• The KIPS Transactions:PartC
• /
• v.11C no.4
• /
• pp.485-496
• /
• 2004

The wide spread of Internet makes susceptible to the attacks via communication Web from hackers using the vulnerability of both computer and network systems. In this paper, we design and implement an integrated security system, named as LISS(Linux-based Integrated Security System) in which an integrated security management is possible. This system is based on the open operating system, Linux and consists of open security tools, which is effective in security management of Linux based-servers. We also construct a test-bed in order to testify the performance of the LISS. It is revealed that the implemented system captures all the attack Patterns generated from Network Mapper.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.6
• /
• pp.113-119
• /
• 2009

In recent years, to provide visitors with the various and dynamic services, many ActiveX Controls are developed and distributed in most of the web sites such as e-Government Internet banking Portal in Korea. However, unsecure ActiveX Controls may be critical security threats on Internet User. Although hacking incidents increase sharply for these vulnerable ActiveX Controls, there are not enough national security actions or policies. Thus, in this paper we propose the technical method to design 'Security model for ActiveX Control Managemnet through Security Authentication' to be able safe and useful security management in three aspects of development distribution using.

• Proceedings of the Korean Information Science Society Conference
• /
• 2011.06d
• /
• pp.131-134
• /
• 2011

Several Web Service security standards are widely utilized aiming at securing exchanges of SOAP messages among partners in a collaborative environment. Although such standards are suitable for ensuring end-to-end message level security, certain attacks such as XML rewriting may still occur and lead to significant security vulnerabilities. This paper explores the security vulnerabilities of SOAP messages and proposes an ontology-based approach that can successfully combat the security threats. We develop ontology-based schema to include SOAP structure information in outgoing SOAP message and validate this information in the receiving end. Thus, allow to detect XML rewriting attacks early in the validating process.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.6
• /
• pp.197-202
• /
• 2016

In this paper, we propose optimal smart home security monitoring system. Proposeed optimal smart home security system using the three types of ultrasonic sensors were tested to obtain reliable data. and Using Raspberry Pi3, the smart home security system was implemented. In addition, It was verified through experiments optimal efficiency with a small amount compared to the conventional sensor of the home security system by the two ultrasonic sensors located in the optimal position. It was able to use two ultrasonic sensors to determine whether the intruder's highly efficient and reliable intrusion, and connect the servo motor at the bottom of the camera so you can shoot adjusted to the attacker's location to shoot the intruder's image. In addition, by using a Web server and stored the recorded image and two ultrasonic sensor data and provide a Web page for a user to monitor at all remote locations.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.5
• /
• pp.131-136
• /
• 2016

In this paper, we propose an Raspberry Pi2-based smart home security monitoring system. Proposed home security monitoring system was configured using a relatively tractable main processor raspberry pi2, ultrasonic sensors, and PIR sensors. In addition, The picamera is compatible with raspberry pi2 was connected to the servo motor. And by driving the attacker's location the video was recording. The Web server stores data of the recorded image and the sensor, and provides a web page to enable the monitoring at all remote locations. When examining efficiency of proposed home security monitoring system it was found that proposed system is easier to be made than existing home security system and is able to minimize the blind spot of the camera by using servo motor and is efficient and convenient and stable as it enables a user to handle an error in person and it uses reliable data.

• Journal of Digital Convergence
• /
• v.16 no.12
• /
• pp.343-349
• /
• 2018

Electroencephalograph(EEG) information, which is an important data of brain science, reflects various levels of information from the molecular level to the behavior and cognitive stages, and the explosively amplified information is provided at each stage. Therefore, EEG information is an intrinsic privacy area of an individual, which is important information to be protected. In this paper, we apply spring security to web based system of spring MVC (Model, View, Control) framework to build independent and lightweight server system with powerful security system. Through the proposal of the platform type EEG analysis system which enhances the security function, the web service security of the EEG information is enhanced and the privacy of the EEG information can be protected.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.6
• /
• pp.55-65
• /
• 2011

Recently, use of cloud computing service is dramatically increasing due to wired and wireless communications network diffusion in a field of high performance Internet technique. Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. In a view of digital forensic investigation, it is difficult to obtain data from cloud computing service environments. therefore, this paper suggests analysis method of AWS(Amazon Web Service) and Rackspace which take most part in cloud computing service where IaaS formats presented for data acquisition in order to get an evidence.

• Journal of Internet Computing and Services
• /
• v.11 no.6
• /
• pp.73-86
• /
• 2010

In proportion to the rapid increase in the number of Web users, web attack techniques are also getting more sophisticated. Therefore, we need not only to detect Web attack based on the log analysis but also to extract web attack events from audit information such as Web firewall, Web IDS and system logs for detecting abnormal Web behaviors. In this paper, web attack detection system was designed and implemented based on integrated web audit data for detecting diverse web attack by generating integrated log information generated from W3C form of IIS log and web firewall/IDS log. The proposed system analyzes multiple web sessions and determines its correlation between the sessions and web attack efficiently. Therefore, proposed system has advantages on extracting the latest web attack events efficiently by designing and implementing the multiple web session and log correlation analysis actively.

• Convergence Security Journal
• /
• v.6 no.3
• /
• pp.127-133
• /
• 2006

Some Research is actively being done on a web-based collaborative learning system. This is changes in educational paradigm in the knowledge information age. A web-based collaborative learning system for question making is to improve the effect of studying through positive interactions between colleagues and to motivate studying through group competitions. This system is designed to active and self-leading studying when a learner do collaborative learning for question making in group. This system can help initiate and active studying to learner through a course of collaborative learning for question making. It can be used to achieve collaborative learning in various ways.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.3
• /
• pp.713-724
• /
• 2016

In providing services by using informations of each client, business managers have duties to maintain the personal information under the procedure of collecting, storing, using/providing, and destroying them. Besides, they also have duties to inform their clients, the subject of the personal information, of how to manage and use their client's informations. In this study, the privacy policies, stipulated at domestic and foreign portals will be compared with one another, and the differences between domestic and foreign portals will be shown. The implication in each field and categories of domestic web sites will be found.