• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2004.05b
• /
• pp.772-775
• /
• 2004

After Morris' Internet Worm in 1988, the stack buffer overflow hacking became generally known to hackers and it has been used to attack systems and servers very frequently. Recently, many researches tried to prevent it, and several solutions were developed such as Libsafe and StackGuard; however, these solutions have a few problems. In this paper we present a new stack buffer overflow attack prevention technique that uses the system call monitoring mechanism and memory address where the system call is made.

• Proceedings of the Korean Information Science Society Conference
• /
• 2004.10a
• /
• pp.421-423
• /
• 2004

Live-CD는 리눅스 설치 과정의 번거로움을 없애기 위한 노력의 일환으로써 시작되었다. CD 한 장에 리눅스 커널과 어플리케이션을 모두 넣고 어디서나 간단하게 부팅 가능하도록 한 CD를 말한다. 하지만 Live-CD가 악용될 경우 CD안에 공격을 위한 exploit 코드와 어플리케이션을 넣고 공공기관이나 PC방 등에서 CD 한 장으로 해킹이 가능할 수 있다는 문제점이 발생할 수 있다 Live-CD는 Ramdisk상에서만 동작하며 전원을 끄는 것과 동시에 모든 데이터가 소멸되므로 공격자 추적 또한 불가능하다. 따라서 본 논문에서는 하드디스크를 제외한 모든 저장 장치로 부팅을 할 시에는 관리자 인증 과정을 통해서만 부팅 할 수 있는 Bios 메커니즘을 제안하여 Live-CD를 이용한 해킹을 근본적으로 방지할 수 있도록 한다.

• Electronics and Telecommunications Trends
• /
• v.36 no.5
• /
• pp.21-31
• /
• 2021

Ransomware attacks, such as Conti, Ryuk, Petya, and Sodinokibi, that target medical institutions are increasing rapidly. In 2020, in the United States., ransomware attacks affected over 600 separate clinics, hospitals, and organizations, and more than 18 million patient records. The cost of these attacks is estimated to be almost $21 billion USD. The first death associated with a ransomware attack was reported in 2020 by the University Hospital of Düesseldorf in Germany. In the case of medical institutions, as introduced in the Medjack report issued by TrapX Labs, in many cases, attackers target medical devices that are relatively insecure and then penetrate deep into more critical network infrastructure, such as EMR servers. This paper introduces security vulnerabilities of hospital medical devices, considerations for ransomware response by medical institutions, and related technology trends.

• International journal of advanced smart convergence
• /
• v.9 no.4
• /
• pp.106-114
• /
• 2020

As information and communication technology develops, it brings various benefits to our lives. However, information and communication technology has had various side effects in our lives. Representative side effects include internet addiction, smartphone addiction, copyright violation, personal information infringement, cyber bullying and hacking. Recently, smart phone addiction rate is increasing with the spread of smart devices in Korea. In this study, we analyze the correlation between age group and smartphone addiction. In order to obtain fair and objective results, statistical analysis was performed based on the national statistical data of the National Information Society Agency. The results showed that the infant group and the adult group were correlated with the smartphone addiction rate. In this study, we analyzed the causes of smartphone addiction for different age groups. We also discuss dangers of smartphone addiction for different age groups. In additions, we proposed various ways to prevent and cure smartphone addiction for infants, adults, and senior citizen group. The results of this study are expected to be widely used as a remedy for smartphone addiction and future smartphone addiction research works.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.3
• /
• pp.63-69
• /
• 2001

Smartcard is highlighted as infrastructure that has an excellent security for executing functions such as user authentication, access control, information storage and control, and its market is expanding rapidly. But possibilities of forgery and alteration by hacking are increasing as well. This paper proposes a method to prevent card forgery and alteration using angular multiplexing and private key multiplexing method on optical encryption, and proposed a Public Key Infrastructure(PKI)-based authentication system combined with One-Time Password (OTP) for verification of forgery and alteration .

