• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.6
• /
• pp.13-25
• /
• 2005

In these days, there are various uses of Linux such as small embedded systems, routers, and huge servers, because Linux gives several advantages to system developers by allowing to use the open source code of the Linux kernel. On the other hand, the open source nature of the Linux kernel gives a bad influence on system security. If someone wants to exploit Linux-based systems, the attacker can easily do it by finding vulnerabilities of their Linux kernel sources. There are many kinds of existing methods for lading source-level vulnerabilities of softwares, but they are not suitable for finding source-level vulnerabilities of the Linux kernel which has an enormous amount of source code. In this paper, we propose the Onion mechanism as a methodology of finding source-level vulnerabilities of Linux kernel variables. The Onion mechanism is made up of two steps. The Int step is to select variables that may be vulnerable by using pattern matching mechanism and the second step is to inspect vulnerability of each selected variable by constructing and analyzing the system call trees. We also evaluate our proposed methodology by applying it to two well-known source-level vulnerabilities.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.7
• /
• pp.1071-1077
• /
• 2022

A security SoC that can be used to implement elliptic curve cryptography (ECC) based public-key infrastructures was designed. The security SoC has an architecture in which a hardware accelerator for the elliptic curve digital signature algorithm (ECDSA) is interfaced with the Cortex-A53 CPU using the AXI4-Lite bus. The ECDSA hardware accelerator, which consists of a high-performance ECC processor, a SHA3 hash core, a true random number generator (TRNG), a modular multiplier, BRAM, and control FSM, was designed to perform the high-performance computation of ECDSA signature generation and signature verification with minimal CPU control. The security SoC was implemented in the Zynq UltraScale+ MPSoC device to perform hardware-software co-verification, and it was evaluated that the ECDSA signature generation or signature verification can be achieved about 1,000 times per second at a clock frequency of 150 MHz. The ECDSA hardware accelerator was implemented using hardware resources of 74,630 LUTs, 23,356 flip-flops, 32kb BRAM, and 36 DSP blocks.

• KIPS Transactions on Software and Data Engineering
• /
• v.12 no.3
• /
• pp.133-140
• /
• 2023

The performance of lithium ion batteries depends on the usage environment and the combination ratio of cathode materials. In order to develop a high-performance lithium-ion battery, it is necessary to manufacture the battery and measure its performance while varying the cathode material ratio. However, it takes a lot of time and money to directly develop batteries and measure their performance for all combinations of variables. Therefore, research to predict the performance of a battery using an artificial intelligence model has been actively conducted. However, since measurement experiments were conducted with the same battery in the existing published battery data, the cathode material combination ratio was fixed and was not included as a data attribute. In this paper, we define a training data model required to develop an artificial intelligence model that can predict battery performance according to the combination ratio of cathode materials. We analyzed the factors that can affect the performance of lithium-ion batteries and defined the mass of each cathode material and battery usage environment (cycle, current, temperature, time) as input data and the battery power and capacity as target data. In the battery data in different experimental environments, each battery data maintained a unique pattern, and the battery classification model showed that each battery was classified with an error of about 2%.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.5
• /
• pp.827-846
• /
• 2023

Recently, various information technologies such as network communication and sensors have begun to be integrated into weapon systems that were previously operated in stand-alone. This helps the operators of the weapon system to make quick and accurate decisions, thereby allowing for effective operation of the weapon system. However, as the involvement of the cyber domain in weapon systems increases, it is expected that the potential for damage from cyber attacks will also increase. To develop a secure weapon system, it is necessary to implement built-in security, which helps considering security from the requirement stage of the software development process. The U.S. Department of Defense is implementing the Risk Management Framework Assessment and Authorization (RMF A&A) process, along with the introduction of the concept of cybersecurity, for the evaluation and acquisition of weapon systems. Similarly, South Korea is also continuously making efforts to implement the Korea Risk Management Framework (K-RMF). However, so far, there are no cases where K-RMF has been applied from the development stage, and most of the data and documents related to the U.S. RMF A&A are not disclosed for confidentiality reasons. In this study, we propose the method for inferring the composition of the K-RMF based on systematic threat analysis method and the publicly released documents and data related to RMF. Furthermore, we demonstrate the effectiveness of our inferring method by applying it to the naval battleship system.

• Korean Journal of Remote Sensing
• /
• v.39 no.5_1
• /
• pp.599-608
• /
• 2023

The increasing interest in soil moisture data using satellite data for applications of hydrology, meteorology, and agriculture has led to the development of methods for generating soil moisture maps of variable resolution. This study demonstrated the capability of generating soil moisture maps using Sentinel-1 and Sentinel-2 data provided by Google Earth Engine (GEE). The soil moisture map was derived using synthetic aperture radar (SAR) image and optical image. SAR data provided by the Sentinel-1 analysis ready data in GEE was applied with normalized difference vegetation index (NDVI) based on Sentinel-2 and Environmental Systems Research Institute (ESRI)-based Land Cover map. This study produced a soil moisture map in the research area of Victoria, Australia and compared it with field measurements obtained from a previous study. As for the validation of the applied method's result accuracy, the comparative experimental results showed a meaningful range of consistency as 4-10%p between the values obtained using the algorithm applied in this study and the field-based ones, and they also showed very high consistency with satellite-based soil moisture data as 0.5-2%p. Therefore, public open data provided by GEE and the algorithm applied in this study can be used for high-resolution soil moisture mapping to represent regional land surface characteristics.

