Network Information Security Research based on the Grey Matter Element Analysis Method

Qingji Tian 보안공학연구지원센터 2016 International Journal of Security and Its Applicat Vol.10 No.10

With the progress of science and technology and the development of society, computer network information security becomes a social problem. In this paper, according to the characteristics of computer network information, the influencing system of computer network information security is constructed. Using matter element analysis method and grey theory to establish the grey matter-element model of the computer network information security, computer network information security can be divided into four grey clustering levels, according to the results of the expert scoring to determine the grey clustering level of computer network information security, which provides a professional, scientific and reasonable method for studying computer network information security.

Network Security Prediction Method Based on Kalman Filtering Fusion Decision Entropy Theory

Yunfa Li,Mingyi Li,Yangyang Shen 보안공학연구지원센터 2016 International Journal of Security and Its Applicat Vol.10 No.12

Network security situation prediction is of great significance for the use of the Internet, and it is the focus of production and life issues. Under the guidance of the model combination forecasting method, In this paper, based on the Kalman filtering model a new method of network security prediction is presented, which is based on the theory of decision entropy. In this method, the Kalman state equation and measurement equation are constructed according to the key attributes of the network security state, and then combined with the decision entropy theory to predict the future state of network security. The experimental results show that the proposed method has high prediction accuracy and is suitable for the state prediction of network security.

Application of BP Neural Network Model based on Particle Swarm Optimization in Enterprise Network Information Security

Shumei liu 보안공학연구지원센터 2016 International Journal of Security and Its Applicat Vol.10 No.3

The development of network technology has brought convenience to people's life, but also provides the convenience for the virus, Trojan and other destructive programs to attack the network. Then, the computer network security is becoming more and more dangerous. Accurately and scientifically predict the risk of network, it can effectively prevent the risk, and reduce the loss caused by the problem of computer network security. Computer network security is an early warning problem of multi index system. So, the traditional linear forecasting method cannot accurately describe the impact of each index on the evaluation results, and the accuracy of the prediction results is low. In order to improve the prediction accuracy of computer network security, this paper presents a new forecasting method for computer network security. Firstly, the evaluation index of computer network security is selected by expert system, and the weight of evaluation index is determined by the expert scoring method. Secondly, we put the index weight into the BP neural network, and use the BP neural network to learn it. Then, the parameters of BP neural network are optimized by the improved particle swarm optimization algorithm. After that, this paper uses a method based on the Fibonacci method principle to find the number of hidden layer node which has the best fitting ability. Finally, we use this algorithm to predict the network security of a certain enterprise in the next six months. The score is 0.67, 0.84, 0.72, 0.87, 0.86 and 0.91, which is close to the actual value of network security.

Virtual Network Embedding through Security Risk Awareness and Optimization

( Shuiqing Gong ),( Jing Chen ),( Conghui Huang ),( Qingchao Zhu ),( Siyi Zhao ) 한국인터넷정보학회 2016 KSII Transactions on Internet and Information Syst Vol.10 No.7

Network virtualization promises to play a dominant role in shaping the future Internet by overcoming the Internet ossification problem. However, due to the injecting of additional virtualization layers into the network architecture, several new security risks are introduced by the network virtualization. Although traditional protection mechanisms can help in virtualized environment, they are not guaranteed to be successful and may incur high security overheads. By performing the virtual network (VN) embedding in a security-aware way, the risks exposed to both the virtual and substrate networks can be minimized, and the additional techniques adopted to enhance the security of the networks can be reduced. Unfortunately, existing embedding algorithms largely ignore the widespread security risks, making their applicability in a realistic environment rather doubtful. In this paper, we attempt to address the security risks by integrating the security factors into the VN embedding. We first abstract the security requirements and the protection mechanisms as numerical concept of security demands and security levels, and the corresponding security constraints are introduced into the VN embedding. Based on the abstraction, we develop three security-risky modes to model various levels of risky conditions in the virtualized environment, aiming at enabling a more flexible VN embedding. Then, we present a mixed integer linear programming formulation for the VN embedding problem in different security-risky modes. Moreover, we design three heuristic embedding algorithms to solve this problem, which are all based on the same proposed node-ranking approach to quantify the embedding potential of each substrate node and adopt the k-shortest path algorithm to map virtual links. Simulation results demonstrate the effectiveness and efficiency of our algorithms.

