• International Journal of Computer Science & Network Security
• /
• 제22권9호
• /
• pp.376-388
• /
• 2022

The expansion of new applications and business models is being significantly fueled by the development of Fifth Generation (5G) networks, which are becoming more widely accessible. The creation of the newest intelligent vehicular networks and applications is made possible by the use of Vehicular Ad hoc Networks (VANETs) and Software Defined Networking (SDN). Researchers have been concentrating on the integration of SDN and VANET in recent years, and they have examined a variety of issues connected to the architecture, the advantages of software-defined VANET services, and the new features that can be added to them. However, the overall architecture's security and robustness are still in doubt and have received little attention. Furthermore, new security threats and vulnerabilities are brought about by the deployment and integration of novel entities and a number of architectural components. In this study, we comprehensively examine the good and negative effects of the most recent SDN-enabled vehicular network topologies, focusing on security and privacy. We examine various security flaws and attacks based on the existing SDVN architecture. Finally, a thorough discussion of the unresolved concerns and potential future study directions is provided.

• International Journal of Computer Science & Network Security
• /
• 제22권9호
• /
• pp.231-243
• /
• 2022

The expansion of new applications and business models is being significantly fueled by the development of Fifth Generation (5G) networks, which are becoming more widely accessible. The creation of the newest intelligent vehicular net- works and applications is made possible by the use of Vehicular Ad hoc Networks (VANETs) and Software Defined Networking (SDN). Researchers have been concentrating on the integration of SDN and VANET in recent years, and they have examined a variety of issues connected to the architecture, the advantages of software defined VANET services, and the new features that can be added to them. However, the overall architecture's security and robustness are still in doubt and have received little attention. Furthermore, new security threats and vulnerabilities are brought about by the deployment and integration of novel entities and several architectural components. In this study, we comprehensively examine the good and negative effects of the most recent SDN-enabled vehicular network topologies, focusing on security and privacy. We examine various security flaws and attacks based on the existing SDVN architecture. Finally, a thorough discussion of the unresolved concerns and potential future study directions is provided.

• International Journal of Computer Science & Network Security
• /
• 제23권7호
• /
• pp.149-154
• /
• 2023

Internet of Things (IoT) is now spreading everywhere. It's the technology of every person's need so we can't step back from IoT but we can secure it as it is spreading quickly so it has greater chances of danger and being misused. There is an urgent need to make IoT devices secure from getting cracked or hacked. A lot of methods had tried and still trying to mitigate IoT security issues. In this paper Blockchain is going to be the solution of most of the IoT issues or problems. We have discussed or highlighted security issues with centralized IoT and then provided solution of such security challenges through the use of blockchain because is based on a decentralized technology that is hard to modify or update.

• International Journal of Computer Science & Network Security
• /
• 제23권11호
• /
• pp.169-177
• /
• 2023

Network security is now more crucial than ever for consumers, companies, and military clients. Security has elevated to the top of the priority list since the Internet's creation. The evolution of security technology is now better understood. The area of community protection as a whole is broad and dynamic. News from the days before the internet and more recent advancements in community protection are both included in the topic of observation. Recognize current research techniques, previous Defence strategies that were significant, and network attack techniques that have been used before. The security of various domain names is the subject of this article's description of bibliographic research.

• International Journal of Computer Science & Network Security
• /
• 제24권5호
• /
• pp.40-52
• /
• 2024

Cyber-Physical Systems (CPS) are introduced as complex, interconnected systems that combine physical components with computational elements and networking capabilities. They bridge the gap between the physical world and the digital world, enabling the monitoring and control of physical processes through embedded computing systems and networked communication. These systems introduce several security challenges. These challenges, if not addressed, can lead to vulnerabilities that may result in substantial losses. Therefore, it is crucial to thoroughly examine and address the security concerns associated with CPS to guarantee the safe and reliable operation of these systems. To handle these security concerns, different existing security requirements methods are considered but they were unable to produce required results because they were originally developed for software systems not for CPS and they are obsolete methods for CPS. In this paper, a Security Requirements Engineering Methodology for CPS (CPS-SREM) is proposed. A comparison of state-of-the-art methods (UMLSec, CLASP, SQUARE, SREP) and the proposed method is done and it has demonstrated that the proposed method performs better than existing SRE methods and enabling experts to uncover a broader spectrum of security requirements specific to CPS. Conclusion: The proposed method is also validated using a case study of the healthcare system and the results are promising. The proposed model will provide substantial advantages to both practitioners and researcher, assisting them in identifying the security requirements for CPS in Industry 4.0.

