• Convergence Security Journal
• /
• v.10 no.3
• /
• pp.51-60
• /
• 2010

The expansion of internet technology has made convenience. On the one hand various malicious code is produced. The number of malicious codes occurrence has dramadically increasing, and new or variant malicious code circulation very serious, So it is time to require analysis about malicious code. About malicious code require set criteria for judgment, malicious code taxonomy using Algorithm of weakness difficult to new or variant malicious code taxonomy but already discovered malicious code taxonomy is effective. Therefore this paper of object is various malicious code analysis besides new or variant malicious code type or form deduction using visualization of strong. Thus this paper proposes a malicious code analysis and grouping method using visualization.

• Journal of the Ergonomics Society of Korea
• /
• v.30 no.2
• /
• pp.319-330
• /
• 2011

In computer forensics investigation, the investigators collect, protect, analyze and interpret massive amount of data which were used in cyber crime. However, due to its huge amount of information, it takes a great deal of time and errors often result even when they use forensics investigation tool in the process. The information visualization techniques will greatly help to improve the information processing ability of human when they deal with the overwhelming amount of data and have to find out significant information in it. The importance of Intrusion Detection System(IDS) among network forensics is being emphasized in computer forensics. In this study, we apply the information visualization techniques which are proposed to be a great help to IDS and carry out the usability test to find out the most effective information visualization techniques for IDS.

• Journal of Digital Convergence
• /
• v.12 no.8
• /
• pp.351-359
• /
• 2014

The log data generated by security equipment have been synthetically analyzed on the ESM(Enterprise Security Management) base so far, but due to its limitations of the capacity and processing performance, it is not suited for big data processing. Therefore the another way of technology on the big data platform is necessary. Big Data platform can achieve a large amount of data collection, storage, processing, retrieval, analysis, and visualization by using Hadoop Ecosystem. Currently ESM technology has developed in the way of SIEM (Security Information & Event Management) technology, and to implement security technology in SIEM way, Big Data platform technology is essential that can handle large log data which occurs in the current security devices. In this paper, we have a big data platform Hadoop Ecosystem technology for analyzing the security log for sure how to implement the system model is studied.

• International Journal of Computer Science & Network Security
• /
• v.23 no.8
• /
• pp.204-209
• /
• 2023

Dynamic Bandwidth Allocation (DBA) methods in telecommunication network & systems have emerged with mechanisms for sharing limited resources in a rapidly growing number of users in today's access networks. Since the DBA research trends are incredibly fast-changing literature where almost every day new areas and terms continue to emerge. Co - citation analysis offers a significant support to researchers to distinguish intellectual bases and potentially leading edges of a specific field. We present the visualization based analysis for DBA algorithms in telecommunication field using mainstream co-citation analysis tool-CiteSpace and web of science (WoS) analysis. Research records for the period of decade (2009-2018) for this analysis are sought from WoS. The visualization results identify the most influential DBA algorithms research studies, journals, major countries, institutions, and researchers, and indicate the intellectual bases and focus entirely on DBA algorithms in the literature, offering guidance to interested researchers on more study of DBA algorithms.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.4
• /
• pp.797-808
• /
• 2012

In smart work environment, a company provides employees a flexible work environment for tele-working using mobile phone or portable devices. On the other hand, such environment are exposed to the risks which the attacker can intrude into computer systems or leak personal information of smart-workers' and gain a company's sensitive information. To reduce these risks, the security administrator needs to analyze the usage patterns of employees and detect abnormal behaviors by monitoring VPN(Virtual Private Network) access log. This paper proposes a decision support system that can notify the status by using visualization and similarity measure through clustering analysis. On average, 88.7% of abnormal event can be detected by this proposed method. With this proposed system, the security administrator can detect abnormal behaviors of the employees and prevent account theft.

