• The Journal of Society for e-Business Studies
• /
• v.23 no.3
• /
• pp.129-143
• /
• 2018

Recently, the use of digital media such as computers and smart devices has been rapidly increasing, The vast and diverse information contained in the warrant of the investigating agency also includes the one irrelevant to the crime. Therefore, when confiscating the information, the basic rights, defense rights and privacy invasion of the person to be seized have been the center of criticism. Although the investigation agency guarantees the right to participate, it does not have specific guidelines, so they are various by the contexts and environments. In this process, the abuse of the participation right is detrimental to the speed and integrity of the investigation, and there is a side effect that the digital evidence might be destroyed by remote initialization. In this study, we conducted surveys of digital evidence analysts across the country based on four domains and thirty measurement items for enabling environment for participation in information storage media export and digital evidence search process. The difference between the level of importance and the performance was analyzed by the IPA matrix based on process, location, people, and technology dimensions. Seven items belonging to "concentrate here" area are one process-related, three location-related, and three people-related items. This study is meaningful to be a basis for establishing the proper policies and strategies for ensuring participation right, as well as for minimizing the side effects.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.1
• /
• pp.41-55
• /
• 2007

The certificate is used to confirm and prove the user's identity in online finance and stocks business. A user's public key is stored in the certificate(for e.g., SignCert.der) and the private key, corresponding to public key, is stored in the private key file(for e.g., SignPri.key) after encryption using the password that he/she created for security. In this paper, we show that the certificate, deleted by the commercial certificate software, can be recovered without limitation using the commercial forensic tools. In addition, we explain the problem that the private key encryption password can be detected using the SignCert.der and the SignPri.key in off-line and propose the countermeasure about the problem.

• Convergence Security Journal
• /
• v.22 no.5
• /
• pp.21-35
• /
• 2022

The use of digital information according to the development of information and communication technology and the 4th industrial revolution is continuously increasing and diversifying, and in proportion to this, crimes using digital information are also increasing. However, there are few cases of establishing an environment for processing and analysis of digital evidence in Korea. The budget allocated for each organization is different and the digital forensics laboratory built without solving the chronic problem of securing space has a problem in that there is no standard that can be referenced from the initial configuration stage. Based on this awareness of the problem, this thesis conducted an exploratory study focusing on tools and equipment necessary for building a digital forensics laboratory. As a research method, focus group interviews were conducted with 15 experts with extensive practical experience in the digital forensic laboratory or digital forensics field and experts' opinions were collected on the following 9 areas: network configuration, analyst computer, personal tools·equipment, imaging devices, dedicated software, open source software, common tools/equipment, accessories, and other considerations. As a result, a list of tools and equipment for digital forensic laboratories was derived.

• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.8
• /
• pp.249-258
• /
• 2022

Since the advent of Bitcoin, various virtual assets have been actively traded through virtual asset services of virtual asset exchanges. Recently, security accidents have frequently occurred in virtual asset exchanges, so the government is obligated to obtain information security management system (ISMS) certification to strengthen information protection of virtual asset exchanges, and 56 additional specialized items have been established. In this paper, we compared the domain importance of ISMS and CryptoCurrency Security Standard (CCSS) which is a set of requirements for all information systems that make use of cryptocurrencies, and analyzed the results after mapping them to gain insight into the characteristics of each certification system. Improvements for 4 items of High Level were derived by classifying the priorities for improvement items into 3 stages: High, Medium, and Low. These results can provide priority for virtual asset and information system security, support method and systematic decision-making on improvement of certified items, and contribute to vitalization of virtual asset transactions by enhancing the reliability and safety of virtual asset services.

• Convergence Security Journal
• /
• v.24 no.1
• /
• pp.51-57
• /
• 2024

Although industrial control systems (ICSs) recently keep evolving with the introduction of Industrial IoT converging information technology (IT) and operational technology (OT), it also leads to a variety of threats and vulnerabilities, which was not experienced in the past ICS with no connection to the external network. Since various control command messages are sent to field devices of the ICS for the purpose of monitoring and controlling the operational processes, it is required to guarantee the message integrity as well as control center authentication. In case of the conventional message integrity codes and signature schemes based on symmetric keys and public keys, respectively, they are not suitable considering the asymmetry between the control center and field devices. Especially, compromised node attacks can be mounted against the symmetric-key-based schemes. In this paper, we propose message authentication scheme based on double hash chains constructed from cryptographic hash function without introducing other primitives, and then propose extension scheme using Merkle tree for multiple uses of the double hash chains. It is shown that the proposed scheme is much more efficient in computational complexity than other conventional schemes.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.4
• /
• pp.747-761
• /
• 2024

Recently, modern vehicles have been controlled by Electronic Control Units (ECUs), by which the safety and convenience of drivers are highly improved. It is known that a luxury vehicle has more than 100 ECUs to electronically control its function. However, the modern vehicles are getting targeted by cyber attacks because of this computer-based automotive system. To address the cyber attacks, automotive manufacturers have been developing some methods for securing their vehicles, such as automotive Intrusion Detection System (IDS). This development is only allowed to the automotive manufacturers because they have databases for their in-vehicle network (i.e., DBC Format File) which are highly confidential. This confidentiality poses a significant challenge to external researchers who attempt to conduct automotive security researches. To handle this restricted information, in this paper, we propose a method to partially understand the DBC Format File by analyzing in-vehicle network traffics. Our method is designed to analyze Controller Area Network (CAN) traffics so that checksum signals are identified in CAN Frame Data Field. Also, our method creates a Lookup Set by which a checksum signal is correctly estimated for a given message. We validate our method with the publicly accessible dataset as well as one from a real vehicle.