• Management & Information Systems Review
• /
• v.37 no.1
• /
• pp.139-154
• /
• 2018

R programming is free and open source system associated with a rich and ever-growing set of libraries of functions developed and submitted by independent end-users. It is recognized as a popular tool for handling big data sets and analyzing them. Reflecting these characteristics, R has been gaining popularity from data analysts. However, the antecedents of R technology acceptance has not been studied yet. In this study we identify and investigates cognitive factors contributing to build user acceptance toward R in education environment. We extend the existing technology acceptance model by incorporating social norms and software capability. It was found that the factors of subjective norm, perceived usefulness, ease of use affect positively on the intention of acceptance R programming. In addition, perceived usefulness is related to subjective norms, perceived ease of use, and software capability. The main difference of this research from the previous ones is that the target system is not a stand-alone. In addition, the system is not static in the sense that the system is not a final version. Instead, R system is evolving and open source system. We applied the Technology Acceptance Model (TAM) to the target system which is a platform where diverse applications such as statistical, big data analyses, and visual rendering can be performed. The model presented in this work can be useful for both colleges that plan to invest in new statistical software and for companies that need to pursue future installations of new technologies. In addition, we identified a modified version of the TAM model which is extended by the constructs such as subjective norm and software capability to the original TAM model. However one of the weak aspects that might inhibit the reliability and validity of the model is that small number of sample size.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.12 no.2
• /
• pp.205-214
• /
• 2012

IDPF, which builds formats and copyright protection standards of eBooks, has announced ePUB 3.0 as a technical standard of eBooks in October, 2011. This standard includes methods how to represent eBooks and technical specifications to protect eBook content. While technical specifications for content protection describe how to represent encryption and digital signature techniques, they do not identify any technical standards for rights expression but just file names for storages of rights information. It does not provide any unification of copyright information representation and formats used by eBook service companies. When copyright protection techniques for eBooks are used, comparability among eBook readers cannot be expected, even though there is a standard of ePUB. This study suggests a method to maintain compatibility toward eBook DRM by using unified rights information process under circumstances where different eBook service companies use diverse methods. The standard reference software of the model proposed in this study, together with other results of this study, will be offered as a registered open software.

• Korean Journal of Remote Sensing
• /
• v.33 no.6_3
• /
• pp.1215-1221
• /
• 2017

SeNtinel's Application Platform (SNAP) is an open source software developed by the European Space Agency and consists of several toolboxes that process data from Sentinel satellite series, including SAR (Synthetic Aperture Radar) and optical satellites. Among them, S1TBX (Sentinel-1 ToolBoX)is mainly used to process Sentinel-1A/BSAR images and interferometric techniques. It provides flowchart processing method such as Graph Builder, and has convenient functions including automatic downloading of DEM (Digital Elevation Model) and image mosaicking. Therefore, if computer memory is sufficient, InSAR (Interferometric SAR) and DInSAR (Differential InSAR) perform smoothly and are widely used recently in the world through rapid upgrades. S1TBX also includes existing SAR data processing functions, and since version 5, the processing capability of KOMPSAT-5 has been added. This paper shows an example of processing the interference technique of KOMPSAT-5 SAR image using S1TBX of SNAP. In the open mine of Tavan Tolgoi in Mongolia, the difference between DEM obtained in KOMPSAT-5 in 2015 and SRTM 1sec DEM obtained in 2000 was analyzed. It was found that the maximum depth of 130 meters was excavated and the height of the accumulated ore is over 70 meters during 15 years. Tidal and topographic InSAR signals were observed in the glacier area near Jangbogo Antarctic Research Station, but SNAP was not able to treat it due to orbit error and DEM error. In addition, several DInSAR images were made in the Iraqi desert region, but many lines appearing in systematic errors were found on coherence images. Stacking for StaMPS application was not possible due to orbit error or program bug. It is expected that SNAP can resolve the problem owing to a surge in users and a very fast upgrade of the software.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.11 no.6
• /
• pp.235-245
• /
• 2011

EBooks refer to electronic versions of books which are accessible via internet with forms of digital texts. In recent years, Amazon's Kindle digital eBooks has revealed the possibilities of success of the e-book market, which leads other companies to launch eBook service such as Google's eBook stores and Apple's iPad and eBook service. These reveal that the eBook market is finally showing a substantial amount of growth. Although the issue of technical support of eBook copyright protection emerges from the fast growing eBook marketplace, current technic of commercial DRM for protecting eBook copyright protection still has problems of non-comparability. Therefore, with the current technical status, DRM comparability problems, which have already occurred in music DRM environment, would also happen in eBook environment. This study suggests a standard framework to support eBook DRM comparability. When development of the standard reference software for eBook DRM comparability is completed, the sources will be registered as shareware to be open to public.

• The KIPS Transactions:PartA
• /
• v.16A no.4
• /
• pp.227-234
• /
• 2009

OSGi technology has applied to Home Network, but now it is loaded into even heterogeneous devices in various domains. Therefore, it is necessary to cooperate with each other framework for offering effective services in distributed OSGi frameworks. However until now, OSGi specification doesn't provide any methodthat can share the services registered on remote OSGi frameworks. In order to solve this problem, there have been several researches that used existing distributed middleware technologies such as JXTA and Web Services. However these technologies have some weakness, that is, they consume lots of computing resources and need additional process to transform the services. A middleware called R-OSGi uses only OSGi technology for sharing remote OSGi services, but R-OSGi may have a communication bottleneck and SPOF (Single Point of Failure) problem, because it has a central service registry. In this paper we present RSP (Remote Service Provider), which is a P2P-based effective service sharing scheme on distributed OSGi framework. RSP doesn't need to install additional software nor have the additional transformation process of the service representation, because it uses only OSGi technology. In addition it doesn't have any bottleneck problem and improves scalability by providing the service discovery mechanism using P2P. RSP can also access remote services transparently and it can guarantee reliability by sending an immediate notice about changes of the remote services.