Implementation of Multi-level Network Security Management System based Middleware Strategy

Yunliang Zou 보안공학연구지원센터 2016 International Journal of Security and Its Applicat Vol.10 No.10

This article discusses the related art network security management, the proposed design of multi-level network security management system based on middleware ICE technology, the design of single-level system design and related species module of the overall framework for implementation. It is given based on the communication module ICE technology detailed design, it can be done from the LAN to the WAN, the communication between the various modules. The realization of various kinds at all levels of network security devices and associated host centralized monitor. Centralized configuration, through a variety of security-related information in a timely manner log collection management network species, real-time view of the network security status, dynamically adjusting network security policy comprehensive network security audit information, can effectively improve the overall security of network security management.

중국 네트워크 안전법에 관한 연구

신재하,임요준 한중법학회 2019 中國法硏究 Vol.37 No.-

In 2013, there was an incident in which the U.S. National Security Agency (NSA) eavesdropped on the world through its privacy program ‘Prism’, citing the need for “security.” In the process, it became known that information accumulated by private companies such as Microsoft, Yahoo, Google, Apple, Facebook and YouTube was provided. Countries have become aware of the dangers of free movement of data, and they also feel the need to regulate cyberspace and China was one of them. The number of Internet Users in China was increasing and as the use of the Internet expanded, problems such as personal information protection began to emerge. To solve these problems, it was necessary to legislate to regulate them. The Network Security Law was passed at the 24th session of the Standing Committee of the Twelfth National People's Congress of the People's Republic of China (2016. 11. 7.) and has been in force since June 1, 2017 after three rounds of deliberation after its draft of 2015. The Network Security Law consists of 7 chapters contains 79 clauses. The purpose of the enactment is to ensure network safety, to safeguard network space sovereignty and national security, to safeguard social and public interests, to protect lawful rights of citizens, corporations and other organizations, and to promote sound development of economic and social informatization (Article 1). The scope of application is targeted at the establishment, operation, maintenance and use of networks in China and supervision and management of network security (Article 2). The main contents are network support and promotion, network operation safety, network information security, monitoring information and emergency response, and legal responsibility. This paper will examine the legislative intent, process and main contents of China's Network Security Law, and try to review the legal task of Chinese government on their Management of Network Security. 2013년 미국 국가안보국(NSA)이 “안보”의 필요성을 이유로 개인정보 감시 프로그램인 프리즘을 통해 세계를 도청한 사실이 국가안보국 직원인 스노든에 의해 폭로된 사건이 있었다. 이 과정에서 마이크로소프트, 야후, 구글, 애플, 페이스 북과 유튜브 등의 민영회사들이 축적해 온 정보들이 제공되었다는 사실이 알려지게 되었다. 각국은 데이터의 자유로운 이동이 지니고 있는 위험성을 알게 되었고, 사이버 공간에 대해서도 법적 규제의 필요성을 느끼게 되었다. 중국은 우리나라보다 인터넷 인프라 구축이 늦게 시작되었지만 계속적인 정비와 노력에 힘입어 인터넷 사용자 수가 나날이 증가하고 있다. 2015년 중국 정부가 “인터넷 플러스(互聯網 +)” 정책을 발표하고 인터넷 관련 사업을 장려하면서 그 산업 규모가 나날이 확대되고 있다. 또한 인터넷 사용이 확대되면서 개인정보보호 등의 문제점이 부각되기 시작하였다. 이러한 문제들을 해결하기 위해 이를 규율할 법의 제정이 필요하게 되었다. 중화인민공화국 네트워크 안전법은 2015년 6월 초안이 마련되어 3차에 걸친 심의과정을 거쳐 제12차 전국인민대표대회 상무위원회 제24차 회의에서 통과(2016.11.7)되었고, 2017년 6월 1일부터 시행되고 있다. 네트워크 안전법은 7개 장 79개 조문으로 구성되어 있다. 제정 목적은 네트워크 안전의 보장, 네트워크 공간 주권과 국가 안보, 사회공공 이익의 수호, 공민·법인과 기타 조직의 합법적 권익의 보호, 경제 사회 정보화의 건전한 발전을 촉진하는데 그 목적을 두고 있다(제1조). 적용범위는 중국 내 네트워크 구축, 운영, 유지와 사용 및 네트워크 안전의 감독 관리를 그 대상으로 하고 있다(제2조). 주요 내용은 네트워크 지지 및 촉진, 네트워크 운영 안전, 네트워크 정보보안, 모니터링 정보와 비상 대응, 법률책임 등으로 되어 있다. 본고에서는 중국 네트워크 안전법의 입법취지와 제정과정, 주요내용을 살펴본 후 중국 네트워크 통제의 법적 과제를 고찰해 보기로 한다.

