• Journal of Digital Convergence
• /
• v.11 no.11
• /
• pp.747-751
• /
• 2013

Researches on U-Healthcare service integrating medical information and IT technologies are actively conducted. U-Healthcare service is the next generation's medical paradigm that ensures conveniences to many users so that the society recognizes the importance and attempts for commercialization through various business model are performed. To form such U-Healthcare service market safely, various policies on the social structure should be established through the standard and the medical law to systemize of the medical information led by the governmen. Especially, the government's security policy to ensure the safety for the government leading visualization of U-Healthcare should be firmly established. Firstly, this paper presents U-healthcare Service and policy guideline. Secondly, it analyzes security threatening factors for the safe U-Healthcare service. By classifying the analyzed security threatening factors based on three major elements of the security, Confidentiality, Integrity and Availability of security policy for each element is proposed.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.637-640
• /
• 2006

본 논문에서는 HTTP 요청, 응답 헤더정보 분석을 통해, 실시간으로 웹 공격을 탐지하는 시각화도구를 제안한다. 공격 탐지기법은 이상, 오용 탐지 기법을 통합한 방식이다. 이상 탐지는 헤더정보의 Refer와 Uri 필드를 이용한 베이지언 분포를 통한 확률 값을 이용하였으며, 오용탐지는 Snort의 공격 시그너쳐의 웹 공격부분을 사용하였다. 공격 탐지 정보의 효율적인 전달을 위해, 시각화를 GUI로 구현하였다. 본 논문에서는 사용자 에이전트의 비정상 행위 감시, 빈도 분석, 공격 에이전트 위치추적을 실시간으로 시각화하여 표현하는 기법을 제안한다.

• Proceedings of the IEEK Conference
• /
• 2002.07b
• /
• pp.928-931
• /
• 2002

Network based intrusion detection system is a computer network security tool. In this paper, we present an intrusion detection system based on Self-Organizing Maps (SOM) and Resilient Propagation Neural Network (RPROP) for visualizing and classifying intrusion and normal patterns. We introduce a cluster matching equation for finding principal associated components in component planes. We apply data from The Third International Knowledge Discovery and Data Mining Tools Competition (KDD cup'99) for training and testing our prototype. From our experimental results with different network data, our scheme archives more than 90 percent detection rate, and less than 5 percent false alarm rate in one SYN flooding and two port scanning attack types.

• Journal of National Security and Military Science
• /
• s.4
• /
• pp.381-418
• /
• 2006

In present, advanced countries in the world are seen concentring on Military Transformation to create new military capability as there is a shift in Warfare Paradigm. Rapid development of technology enables military system, operational concept and organization innovated. As a result, Revolution in Military Affairs(RMA) that dramatically increased warfighting capability is pursued. Especially, advanced information technology constructs system of systems with abilities of battle visualization, information sharing in battlefield, long-range strike capability that are interoperable and combined. Corresponding to this, engagement methods and organizations are being progressively developed. The purpose of this thesis is overview of newly developing Warfare Paradigm and analysis of tendency of Military Transformation that advanced countries are pursuing preparation to this. Above all, specific aspects and contents of the Warfare Paradigm which emerged by information age were summarized. Subsequently, Military Transformation which provides the basic concepts and principles to the advanced countries in the world for the creation of new military capability was discussed. In conclusion, the tendency of Military Transformation by U.S.A, Japan, China, and Russia surround the Korean peninsular as the major power in military was carefully observed.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12
• /
• pp.344-348
• /
• 2021

The article examines one of the most important means of visualization of mass information on the Internet - information graphics in the broadest sense of the term as a visual technology for presenting mass information. The main objectives of the article are to determine the genre-typological features of infographics and basic technological principles; identification of features of creation and use of information graphics in modern network. Certain benefits of online infographic editors include savings in resources and time. They allow the user, who has basic PC skills, to create standardized infographics based on their own data. In addition, the use of online services develops visual thinking, allows you to get an idea of quality criteria and current trends in infographics, as well as to gain initial experience in the visual presentation of data.

