• The Journal of the Korea Contents Association
• /
• v.17 no.6
• /
• pp.32-38
• /
• 2017

Despite the opinion that certificate is useless, half of the population in Korea (approx. 35 million) get an certificate, and use it for internet banking, internet shopping, stock trading, and so on. Most users store their certificates on a usb memory or smartphone, and certificates or passwords stored on such storage media can be easily attacked and used to disguise as legitimate users. Due to these security problem of certificate, a various authentication technologies has been proposed such as smartphone owner authentication using SMS, and a personal authentication using biometric authentication. However, a safe technique is not presented yet without user password, and certificate. In this paper, I proposed a method to secure certificate/private key without a user password using a combination of USIM card and smartphone's information. Even if a hacker gets the user password, the certificate, and the private key, he can not use the certificate. User do not need to remember complex password which is a combination of alphabetic / numeric / special characters, and use his certificate safely.

• Journal of Internet of Things and Convergence
• /
• v.9 no.1
• /
• pp.1-7
• /
• 2023

Cases in which personal terminals or servers are infected by ransomware are rapidly increasing. Ransomware uses a self-developed encryption module or combines existing symmetric key/public key encryption modules to illegally encrypt files stored in the victim system using a key known only to the attacker. Therefore, in order to decrypt it, it is necessary to know the value of the key used, and since the process of finding the decryption key takes a lot of time, financial costs are eventually paid. At this time, most of the ransomware malware is included in a hidden form in binary files, so when the program is executed, the user is infected with the malicious code without even knowing it. Therefore, in order to respond to ransomware attacks in the form of binary files, it is necessary to identify the encryption module used. Therefore, in this study, we developed a mechanism that can detect and identify by reverse analyzing the encryption module applied to the malicious code hidden in the binary file.

• The KIPS Transactions:PartC
• /
• v.17C no.2
• /
• pp.135-144
• /
• 2010

U-City pursues personalized service by collecting contexts through sensors located over the city and presenting the service automatically depending not on the user's request but on the situations that are needed. To provide the personalized service, however, contexts collected through various sensors are needed, and they include private information. Therefore, it is important to keep a balance between the convenience by presenting service and protecting private information. In this paper, we classify and grade person's various contexts requested in the personalized service environment. Based on these, we make decisions on whether to present the service or not by profile-matching between user profile and service profile. Also, we propose an efficient privacy-protection management scheme to encrypt transmitted private information and to control key distribution.

• Review of KIISC
• /
• v.29 no.6
• /
• pp.5-12
• /
• 2019

Full Disk Encryption(FDE)과 File Based Encryption(FBE)는 파일 디스크를 암호화하는 방식으로 안드로이드에서는 연락처, 문자 등의 사용자 데이터가 저장되는 데이터 파티션(/data)에 적용된다. FDE는 파티션 전체를 하나의 키로 암호화하는 방식이나 FBE는 2개 이상의 키로 파티션을 나누어 암호화한다. 이러한 FDE와 FBE는 기기 분실 및 도난 시 개인 정보 유출 피해를 방지할 수 있으나, 디지털 포렌식 수사 과정에서 증거 데이터 수집 및 분석을 어렵게 한다. 따라서 디지털 포렌식 관점의 FDE. FBE 분석 및 복호 방안에 관한 연구가 필요하다. 본 논문은 기존 FDE와 FBE의 복호 및 안전성 연구를 정리하고, 매년 FBE FDE가 보완되어 탑재되는 새로운 안드로이드 버전에 발맞춘 꾸준한 분석의 필요성을 시사한다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.05a
• /
• pp.316-319
• /
• 2010

File security is typically protected by encryption methods. The development of a network environment, such as the Internet according to the sharing of information between systems become commonplace, while providing convenience to users, individuals or organizations that facilitate access to sensitive information caused by hacking the system to attack the rapidly growing is a trend. This paper is the latest generation file system caused by the hacking attacks on the Sniffing for users using file encryption and key generation, Packet Sniffing Tool IP and data through the analysis are discussed. Through this study, the importance of protecting personal information by imprinting Proactive in the hacking incident, and what users will contribute to increase the level of security awareness.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.6
• /
• pp.1045-1057
• /
• 2022