Security Threats and Potential Security Requirements in 5G Non-Public Networks for Industrial Applications

박태근,박종근,김기원 한국컴퓨터정보학회 2020 韓國컴퓨터情報學會論文誌 Vol.25 No.11

In this paper, we address security issues in 5G non-public networks for industrial applications. In contrast to public networks that offer mobile network services to the general public, 5G non-public networks provide 5G network services to a clearly defined user organization or groups of organizations, and they are deployed on the organization’s defined premises, such as a campus or a factory. The main goal of this paper is to derive security threats and potential security requirements in the case that 5G non-public networks are built for discrete and process industries according to the four deployment models of 5G-ACIA (5G Alliance for Connected Industries and Automation). In order to clarify the scope of this paper, we express the security toolbox to be applied to 5G non-public networks in the form of the defense in depth concept. Security issues related to general 5G mobile communication services are not within the scope of this paper. We then derive the security issues to consider when applying the 5G-ACIA deployment models to the industrial domain. The security issues are divided into three categories, and they are described in the order of overview, security threats, and potential security requirements. 본 논문에서는 산업 애플리케이션을 위한 5G Non-Public Network에서의 보안 이슈를 다룬다. 일반 대중에게 모바일 네트워크 서비스를 제공하는 공공 네트워크와는 달리, 5G Non-Public Network는명확하게 정의된 사용자 조직이나 조직들의 그룹에게 5G 네트워크 서비스를 제공하며, 캠퍼스나 공장과 같이 사용자 조직이 지정한 영역 내에 구축된다. 본 논문의 주목적은 5G-ACIA (5G Alliance for Connected Industries and Automation)에서 제안한 네 가지 구축 모델에 따라 5G Non-Public Network가 이산 산업 및 공정 산업을 위하여 구축될 경우 고려되어야 할 보안 위협 및 잠재적 보안요구사항을 도출하는 것이다. 본 논문의 범위를 명확하게 하기 위해 먼저 5G Non-Public Network에적용할 보안 툴박스를 심층 방어 개념으로 표현한다. 일반적인 5G 이동통신 서비스와 관련된 보안이슈는 본 논문의 범위에 포함되지 않는다. 그 다음, 산업 도메인에 5G-ACIA의 구축 모델을 적용할때 고려해야 할 보안 이슈를 도출한다. 도출된 보안 이슈들은 세 가지 범주로 나뉘며 각각의 보안이슈들은 개요, 보안 위협 및 잠재적 보안 요구사항의 순서로 서술된다.