• Journal of the Korea Society of Computer and Information
• /
• v.22 no.3
• /
• pp.53-60
• /
• 2017

The purpose of this study is to provide empirical and quantitative analysis on user's perceived privacy, security, and user satisfaction when providing visualization information about objects and service provider behaviors that users can not perceive in internet service process. Through previous research, we have examined the importance of privacy and security factors as a key factor to be considered for the characteristics of the Internet of things and the Internet of things. In addition, service blueprint, which is one of the service design methodologies to examine the flow of service usage in providing Internet service of things, was examined. In the flow of things internet service utilization, it is found that the things that are out of the user's cognitive area and the behavior of the service provider take up a large part. Therefore, the hypothesis that the trust of the Internet service security and the satisfaction of the user experience can be improved by providing the security visualization information about the behavior of the object and the invisible service provider in the non-contact aspect of the user and the object. In order to verify the hypothesis, we conducted experiments and questionnaires on the use of virtual objects' internet environment and conducted statistical analysis based on them. As a result, it was analyzed that visual information feedback on non - contact and invisible objects and service provider's behaviors had a positive effect on user's perceived privacy, security, and satisfaction. In addition, we conclude that it can be used as a service design evaluation tool to eliminate psychological anxiety about security and to improve satisfaction in internet service design. We hope that this research will be a great help for the research on application method of service design method in Internet environment of objects.

• The KIPS Transactions:PartA
• /
• v.13A no.5 s.102
• /
• pp.399-404
• /
• 2006

In Jana 2, to enforce a suity policy of a program, programmer writes permission sets required by the code at the policy file, sets Security Manager on system and executes the program. Then Security Manager checks by stack inspection whether an access request to resource should be granted or denied whenever code tries to access critical resource. In this paper, we develop a visualization tool which helps programmers enforce security policy effectively into programs. This system is based on the static permission check analysis which analyzes permission checks which must succeed or fail at each method. Based on this analysis information, programmer can examine visually how permission checks and their stack inspection are performed. By modifying program or policy file if necessary and examining analysis information repeatedly, programmer can enforce security policy correctly.

• Convergence Security Journal
• /
• v.21 no.2
• /
• pp.47-56
• /
• 2021

Network topology visualization has been studied a lot since the past and developed with many tools. The network topology has strength in understanding the overall structure of a network physically and is useful for understanding data flow between nodes logically. Although there are existing tools, not many can be utilized efficiently while using the general network node data structure and express the topology similar to the actual network structure. In this paper, we propose an efficient method to visualize topology using only connection information of network nodes. The method finds the central node by using the centrality, the influence of nodes in the network, and visualizes the topology by dynamically segmenting all nodes and placing network nodes in 3D space using the weight of the child node. It is a straightforward method, yet it effectively visualizes in the form of an actual network structure.

• Convergence Security Journal
• /
• v.22 no.4
• /
• pp.169-178
• /
• 2022

In general, organizations operating multi-domain networks find it difficult to represent and manage multiple domain net works on a single screen space. Instead, most of them are managed with multiple screens visualizing network topology by domain or partitioning one screen area into multiple domains. We propose an efficient method to visualize the topology using only minimal connection information between domain-agnostic nodes in this work. This method visualizes the topology by utilizing centrality indices representing the influence of nodes in the network. Furthermore, the method dynamically segments the entire node's display area using virtual Root nodes to auto-separate domains and weights of child nodes and placing nodes in 3D space. Thus, although it is a straightforward method, the multi-domain network topology can be visualized with only minimal connection information between nodes.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1087-1101
• /
• 2020

Various security devices are used to protect internal networks and valuable information from rapidly evolving cyber attacks. Firewall, which is the most commonly used security device, tries to prevent malicious attacks based on a text-based filtering rule (i.e., access control policy), by allowing or blocking access to communicate between inside and outside environments. However, in order to protect a valuable internal network from large networks, it has no choice but to increase the number of access control policy. Moreover, the text-based policy requires time-consuming and labor cost to analyze various types of vulnerabilities in firewall. To solve these problems, this paper proposes a 3D-based hierarchical visualization method, for intuitive analysis and management of access control policy. In particular, by providing a drill-down user interface through hierarchical architecture, Can support the access policy analysis for not only comprehensive understanding of large-scale networks, but also sophisticated investigation of anomalies. Finally, we implement the proposed system architecture's to verify the practicality and validity of the hierarchical visualization methodology, and then attempt to identify the applicability of firewall data analysis in the real-world network environment.