• Journal of Information Processing Systems
• /
• v.17 no.4
• /
• pp.772-786
• /
• 2021

The process of tracking suspicious behavior manually on a system and gathering evidence are labor-intensive, variable, and experience-dependent. The system logs are the most important sources for evidences in this process. However, in the Microsoft Windows operating system, the action events are irregular and the log structure is difficult to audit. In this paper, we propose a model that overcomes these problems and efficiently analyzes Microsoft Windows logs. The proposed model extracts lists of both common and key events from the Microsoft Windows logs to determine detailed actions. In addition, we show an approach based on the proposed model applied to track illegal file access. The proposed approach employs three-step tracking templates using Elastic Stack as well as key-event, common-event lists and identify event lists, which enables visualization of the data for analysis. Using the three-step model, analysts can adjust the depth of their analysis.

• International Journal of Computer Science & Network Security
• /
• v.21 no.2
• /
• pp.44-53
• /
• 2021

The paper proposes to consider information technologies and their application in the educational process as a preparation of presentation material for students of higher educational institutions. The definition and place of information technologies in the educational space are considered. The object of research of this work is the pedagogical technology of presentation of educational information, which substantiates the pedagogical technology of visualization of educational information in higher education, as well as determine its composition and structure. The practical side of pedagogical technology of educational information presentation is considered.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.2
• /
• pp.529-546
• /
• 2012

To address the need for autonomous control of remote and distributed mobile systems, Machine-to-Machine (M2M) communications are rapidly gaining attention from both academia and industry. M2M communications have recently been deployed in smart grid, home networking, health care, and vehicular networking environments. This paper focuses on M2M communications in the vehicular networking context and investigates areas where M2M principles can improve vehicular networking. Since connected vehicles are essentially a network of machines that are communicating, preferably autonomously, vehicular networks can benefit a lot from M2M communications support. The M2M paradigm enhances vehicular networking by supporting large-scale deployment of devices, cross-platform networking, autonomous monitoring and control, visualization of the system and measurements, and security. We also present some of the challenges that still need to be addressed to fully enable M2M support in the vehicular networking environment. Of these, component standardization and data security management are considered to be the most significant challenges.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.4
• /
• pp.767-780
• /
• 2015

In recent years, as smart phone penetration rate is growing explosively, new forms of cyber crime data is poured out beyond the limits of management system for cyber crime investigation. These new forms of data are collected and stored in police station but, some of data are not systematically managed. As a result, investigators sometimes miss the hidden data which can be critical for a case. Crime data is usually generated by computer which produces complex and huge data and records many logs automatically, so it is necessary to simplify a collected data and cluster by crime pattern. In this paper, we categorize all kinds of cyber crime and simplify crime database and extract critical clues relative to other cases. Through data mining and network-visualization, we found there is correlation between clues of a case. From this result, we conclude cyber crime data mining helps crime prevention, early blocking and increasing the efficiency of the investigation.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.16 no.10
• /
• pp.7211-7218
• /
• 2015

Tens of thousands of malicious codes are generated on average in a day. New types of malicious codes are surging each year. Diverse methods are used to detect such codes including those based on signature, API flow, strings, etc. But most of them are limited in detecting new malicious codes due to bypass techniques. Therefore, a lot of researches have been performed for more efficient detection of malicious codes. Of them, visualization technique is one of the most actively researched areas these days. Since the method enables more intuitive recognition of malicious codes, it is useful in detecting and examining a large number of malicious codes efficiently. In this paper, we analyze the relationships between malicious codes and Native API functions. Also, by applying the word cloud with text mining technique, major Native APIs of malicious codes are visualized to assess their maliciousness. The proposed malicious code analysis method would be helpful in intuitively probing behaviors of malware.