제어 네트워크 경계에 대한 OT-IT 책임 역할 연구

우영한(Young Han WOO),권헌영(Hun Yeong Kwon) 한국IT서비스학회 2020 한국IT서비스학회지 Vol.19 No.5

In recent years, due to the demand for operating efficiency and cost reduction of industrial facilities, remote access via the Internet is expanding. the control network accelerates from network separation to network connection due to the development of IIoT (Industrial Internet of Things) technology. Transition of control network is a new opportunity, but concerns about cybersecurity are also growing. Therefore, manufacturers must reflect security compliance and standards in consideration of the Internet connection environment, and enterprises must newly recognize the connection area of the control network as a security management target. In this study, the core target of the control system security threat is defined as the network boundary, and issues regarding the security architecture configuration for the boundary and the role & responsibility of the working organization are covered. Enterprises do not integrate the design organization with the operation organization after go-live, and are not consistently reflecting security considerations from design to operation. At this point, the expansion of the control network is a big transition that calls for the establishment of a responsible organization and reinforcement of the role of the network boundary area where there is a concern about lack of management. Thus, through the organization of the facility network and the analysis of the roles between each organization, an static perspective and difference in perception were derived. In addition, standards and guidelines required for reinforcing network boundary security were studied to address essential operational standards that required the Internet connection of the control network. This study will help establish a network boundary management system that should be considered at the enterprise level in the future.

이동 Ad-hoc 네트워크(MANET)의 계층적 보안에 관한 연구

박태규 ( Tae Gyu Park ),김재수 ( Jae Soo Kim ) 한국정보디자인학회 2013 정보디자인학연구 Vol.21 No.-

이동 애드혹 네트워크(MANET: Mobile Ad-hoc Network)는 별도의 인프라 없이 다수의 노드들이 무선통신을 이용하여 데이터를 전달하는 차세대 무선 네트워킹 기술이다. 특히 애드혹 네트워크 (Ad-hoc network)는 기존의 네트워크와 같이 이동단말들이 유선환경에 기반을 둔 기지국이나 AP(Access Point)를 중심으로 구성되는 인프라가 있는 네트워크에 반해 기지국이나 AP도움 없이 순수하게 이동 단말로 구성된 인프라가 없기 때문에 애드혹이다. 대신에 각 노드는 다른 노드를 위한 데이터를 보냄으로써 라우팅에 참여하고, 따라서 노드들이 데이터를 보내는 결정은 네트워크 연결에 기반하여 동적으로 이루어진다. 이동 애드혹 네트워크(MANET)는 애드혹 네트워크 위에 전송 가능한 네트워킹 환경을 갖는 무선 애드혹 네트워크의 일종이다. 다시 말해 MANET은 무선 링크로 연결된 이동 디바이스의 자가 구성(Self-organized)하는 네트워크이다. 그리고 MANET에서 모든 노드들은 이동성(mobility)을 가지고 있기 때문에 시간에 따라 네트워크 위상이 동적으로 변하고 이동단말의 호스트 기능과 라우터 기능을 동시에 구현하고, 불안정한 망 특성을 반영하는 라우팅 프로토콜을 개발하고, 무선신호가 불특정 다수에게 전송되는 상황에서 보안문제를 해결하는 것이 필수이다. 따라서 본 연구에서는 다양한 보안 위협과 보안 문제 해결을 위해 다섯 계층으로 이루어진 계층적 보안 구조를 제시하였다. An Ad-hoc network is a new generation of network offering unrestricted mobility without any underlying infrastructure. In this kind of network, all the nodes share the responsibility of network formation and management. A Mobile Ad-hoc Network is a group of wireless mobile computers in which nodes cooperate by forwarding packets to each other allowing them to communicate beyond direct wireless transmission range. Mobile Ad-hoc Networks (MANET) has become an exciting and important technology in recent years because of the rapid proliferation of wireless devices. Fundamental characteristics of a mobile ad-hoc network, such as open medium, dynamic topology, dynamic cooperation and constrained capabilities lead to vulnerabilities. Unlike wired network, an ad-hoc network does not have a clear line of defense, and every node must be prepared for encounters with an adversary. Therefore, security is an important issue for all kinds of networks including the Wireless Ad-hoc Networks. In this paper, we are presenting some of the reasons that have made MANETs more vulnerable to attacks than the traditional wired network. This paper also covers the security attributes and the various challenges to security design. This paper shreds light on some of the security attacks that exists in MANETs. This paper also proposes a five-layer security architecture for MANETs, that provides self-organized distributed security, and authenticated, security aware routing.

