• Journal of Korea Multimedia Society
• /
• v.10 no.5
• /
• pp.569-582
• /
• 2007

Digital watermarking technique for copyright protection and prevention of illegal copy and distribution can provide the reliable transaction to both buyer and seller in e-commerce through the cryptographic protocol such as 'Buyer-seller watermarking protocol'. Recently there has been researched about some cryptographic protocols for watermarking system but there has no yet mentioned about the implementation of practical watermarking technique in protocol. This paper presents the watermark embedding technique based on POCS in buyer-seller watermarking protocol. The proposed method designs the robust convex set based on EZW and the invisible convex set using PSNR and then projects into two sets until the convergence condition is satisfied. Experimental results verified that BER of watermark that is embedded by the proposed method has lower 0.02-0.10 than BER of the conventional method.

• Smart Media Journal
• /
• v.7 no.3
• /
• pp.64-71
• /
• 2018

Utilization of unmanned aerial vehicles (UAVs) are rapidly expanding to various fields ranging from defense, industry, entertainment and personal hobbies. Due to the increased activities of unmanned airplanes, many security problems have emerged, including flight path errors to undesired destinations, secondary threats due to exposed securities caused by the capture of unmanned airplanes in hostile countries. In this paper, we find security vulnerabilities in UAVs such as GPS spoofing, hacking captured video information, malfunction due to signal attenuation through jamming, and exposure of personal information due to image shooting. In order to solve this problem, the stability of the unstructured data is secured by setting the encryption of the video shooting information section using the virtual private network (VPN) to prevent the GPS spoofing attack. In addition, data integrity was ensured by applying personal information encryption and masking techniques to minimize the secondary damage caused by exposure of the UAV and to secure safety. It is expected that it will contribute to the safe use and stimulation of industry in the application field of UAV currently growing.

• Journal of Internet Computing and Services
• /
• v.20 no.4
• /
• pp.13-19
• /
• 2019

In order to register an application with Apple's App Store, it must pass a rigorous verification process through the Apple verification center. That's why spyware applications are difficult to get into the App Store. However, malicious code can also be executed through normal application vulnerabilities. To prevent such attacks, research is needed to detect and analyze early to patch potential vulnerabilities in applications. To prove a potential vulnerability, it is necessary to identify the root cause of the vulnerability and analyze the exploitability. A tool for analyzing iOS applications is the debugger named LLDB, which is built into Xcode, the development tool. There are various functions in the LLDB, and these functions are also available as APIs and are also available in Python. Therefore, in this paper, we propose a method to efficiently analyze potential vulnerabilities of iOS application by using LLDB API.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.18 no.6
• /
• pp.33-41
• /
• 2018

The idea of the Internet of Things as a platform on the Smart Campus has become increasingly popular. It requires an infrastructure consisting of communication networks, sensor nodes and gateways to connect to the Internet. Each sensor node is responsible for gathering data from the environment. This document outlines a network of wireless sensors on the Internet for the application of Smart Campus monitoring. Wireless sensor network Monitoring have become a complete solution to using a low power implementation and integrated systems. The numerous restrictions however result from the low communication range, the limited computing power, the lack of availability of the network protocol, the lack of programming security and the security failures in the areas of confidentiality, integrity and availability. A new security technique and its functionality for WSNM nodes developed. Development in the research of a secure network and suggestions for avoiding denial of service (DOS) and complexity attacks. These systems if properly implemented can provide an energy efficiency mechanism through pre-allocation and a new key from key management models with a secure routine algorithm.

• Convergence Security Journal
• /
• v.19 no.2
• /
• pp.3-9
• /
• 2019

Most of security countermeasures have been implemented to cope with continuous increase leakage of technology, but almost security countermeasures are focused on securing the boundary between inside and outside. This is effective for detecting and responding to attacks from the outside, but it is vulnerable to internal security incidents. In order to prevent internal leakage effectively, this study identifies activities corresponding to technology leakage activities and designes technology leakage activity detection items. As a design method, we analyzed the existing technology leakage detection methods based on the previous research and analyzed the technology leakage cases from the viewpoint of technology leakage activities. Through the statistical analysis, the items of detection of the technology leakage outcomes were verified to be appropriate, valid and reliable. Based on the results of this study, it is expected that it will be a basis for designing the technology leaking scenarios based on future research and leaking experiences.

