• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.12C
• /
• pp.1707-1721
• /
• 2004

In this paper, we propose a distributed communication model of intrusion detection system(IDS) in which integrated security management at networks level is possible, model it at a security node and distributed system levels, design and implement a simulator. At the node level, we evaluate the transfer capability of alert message based on the analysis of giga-bit security node architecture which performs hardware-based intrusion detection. At the distributed system level, we perform the evaluation of transfer capability of detection and alert informations between components of distributed IDS. In the proposed model, we carry out the performance evaluation considering decision factors of communication mechanism and present the results in order to gain some quantitative understanding of the system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.4
• /
• pp.933-940
• /
• 2015

IT environments such as IoT, SNS, BigData, Cloud computing are changing rapidly. These technologies add new technologies to some of existing technologies and increase the complexity of Information System. Accordingly, they require enhancing the security function for new IT services. Information Security Pre-inspection aims to assure stability and reliability for user and supplier of new IT services by proposing development stage which considers security from design phase. Existing 'Information Security Pre-inspection' (22 domains, 74 control items, 129 detail items) consist of 6 stage (Requirements Definition, Design, Training, Implementation, Test, Sustain). Pilot tests were executed for one of IT development companies to verify its effectiveness. Consequently, for some inspection items, some improvement requirements and reconstitution needs appeared. This paper conducts a study on activation of 'Information Security Pre-inspection' which aims to construct prevention system for new information system. As a result, an improved 'Information Security Pre-inspection' is suggested. This has 16 domains, 54 inspection items, 76 detail items which include some improvement requirements and reconstitution needs.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.12 no.5
• /
• pp.219-227
• /
• 2012

This paper describes the design and implementation of an efficient image security system for CCTV using the analysis technique of color informations. In conventional approaches, the compression and encryption techniques are mainly used for reducing the data size of the original images while the analysis technique of color information is first proposed, which eliminates the overlapping part of the original image data in our approach. In addition, security-enhanced CCTV image security system is presented using SSL/VPN tunneling technique. When we use the method proposed in this paper, an efficient image processing is enable for a mount of information, and also security problem is enhanced. Through the implementation results, the proposed method showed that the original image information are dramatically reduced.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.1
• /
• pp.85-94
• /
• 2010

As an automatic identification technology, in which electronic tags are attached to items and system auto-identifies informations of the items using wireless communication technology, use of RFID system is increasing in various fields. According to that, related security problems are becoming important issue. Up to now, many authentication protocols have been proposed to solve security problem of RFID system. In this paper, We show that the RFID authentication protocols in [9, 10], which are compatible with Type C RFID system in ISO 18000-6 Amd1[8], are vulnerable to a spoofing attack. In addition, we propose improved protocols having small additional cost over the original protocols.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.4
• /
• pp.221-230
• /
• 2008

We Studied current Flight Information System everyone employing, and this paper designed a next generation Ubiquitous Flight Information System. Studied a Ubiquitous Flight Information System regarding AVOD, game TV, cellular phone, cabin Internet use for a customer, and airline and control of Air Traffic Service, Air Traffic Control, in seat reservation, transportation, ticketing and luggage back-tracking and airplanes in earthly service. We Designed for a Next Generation Ubiquitous Flight Information System and for necessary for network security, system security of information security system, and derived from comparative analysis of improvement point and difference to existing Ubiquitous Flight Information System and Next Generation Ubiquitous Flight Information as was based on result of research. Present vision to aerial the result of research world of this paper related industry, and ensure safety and communication efficiency and a customer and flight satisfaction, efficiency, and will reclaim the new horizon to the Flight Information Industry.

• Convergence Security Journal
• /
• v.1 no.1
• /
• pp.9-20
• /
• 2001

In the 3rd Wave of information revolution, technical research & development for more rapid and safe information exchange take a sudden turn currently According to a step up in importance and efficiency value of information, it's necessary to research technical development in various field altogether. Especially information security is the very core of essential technology. However most System attacks are based on the weakness of OS, it is difficult to achieve the security goal in the only application level. For the solution of this problem, so many technology researches to serve secure, trust information security in OS itself are activated. Consequently we introduce the tendency of current secure OS development projects of security kernel all over world in this report and inquire into security mechanism of the File Griffin which prevents file system forgery, modification perfectly by performing digital signature certificate on kernel level.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.25 no.9A
• /
• pp.1387-1394
• /
• 2000

The SSL(Secure Socket Layer) protocol is one of the mechanism widely used in the recent network system. The improved information security mechanism based on the SSL is designed in this paper. There are important four information security services. The first is the authentication service using the Certificate offered from the SSL(Secure Socket Layer), the second is the message confidentiality service using the DES encryption algorithm, the third is the message integrity service using Hash function, and the fourth is Non-repudiation service. Therefore, information could be transferred securely under the information security mechanism including Non-repudiation service especially designed in this paper.

• Convergence Security Journal
• /
• v.16 no.7
• /
• pp.167-172
• /
• 2016

The purpose of this study is to provide implications for preventing insider information leakages in public agencies for national security. First, the study examined the definitions and current usage of information security systems of public agencies were examined. Second, web-service base information leaks and malware-base information leaks were discussed and three major credit card companies' personal information leakage cases were analyzed. Based on the analysis, four solutions were provided. First, information leakages can be protected by using web filtering solutions based on the user, which make possible to limit frequencies of malware exposures. Second, vaccine programs and vaccine management system should be implemented to prevent information leakages by malware. Third, limit the use of portable devices within local networks to prevent information leakages and vaccines programs for malware should be regularly used. Forth, to prevent information leakages by smartphone malwares, data encryption application should be used to encrypt important information.

• Annual Conference of KIPS
• /
• 2019.10a
• /
• pp.491-494
• /
• 2019

The results from the analysis of recent security breach cases of industrial control systems revealed that most of them were caused by the employees of a partner company who had been managing the control system. For this reason, the majority of the current company security management systems have been developed focusing on their performances. Despite such effort, many hacking attempts against a major company, public institution or financial institution are still attempted by the partner company or outsourced employees. Thus, the institutions or organizations that manage Industrial Control Systems (ICSs) associated with major national infrastructures involving traffic, water resources, energy, etc. are putting emphasis on their security management as the role of those partners is increasingly becoming important as outsourcing security task has become a common practice. However, in reality, it is also a fact that this is the point where security is most vulnerable and various security management plans have been continuously studied and proposed. A system that enhances the security level of a partner company with a Virtual Desktop Infrastructure (VDI) has been developed in this study through research on the past performances of partner companies stationed at various types of industrial control infrastructures and its performance outcomes were statistically compiled to propose an appropriate model for the current ICSs by comparing vulnerabilities, measures taken and their results before and after adopting the VDI.

• The Journal of Information Technology
• /
• v.6 no.4
• /
• pp.35-58
• /
• 2003

We analyze specific supplementation direction(Efficiency, Isolation, convenience, synthesis, variety, security) about system vulnerabilities of the NEIS(National Education Information System) in this research. The efficiency constructs parallel security vulnerabilities diagnosis system NEIS which the security problem prevents and checks.