중국 ‘네트워크안전법’상 보안등급제도에 대한 비판적 검토

손승우,이열음,유나은 인하대학교 법학연구소 2019 法學硏究 Vol.22 No.3

China enacted the 2017 Network Safety Act to protect the country's cyber security and privacy. However, major foreign countries have been criticized that the law could create new data trade barriers and that key information from foreign companies operating in China could be leaked by arbitrary execution. This law is considered to have spread to the area of 'cyber security regulation' where ‘new protectionism’, which was triggered by the US-China trade war, started. This paper analyzes the problems of the “Network Safety Law”, which can have a significant impact on Korean companies entering China. This paper analyzes the problems centering on the “security rating system” under the “Network Safety Act”, which can have a significant impact on Korean companies entering China. The Act is ambiguous in that it does not specify the specific criteria for important information and network safety-risk information. In addition, the criteria for classification of network-grade that affect the level of security obligations of network operators are ambiguous. Also, there is a possibility of technology leakage in the certification process for network equipment. If China misuses these problems to steal corporate information or put pressure on them, Korean companies will be greatly affected. In this way, if China pursues corporate censorship unilaterally with cyber security as an excuse, it can put a heavy burden on domestic IT companies as well as all small and medium enterprises. This article considers these problems as a problem of trade, especially as a technical barrier to international trade. It is necessary to seek ways to jointly respond to international interests such as the WTO jointly with major countries such as the United States and Japan, which share interests with us. In fact, the United States is calling for amendments to the Network Security Rating Scheme under the law in ongoing negotiations with China. In fact, the United States is calling for amendments to the Network Security Rating Scheme under the law in ongoing negotiations with China. This paper proposes to eliminate the ambiguity of the security rating system and the possibility of arbitrary execution, thereby resolving the fear of leaking the core information of our company. In addition, this article proposes a way to reduce the burden of additional certification by applying the Mutual Recognition Agreement (MRA) to network equipment certification. 중국은 자국의 사이버 안전보장과 개인정보보호를 위해 2017년 「네트워크안전법(网络安全法)」을 제정하였다. 그러나 해외 주요국들은 동 법에 의해 새로운 데이터 무역장벽이 생길 수 있으며, 자의적 집행으로 인해 중국에서 영업하고 있는 외국기업의 주요 핵심정보가 유출될 수 있다는 점에서 동 법을 비판한다. 게다가 동 법은 최근 미·중 무역전쟁으로 촉발된 ‘新보호주의’가 ‘사이버보안 규제’ 영역으로 확산한 것으로 평가되고 있다. 이에 본 논문은 중국에 진출한 우리 기업에 중요한 영향을 줄 수 있는 「네트워크안전법」상의 “보안등급제도”를 중심으로 문제점을 분석하였다. 우선, 동 법은 적용대상인 중요정보와 네트워크 안전에 위해(危害)가 되는 정보의 세부 기준을 명시하고 있지 않으며, 네트워크 운영자의 보안의무 수준에 영향을 주는 “네트워크 등급 제도”의 분류 기준을 모호하게 제시하고 있다. 또한 네트워크 장비에 대한 “인증”과정에서 기술정보 등 기업의 핵심정보가 유출될 가능성을 포함한다. 중국이 사이버보안이라는 핑계로 기업 검열을 일방적으로 추진할 경우 중국에 진출해 있는 국내 IT 기업은 물론 모든 중소기업에게 큰 부담이 될 수 있다. 이러한 점에서 우리는 해당 내용들을 하나의 통상 문제로 인식해야 한다. 더 나아가, 국제무역에서 기술장벽 문제를 발생시키므로 우리와 이해관계를 같이 하는 미국, 일본 등 주요 국가들과 같이 WTO와 같은 국제기구를 통해 공동 대응하는 방안을 모색할 필요가 있다. 실제 미국은 중국과 현재 진행 중인 협상에서 동 법상 ‘네트워크 보안등급 제도’의 수정을 요구하고 있는 상황이다. 이를 바탕으로 동 제도와 관련된 모호성과 자의적 집행 가능성 등 문제를 제거함으로써 우리 기업의 핵심정보 유출 우려의 해소를 기대한다. 마지막으로는 국가간 상호인정협정(MRA)을 네트워크 장비 인증의 상호인정에 적용하여 추가 인증에 따른 부담을 줄일 방안을 함께 제시하였다.