• Journal of Convergence for Information Technology
• /
• v.9 no.9
• /
• pp.27-32
• /
• 2019

Along with the growth of u-Healthcare, we propose a security enhancement based on network separation for CloudHIS with for handling healthcare information to cope with cyber attack. To protect against all security threats and to establish clear data security policies, we apply desktop computing servers to cloud computing services for CloudHIS. Use two PCs with a hypervisor architecture to apply physical network isolation and select the network using KVM switched controller. The other is a logical network separation using one PC with two OSs, but the network is divided through virtualization. Physical network separation is the physical connection of a PC to each network to block the access path from both the Internet and the business network. The proposed system is an independent desktop used to access an intranet or the Internet through server virtualization technology on a user's physical desktop computer. We can implement an adaptive solution to prevent hacking by configuring the CloudHIS, a cloud system that handles medical hospital information, through network separation for handling security enhancement.

• Journal of Internet Computing and Services
• /
• v.20 no.2
• /
• pp.61-68
• /
• 2019

Although the number of smartphone users is continuously increasing due to the advantage of being able to easily use most of the Internet services, the number of counterfeit applications is rapidly increasing and personal information stored in the smartphone is leaked to the outside. Because Android app was developed with Java language, it is relatively easy to create counterfeit apps if attacker performs the de-compilation process to reverse app by abusing the repackaging vulnerability. Although an obfuscation technique can be applied to prevent this, but most mobile apps are not adopted. Therefore, it is fundamentally impossible to block repackaging attacks on Android mobile apps. In addition, personal information stored in the smartphone is leaked outside because it does not provide a forgery self-verification procedure on installing an app in smartphone. In order to solve this problem, blockchain is used to implement a process of certificated application registration and a fake app identification and detection mechanism is proposed on Hyperledger Fabric framework.

• Journal of Digital Convergence
• /
• v.17 no.10
• /
• pp.93-102
• /
• 2019

This paper aims to set the priorities for the cybersecurity strategy of Cambodian government. To this end, we built a AHP research model by adopting 4 factors from the ITU national interests model and selecting 7 strategies from best practices of 8 countries leading the cyber security. Using a questionnaire, 19 experts evaluated Cambodia's cybersecurity strategy priorities. The key policy factors were evaluated in the order of homeland defense, economic welfare, value promotion and favorable world order. Their strategic alternatives were identified in the order of legislation, capacity building, and cyber attack prevention for critical infrastructure. This study will contribute to setting the strategic priorities and feasible action plans to strengthen Cambodia's cybersecurity capabilities.

• Journal of Internet Computing and Services
• /
• v.20 no.5
• /
• pp.9-18
• /
• 2019

Android Application Package (APK) is vulnerable to repackaging attacks. Therefore, obfuscation technology was applied inside the Android APK file to cope with repackaging attack. However, as more advanced reverse engineering techniques continue to be developed, fake Android APK files to be released. A new approach is needed to solve this problem. A blockchain is a continuously growing list of records, called blocks, which are linked and secured using cryptography. Each block typically contains a cryptographic hash of theprevious block, a timestamp and transaction data. Once recorded, the data inany given block cannot be altered retroactively without the alteration of all subsequent blocks. Therefore, it is possible to check whether or not theAndroid Mobile APK is forged by applying the blockchain technology. In this paper, we construct a discrimination DApp (Decentralized Application) against forgery Android Mobile APK by recording and maintaining the legitimate APK in the consortium blockchain framework like Hyperledger Fabric by Composer. With proposed DApp, we can prevent the forgery and modification of the appfrom being installed on the user's Smartphone, and normal and legitimate apps will be widely used.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.22 no.2
• /
• pp.452-458
• /
• 2021

The value and importance of personal information are increasing due to the increasing number of fields where the Internet environment and computing environment are used, and user authentication technology is also changing. Until now, accredited certificates, which are mainly used in the financial sector, are being replaced with biometric authentication technology due to the problem of revocation. However, another problem is that biometric information cannot be modified once it is leaked. Recently, with the advent of blockchain technology, research on user authentication methods has actively progressed. In this paper, both public certificate and blockchain-based user authentication can be used without system change, and a new DID issuance and reissuance method that can replace the resident registration number is presented. The proposed system can be used without restrictions in a blockchain. However, the currently used DID requires installation of an application at the Interworking Support Center for verification. Since a DID can be authenticated without registering as a member, indiscriminate information collection can be prevented. Security, convenience, and determinism are compared with the existing system, and excellence is proven based on various attack methods, its portability, and proxy use.