• Convergence Security Journal
• /
• v.17 no.1
• /
• pp.31-38
• /
• 2017

As the cyber-attacks through the networks advance, it is difficult for the intrusion detection system based on the simple rules to detect the novel type of attacks such as Advanced Persistent Threat(APT) attack. At present, many types of research have been focused on the application of machine learning techniques to the intrusion detection system in order to detect previously unknown attacks. In the case of using the machine learning techniques, the performance of the intrusion detection system largely depends on the feature set which is used as an input to the system. Generally, more features increase the accuracy of the intrusion detection system whereas they cause a problem when fast responses are required owing to their large elapsed time. In this paper, we present a network intrusion detection system based on artificial neural network, which adopts a multi-objective genetic algorithm to satisfy the both requirements: accuracy, and fast response. The comparison between the proposing approach and previously proposed other approaches is conducted against NSL_KDD data set for the evaluation of the performance of the proposing approach.

• Journal of Convergence Society for SMB
• /
• v.6 no.3
• /
• pp.29-35
• /
• 2016

This paper presents the design of a user authentication system (DCIAS) using the device constant information. Defined design a new password using the access device constant information to be used for user authentication during system access on the network, and design a new concept the user authentication system so that it can cope with the threat required from passive replay attacks to re-use the password obtained in other applications offer. In addition, by storing a password defined by the design of the encrypted random locations in the server and designed to neutralize the illegal access to the system through the network. Therefore proposed using the present system, even if access to the system through any of the network can not know whether any where the password is stored, and if all right even stored information is not easy to crack's encrypted to neutralize any replay attacks on the network to that has strong security features.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2007.06a
• /
• pp.773-777
• /
• 2007

Very various infusion by development of systems that is based on network is spread. Therefore, Evaluation Tool has been an active research area to reduce the risk from intrusion. On this thesis, during threat assesment, we have planned possible an equal-weight applied assesment and considering the characteristics of the organization an assesment which security factor's weight is variably applied to, and respective organizations to examine its security by itself in order to support the easy findings of the vulnerabilities on the management point of view, and to show the advices to practice.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.9 no.4
• /
• pp.61-70
• /
• 2006

This paper is to describe LYNX-ESM Simulation System to simulate for EW operating environment analysis and system performance verification of LYNX-ESM system using Discrete Event Simulation(DEVS) Methodology. This system consists of 3 PC with TCP/IP network. Each PC is loaded with Modeling & Simulation program based DEVS. Each connected program conducts EW simulation. As a result, we analyze the operating environment of the maritime EW threat, simulate the EW threat discrimination and geolocation capability, and estimate the LYNX-ESM system effectiveness before real LYNX-ESM system development.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.9
• /
• pp.4706-4726
• /
• 2019

The paper is devoted to the detailed description of the distributed system for gathering data from Windows-based workstations and servers. The research presented in the beginning demonstrates that neither a solution for gathering data on attacks against Windows based PCs is available at present nor other security tools and supplementary programs can be combined in order to achieve the required attack data gathering from Windows computers. The design of the newly proposed system named Colander is presented, too. It is based on a client-server architecture while taking much inspiration from previous attempts for designing systems with similar purpose, as well as from IDS systems like Snort. Colander emphasizes its ease of use and minimum demand for system resources. Although the resource usage is usually low, it still requires further optimization, as is noted in the performance testing. Colander's ability to detect threats has been tested by real malware, and it has undergone a pilot field application. Future prospects and development are also proposed.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.41 no.9
• /
• pp.1103-1107
• /
• 2016

Network assets have been protected from malware infection by checking the integrity of mobile devices through network access control systems, vaccines, or mobile device management. However, most of existing systems apply a uniform security policy to all users, and allow even infected mobile devices to log into the network inside for completion of the integrity checking, which makes it possible that the infected devices behave maliciously inside the network. Therefore, this paper proposes a network defense mechanism based on isolated networks. In the proposed mechanism, every mobile device go through the integrity check system implemented in an isolated network, and can get the network access only if it has been validated successfully.

• Journal of Convergence for Information Technology
• /
• v.11 no.10
• /
• pp.144-150
• /
• 2021

The purpose of this paper is to review the direction of the slicing security policy, which is a major consideration in the context of standardization in 5G communication network security, to derive security vulnerability diagnosis items, and to present about analyzing and presenting the issues of discussion for 5G communication network virtualization. As for the research method, the direction of virtualization security policy of 5G communication network of ENISA (European Union Agency for Cybersecurity), a European core security research institute, and research contents such as virtualization security policy and vulnerability analysis of 5G communication network from related journals were used for analysis. In the research result of this paper, the security structure in virtualization security of 5G communication network is arranged, and security threats and risk management factors are derived. In addition, vulnerability diagnosis items were derived for each security service in the risk management area. The contribution of this study is to summarize the security threat items in 5G communication network virtualization security that is still being discussed, to be able to gain insights of the direction of European 5G communication network cybersecurity, and to derive vulnerabilities diagnosis items to be considered for virtualization security of 5G communication network. In addition, the results of this study can be used as basic data to develop vulnerability diagnosis items for virtualization security of domestic 5G communication networks. In the future, it is necessary to study the detailed diagnosis process for the vulnerability diagnosis items of 5G communication network virtualization security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.513-528
• /
• 2018

In a smart home environment that integrates IoT technology into a residential environment, the smart home hub provides convenience functions to users by connecting various IoT devices to the network. The smart home hub plays a role as a gateway to and from various data in the process of connecting and using IoT devices. This data can be abused as personal information because it is closely related to the living environment of the user. Such abuse of personal information may cause damage such as exposure of the user's identity. Therefore, this thesis analyzed the threat by using LINDDUN, which is a threat modeling technique for personal information protection which was not used in domestic for Smart Home Hub. We present evaluation criteria for smart home hubs using the Common Criteria, which is an international standard, against threats analyzed and corresponding security requirements.

• Convergence Security Journal
• /
• v.7 no.1
• /
• pp.19-27
• /
• 2007

Detecting unknown threats is a paradox ; how do you detect a threat if it is not known to exist? The answer is that unknown threat detection is the process of making a previously unknown threat identifiable in the shortest possible time frame. This paper examines the possibility of creating an unknown threat detection mechanism that security experts can use for developing a flexible protection system for networks. A system that allows the detection of unknown threats through monitoring system and the incorporation of dynamic and flexible logics with situational knowledge is described as well as the mechanisms used to develop such a system is illustrated. The system not only allows the detection of new threats but does so in a fast and efficient manner to increase the available time for responding to these threats.

• Journal of the military operations research society of Korea
• /
• v.28 no.1
• /
• pp.115-135
• /
• 2002

The limits of current DN(Defense networks), private and closed network, become to reality; for Example, high expense of construction and maintenance of networks, restriction of new subscribers on DN. Therefore, a network using web environment that reflect fast development of If and IS(Information Security) technology is demanded for MND. Meeting the requirement of reliable IS system and extension and improvement of DN using common network, we can reduce the expense to extend, maintain, repair DN, form the environment that makes military business cooperate better with civil company and government agency, advance implementing Defense computing and networking service for field small size units that was a exception of Defense digitalization. But it is essential to construct DN based on common network that there are security requisites; confidentiality, integrity, availability, efficiency, log, backup, restoration, that have to be realized at demanding level for IS. This thesis suggested four measurements; replacement DN with common network to resolve the requirements of building new network and improvement of performance for private DN, linkage with common network for new requirement, distribution of traffic using common network, configuration of DN using Internet and Proposed a refinement of IS management organization to treat security threat of common network flexibly, and LAN IS standard model of DN based on the web environment.