Recently, the National Institute of Standards and Technology (NIST) announced four cryptographic algorithms as a standard candidates of Post-Quantum Cryptography (PQC). In this paper, we show that private key can be exposed by a non-profiling-based power analysis attack such as Correlation Power Analysis (CPA) and Differential Deep Learning Analysis (DDLA) on CRYSTALS-KYBER algorithm, which is decided as a standard in the PKE/KEM field. As a result of experiments, it was successful in recovering the linear polynomial coefficient of the private key. Furthermore, the private key can be sufficiently recovered with a 13.0 Normalized Maximum Margin (NMM) value when Hamming Weight of intermediate values is used as a label in DDLA. In addition, these non-profiling attacks can be prevented by applying countermeasures that randomly divides the ciphertext during the decryption process and randomizes the starting point of the coefficient-wise multiplication operation.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2003.05b
• /
• pp.787-790
• /
• 2003

전통적인 원격 평가 시스템들은 학생 개개인의 특성과 성향을 고려하지 않기 때문에 단순하고 획일적이라는 문제점을 갖고 있다. 돈 논문에서는 이러한 문제점을 해결하고 비디오를 통한 평가를 위하여 장면전환검출과 사용자 프로파일을 이용한 원격 비디오 평가 시스템을 제안하고 구현한다 비디오 문제 출제를 위한 장면 전환 검출을 통하여 키 프레임과 문제 출제 구간을 추출한다. 문제 출제 방법은 평가에 사용자 프로파일의 적용을 위하여 카테고리 기반 시스템과 키워드 기반 시스템을 합성한 방법을 이용하였다. 이 시스템을 통하여 학생들은 자신의 부족한 영역을 보충하고 관심 영역을 유지할 수 있으며 학업 성취도를 향상시킬 수 있다 사용자 프로파일을 이용한 본 시스템은 사용자의 문제 풀이 결과에 따라 영역별 문제 수를 조절하고 평가의 질과 효율성을 최대화시킨다.

• Journal of the Korea Society of Computer and Information
• /
• v.10 no.6 s.38
• /
• pp.137-152
• /
• 2005

In this Paper, we Propose an efficient web-based video learning evaluation system that is tailored to individual student's characteristics through the use of user profile-based information filtering. As a means of giving video-based questions, keyframes are extracted based on the location, size, and color information, and question-making intervals are extracted by means of differences in gray-level histograms as well as time windows. In addition, through a combination of the category-based system and the keyword-based system, questions for examination are given in order to ensure efficient evaluation. Therefore, students can enhance school achievement by making up for weak areas while continuing to identify their areas of interest.

• The KIPS Transactions:PartD
• /
• v.11D no.1
• /
• pp.95-104
• /
• 2004

This paper proposes an efficient remote video evaluation system that is matched well with personalized characteristics of students using information filtering based on user profile. For making a question in forms of video, a key frame extraction method based on coordinate, size and color information is proposed. And Question-mating intervals are extracted using gray-level histogram difference and time window. Also, question-making method that combined category-based system with keyword-based system is used for efficient evaluation. Therefore, students can enhance their study achievement through both supplementing their inferior area and preserving their interest area.

• Journal of Convergence for Information Technology
• /
• v.9 no.1
• /
• pp.142-150
• /
• 2019

This study is a file management security system that encrypts and decrypts computer and cloud data by using Bluetooth based cryptographic module. It is a necessary solution in terms of abuse of personal information and protection of social and national information. We developed H/W and S/W for SFMS(: Safe File Management Security) related Bluetooth module in cloud environment and implemented firmware development, encryption key generation and issuance, client program for system mobile and key management system. In the terminal internal encryption and decryption, SFMS was developed to ensure high security that the hacking itself is not possible because key values exist separately for each file.