• 시큐리티연구
• /
• 제14호
• /
• pp.161-179
• /
• 2007

국제회의 및 국제 스포츠 행사는 개최기간 중에 테러나 안전사고 등이 발생할 경우에 행사 그 자체가 실패할 뿐만 아니라 많은 생명과 재산이 파괴되고, 궁극적으로는 개최국의 신뢰도 저하가 수반되기 때문에 안전대책 이야말로 가장 중요한 요소이다. 이러한 맥락에서, 본 연구에서는 최근 10년간 세계 각국에서 실시한 국제회의 및 스포츠 행사에 대한 테러대응 사례를 분석하고, 이를 통해서 나타난 정책적 함의를 제시하는 목적에서 진행되었다. 본 연구에서 나타난 향후 국제회의 및 스포츠 행사에 대한 테러대응의 기본 방향을 압축하여 제시하면 다음과 같다. 먼저, 대규모 국제 행사 개최시 잘 훈련된 전문가인 안전요원 및 행사요원의 양성이 중요하다. 앞으로 자주 개최될 각종 국제행사에는 자칫 타성에 빠질 수 있는 정부 주도의 행사 보다는 각 지방자치단체가 지역내 대학과 연계되어 보안에 필요한 인력 및 재원확보를 안정적으로 해야 한다. 또한, 테러리스트들의 전략과 전술을 명확히 이해하고 정보를 활용하여 그들보다 앞서나 가는 시스템을 구축해야 한다. 따라서 정부의 주도하에 테러리즘에 대한 직 간접적인 교육과 연구 활동을 촉진시켜 테러리즘의 다양한 측면과 대응책 등 테러리즘에 대한 전반적인 안목을 국민들에게 길러줌으로써 만일의 사태에 총체적으로 대응 할 수 있는 기반을 만들어야 한다. 끝으로, 뉴 테러리즘의 한 수단으로서 사용되는 사이버 테러(cyber terror)에 대한 철저한 대비책을 마련해야 한다.

• 한국신뢰성학회지:신뢰성응용연구
• /
• 제14권2호
• /
• pp.108-113
• /
• 2014

The demand against the risk analysis and information security of system from the companies or the agencies which operate an information system is increasing. ISO/IEC 27001 was established by ISO (International Organization for Standardization) and IEC (International Electrotechnical Commission). Also this standard is international and authoritative standard of ISMS (Information Security Management System). This paper is to review how the ISO 27001 ISMS Requirement has been established and improved, and to communicate the significant changes from ISO27001 : 2005 to ISO 27001 : 2013 focusing on reasons for revisions. Additionally, This paper shows case study for understanding ISO 27001 : 2013 implementation.

• International Journal of Computer Science & Network Security
• /
• 제24권3호
• /
• pp.53-58
• /
• 2024

The Internet of Things (IoT) enables the connection of millions of disparate devices to the World Wide Web. To perform the task, a lot of smart gadgets must work together. The gadgets recognize other devices as part of their network service. Keeping participating devices safe is a crucial component of the internet of things. When gadgets communicate with one another, they require a promise of confidence. Trust provides certainty that the gadgets or objects will function as expected. Trust management is more difficult than security management. This review includes a thorough examination of trust management in a variety of situations.

• 한국정보통신학회:학술대회논문집
• /
• 한국해양정보통신학회 2004년도 춘계종합학술대회
• /
• pp.85-90
• /
• 2004

선박보안경보장치(Ship Security Alert System)는 2001년 미국 9월11일 테러 이후에 전 세계적으로 이에 대응하기 위한 방법으로 해상에서 선박을 통해 발생될 수 있는 테러에 대비하기 위한 통신시스템으로 2004년 7월1일 이후에 건조된 선박에는 반드시 탑재되어야 한다. 이 장치는 IMO SOLAS 국제 조약에 따르며 선박의 안전이 위협을 받고 있거나 위태롭게 되었음을 해당기관에 표시하기 위하여 육상으로 보안경보를 송신할 목적으로 선박에 설치되어야 한다. 무선통신설비는 특별히 정하지는 않았지만 전 세계를 포함하기 위하여 위성망을 사용하는 것이 유리하다. 본 고에서는 선박보안경보장치의 필수 기능 및 사용 가능한 통신시스템 특성에 대해서 분석하였으며 국내 관련 기술기준 방향에 대하여 제안하였다.

• 융합보안논문지
• /
• 제13권6호
• /
• pp.51-59
• /
• 2013

3.20, 6.25 등 사이버공격을 받은 우리 정부는 지난 공격의 배후를 지목했으나, 공격행위에 대한 처벌이나 제제에 대해 논할 수 있는 국제적 논의의 장은 없었다. 이렇게 특정 국가가 공격을 주도했음을 입증하는 증거를 갖고 있더라도 규탄, 제재, 처벌 등이 불가능했기에 에스토니아 사태 이후 지속적으로 유사한 악의적 행위들이 반복되고 있다. 현재 사이버안보에 관한 국제적 논의는 크게 국제적 수준, 지역적 수준 및 양자간 협력의 3계층으로 나뉘어 진행되고 있다. 이 중 국제적 사이버안보 규범 논의 방향 정립은 주로 국제연합과 세계 사이버스페이스 총회 2개 축으로 움직이고 있다. 물론 민간 중심의 인터넷 거버넌스 논의나 UN 전문기구인 국제전기통신연합 등에서도 사이버보안 이슈가 논의되고 있으나 본 논문에서는 2013년 주요 성과가 도출된 국제연합의 정부전문가그룹(GGE) 활동 결과와 우리 정부가 주최한 제3차 세계 사이버스페이스 총회의 사이버안보 논의 흐름을 분석하여 2014년부터 시작될 제4차 UN 전문가그룹(GGE)의 활동을 예상해보고 앞으로의 사이버안보 논의 방향을 짚어보고자 한다. 또한 이러한 논의들에 대한 국내 대응전략을 도출해보고자 한다.