• International Journal of Computer Science & Network Security
• /
• v.21 no.5
• /
• pp.168-174
• /
• 2021

The Cognitive radio (CR) is evolving technology for managing the spectrum bandwidth in wireless network. The security plays a vital role in wireless network where the secondary users are trying to access the primary user's bandwidth. During the allocation the any malicious user either he pretends to be primary user or secondary user to access the vital information's such as credentials, hacking the key, network jam, user overlapping etc. This research paper discusses on various types of attack and to prevent the attack in cognitive radio network. In this research, secondary users are identified by the primary user to access the primary network by the secondary users. The secondary users are given authorization to access the primary network. If any secondary user fails to provide the authorization, then that user will be treated as the malicious user. In this paper two approaches are suggested one by applying elliptic curve cryptography and the other method by using priority-based service access.

• Journal of the Korea Society of Computer and Information
• /
• v.10 no.6 s.38
• /
• pp.9-16
• /
• 2005

Recently, since the number of internet users is increasing rapidly and, by using the Public hacking tools, general network users can intrude computer systems easily, the hacking problem is setting more serious. In order to prevent the intrusion. it is needed to detect the sign in advance of intrusion in a Positive Prevention by detecting the various forms of hackers intrusion trials to know the vulnerability of systems. The existing network-based anomaly detection algorithms that cope with port-scanning and the network vulnerability scans have some weakness in intrusion detection. they can not detect slow scans and coordinated scans. therefore, the new concept of algorithm is needed to detect effectively the various. In this Paper, we propose a detection algorithm for session patterns and FCM.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.327-331
• /
• 2004

The new cyber world has created by Internet that is prosperous rapidly. But with the expansion of Internet the hacking and intrusion are also increased very much. Actually there were many incidents in Internet, but the damage was restricted within a local area and local system. However, the Great 1.25 Internet Disturbance has paralyzed the national wide Internet environment. It because the Slammer Worm. The worm is a malformed program that uses both of the hacking and computer virus techniques. It autonomously attacks the vulnerability of Windows system, duplicates and spreads by itself. Jus like the Slammer Worm, almost every worms attack the vulnerability of Windows systems that installed in personal PC. Therefore, the vulnerability in personal PC could destroy the whole Internet world. So, in this paper we propose a Internet Worm Expanding Prevention System that could be installed in personal PC to prevent from expanding the Internet Worm. And we will introduce the results of developed system.

• The KIPS Transactions:PartC
• /
• v.11C no.6 s.95
• /
• pp.719-724
• /
• 2004

Recently, since the number of internet users is increasing rapidly and, by using the public hacking tools, general network users can intrude computer systems easily, the hacking problem is getting more serious. In order to prevent the intrusion, it is needed to detect the sign in advance of intrusion in a positive prevention by detecting the various foms of hackers' intrusion trials to know the vulnerability of systems. The existing network-based anomaly detection algorithms that cope with port- scanning and the network vulnerability scans have some weakness in intrusion detection. they can not detect slow scans and coordinated scans. therefore, the new concept of algorithm is needed to detect effectively the various forms of abnormal accesses for intrusion regardless of the intrusion methods. In this paper, SPAD(Session Pattern Anomaly Detector) is presented, which detects the abnormal service patterns by comparing them with the ordinary normal service patterns.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.5
• /
• pp.1153-1165
• /
• 2019

Recently, threats of hacking have been increasing on the national intelligence service network and key infrastructure, including the defense field. The defense information system responds to threats from the outside through the network separation, but if the defense information system is hacked, it has a serious impact on the operations of wartime or peacetime military forces. Today, cyberattacks and threats are rising to unpredictable levels and making it practically impossible to completely block and prevent hacking threats completly. So, in this study proposed a maturity model to assess the level of cyber-resilience, which is the ability to ensure the system's viability and maintain continuity through rapid response and recovery if signs of cyberattacks by the defense information system are expected or occurred. The proposed maturity model is expected to contribute to improving the cyber security level of the defense information system by assessing the level of cyber resilience of the defense information system and identifying and supplementing fields that are lacking.