• 재활복지
• /
• v.21 no.3
• /
• pp.129-146
• /
• 2017

In an event of an emergency, such as fire in a building, visually impaired and blind people are prone to exposed to a level of danger that is greater than that of normal people, for they cannot be aware of it quickly. Current fire detection methods such as smoke detector is very slow and unreliable because it usually uses chemical sensor based technology to detect fire particles. But by using vision sensor instead, fire can be proven to be detected much faster as we show in our experiments. Previous studies have applied various image processing and machine learning techniques to detect fire, but they usually don't work very well because these techniques require hand-crafted features that do not generalize well to various scenarios. But with the help of recent advancement in the field of deep learning, this research can be conducted to help solve this problem by using deep learning-based object detector that can detect fire using images from security camera. Deep learning based approach can learn features automatically so they can usually generalize well to various scenes. In order to ensure maximum capacity, we applied the latest technologies in the field of computer vision such as YOLO detector in order to solve this task. Considering the trade-off between recall vs. complexity, we introduced two convolutional neural networks with slightly different model's complexity to detect fire at different recall rate. Both models can detect fire at 99% average precision, but one model has 76% recall at 30 FPS while another has 61% recall at 50 FPS. We also compare our model memory consumption with each other and show our models robustness by testing on various real-world scenarios.

• Korean Journal of Remote Sensing
• /
• v.40 no.4
• /
• pp.343-350
• /
• 2024

Since the release of Meta's Segment Anything Model (SAM), a large-scale vision transformer generation model with rapid image segmentation capabilities, several studies have been conducted to apply this technology in various fields. In this study, we aimed to investigate the applicability of SAM for water bodies detection and extraction using the QGIS Geo-SAM plugin, which enables the use of SAM with satellite imagery. The experimental data consisted of Compact Advanced Satellite 500 (CAS500)-1 images. The results obtained by applying SAM to these data were compared with manually digitized water objects, Open Street Map (OSM), and water body data from the National Geographic Information Institute (NGII)-based hydrological digital map. The mean Intersection over Union (mIoU) calculated for all features extracted using SAM and these three-comparison data were 0.7490, 0.5905, and 0.4921, respectively. For features commonly appeared or extracted in all datasets, the results were 0.9189, 0.8779, and 0.7715, respectively. Based on analysis of the spatial consistency between SAM results and other comparison data, SAM showed limitations in detecting small-scale or poorly defined streams but provided meaningful segmentation results for water body classification.

• Journal of Internet of Things and Convergence
• /
• v.8 no.5
• /
• pp.119-125
• /
• 2022

With the recent increase in dementia patients due to aging, measures to prevent their wandering behavior and disappearance are urgently needed. To solve this problem, various authentication methods and location detection techniques have been introduced, but the security problem of personal authentication and a system that can check indoor and outdoor overall was lacking. In order to solve this problem, various authentication methods and location detection techniques have been introduced, but it was difficult to find a system that can check the security problem of personal authentication and indoor/outdoor overall. In this study, we intend to propose a system that can identify personal authentication, basic health status, and overall location indoors and outdoors by using wristband-type wearable devices in a private blockchain environment. In this system, personal authentication uses ECG, which is difficult to forge and highly personally identifiable, Bluetooth beacon that is easy to use with low power, non-contact and automatic transmission and reception indoors, and DGPS that corrects the pseudorange error of GPS satellites outdoors. It is intended to detect wandering behavior and abnormal signs by locating the patient. Through this, it is intended to contribute to the prompt response and prevention of disappearance in case of wandering behavior and abnormal symptoms of dementia patients living at home or in nursing homes.

• Journal of Broadcast Engineering
• /
• v.28 no.1
• /
• pp.145-148
• /
• 2023

Open-loop Octonion space-time block code for 4 transmit antenna system is considered and random phases are applied to 4 transmit antennas for physical layer security. When an illegal hacker estimates the random phases of 1 through 4 transmit antennas with maximum likelihood (ML), this letter analyzes the bit error rate (BER) performances versus signal-to-noise ratio (SNR). And the Octonion code in the literature[1] does not have full orthogonality so, this letter employs the perfect orthogonal Octonion code. When the hacker knows that the random phases are 2-PSK constellations and he should estimate all the 4 random phases, the hacking is impossible until 100dB. When the hacker possibly know that some of the random phases, bit error rate goes down to 10^-3 so, the transmit message could be hacked.