyzed. Information security is seen as a component of national security, as well as a global problem of information protection, information space, information sovereignty of the country and information support of government decisions. Approaches to ensure the process of continuity of the information security system of the state in order to monitor new threats, identify risks and levels of their intensity are proposed.