Si-Jung Kim

Secure Model against APT in m-Connected SCADA Network

Supervisory control and data acquisition (SCADA) networks for the remote control and operation of various industrial infrastructures are currently being used as main metropolitan infrastructures, especially smart grid and power plants. Most of the existing SCADA networks have fortified securities because of their powerful access control based on closed and private networks. However, recent SCADA networks are frequently connected to various IT-based systems and also to other conventional networks, in order to achieve the operational convenience of SCADA systems, as well as the execution requirements of various applications. Therefore, SCADA systems have acute needs for secure countermeasures against the ordinary network vulnerabilities and for tangible preparations against ever-changing intrusion attacks such as advanced persistent threat (APT). This paper introduces the concept of m-connected SCADA networks, analyzes various security vulnerabilities on such networks, and finally proposes an integrated secure model having an APT managing module and a rule-based intrusion detection system (IDS) for internal and external network access.

Key exchange process of PIM-SM-based for Multiple Group Communication in P2P

Recently, as the P2P service environment repeats evolution, its usage in mobile is rapidly increasing. Applications are being developed in various mobile environments. However, there are still a lot of vulnerability in security service. It needs to guarantee important security elements including authentication and confidentiality between users, that is, between sender and receiver. In this study, I analyzed security service for secure multiple communication in P2P, and proposed key exchange process that provides PIM-SM-based authentication and confidentiality to security join multiple communication service in P2P. I could attempt more specific encryption by using public key in all encryption procedures, but I used public key crypto system only in the initial process for group join, because it needs complicated key distribution and a massive amount of key database construction. The proposed key exchange process is applied to execution of P2P service and shows security for authentication and confidentiality. In the future, it is needed to develop secure access platform to which key exchange process, proposed as the subject of study, is applied.

Authentication Method for Privacy Protection in Smart Grid Environment

Recently, the interest in green energy is increasing as a means to resolve problems including the exhaustion of the energy source and, effective management of energy through the convergence of various fields. Therefore, the projects of smart grid which is called intelligent electrical grid for the accomplishment of low carbon green growth are being carried out in a rush. However, as the IT is centered upon the electrical grid, the shortage of IT also appears in smart grid and the complexity of convergence is aggravating the problem. Also, various personal information and payment information within the smart grid are gradually becoming big data and target for external invasion and attack; thus, there is increase in concerns for this matter. The purpose of this study is to analyze the security vulnerabilities and security requirement within smart grid and the authentication and access control method for privacy protection within home network. Therefore, we propose a secure access authentication and remote control method for user’s home device within home network environment, and we present their security analysis. The proposed access authentication method blocks the unauthorized external access and enables secure remote access to home network and its devices with a secure message authentication protocol.

Dynamic Access Control Model for Security Client Services in Smart Grid

In the next-generation intelligent power grid, known as the smart grid, various objects can access systems in several network environments, and, accordingly, access control security becomes critical. Thus, to provide users with secure services in the smart grid, a new access control security model is needed. This paper proposes a dynamic access model for secure user services in the smart grid environment. The proposed model analyzes the users various access contexts and chooses an appropriate context type among the predefined context types. And then it applies the context-based user security policy to allow the users access to services dynamically. Therefore, it provides stronger security services by permitting context information-applied security services and flexible access control in various network environments. It is expected that this study will be used to solve important access control issues when establishing the smart grid.

Network Anomaly Detection for M-Connected SCADA Networks

In the current national critical infrastructures, SCADA systems and networks are playing very important roles. Unfortunately, most of closed-network SCADA systems have been considered as very secure against cyber-attacks. Because they use their own operating systems and communication/ network protocols, and their private networks are physically isolated from the public networks and the Internet. However, in case the closed SCADA system has m-connected status due to its maintenance, updates, and patches, it is no longer perfectly secure against cyber-attacks. This paper analyzes vulnerabilities of m-connected SCADA networks and proposes a novel security model for detecting network anomalies. The proposed model is based on an intrusion detection system using the network-based pattern reference method, which has two kinds of rule sets - one is the base rule set, and the other is dynamically produced rule set. The basic rule set can be set with pre-known intrusion patterns, and a dynamically produced new rule set can be set by detecting network anomalies under specific threshold values. Such new rule set would be adapted to the pattern reference model in its next execution time. Therefore, the proposed security model can identify abnormal command execution more effectively and efficiently.

Study on Virtual Education System Modeling in Hybrid Cloud Computing

These days IT computing environment raises the problem of exposure to various risks in large. The user should store much more data and implement the update for much shorter time due to diversification of service and mass production of application. So, recently, the studies of cloud computing environment are being carried out actively. This paper is willing to propose much safer virtual education model in hybrid cloud environment that applies public and private cloud elements. Virtual education system proposed the model of whole system by dividing it to the modules of content provider, content consumer and manager and utilized security module for much safer model. The application against various business systems was proposed through the evaluation of security, accessibility and scalability against the proposed model.

Study on Safe Remote Control Method of Home Device under Environment of Smart Grid

In recent, as the interest in Green IT rises, the business of Smart Grid called as intelligent electric power network for completion of low-carbon green growth is promoted rapidly. However, smart devices of smart grid environment have a high possibility to be used in various cyber attacks or to be targeted at the cyber attacks by convergence with IT. This paper studied the safe remote control method of home device under the smart grid environment. The remote control method proposed uses a random value and a password and creates a one-time key. Moreover, the remote control method blocked off illegal access from the outside and made it possible to do remote control safely by doing message authentication with the use of this key.

Customized IPTV Content Recommendation Service Model Based on Personal Preference

These days, the advent of the Age of Broadcasting and Telecommunication Convergence, the number of program contents available in IPTV services has rapidly increased. For that reason, the accessibility and selection to users’ favorite broadcasting program contents has become an important issue. Moreover, due to the increase in the number of IPTV channels to a 3-digit number, it became difficult to select a channel only with the traditional TV viewing methods. In this paper, to solve this problem, an IPTV content recommendation service model which is used to user’s favorite preferences is proposed. The proposed scheme tracks users’ viewing and usage history to automatically monitor their preferences and recommends program contents suitable for them. User profiles data showing their preferences for programs allow users to be provided with more correct program recommendation services, by application of their previous viewing history, preferences of similar users and their favorite channels, to calculation of preferences.