• Journal of Internet Computing and Services
• /
• v.20 no.2
• /
• pp.61-68
• /
• 2019

Although the number of smartphone users is continuously increasing due to the advantage of being able to easily use most of the Internet services, the number of counterfeit applications is rapidly increasing and personal information stored in the smartphone is leaked to the outside. Because Android app was developed with Java language, it is relatively easy to create counterfeit apps if attacker performs the de-compilation process to reverse app by abusing the repackaging vulnerability. Although an obfuscation technique can be applied to prevent this, but most mobile apps are not adopted. Therefore, it is fundamentally impossible to block repackaging attacks on Android mobile apps. In addition, personal information stored in the smartphone is leaked outside because it does not provide a forgery self-verification procedure on installing an app in smartphone. In order to solve this problem, blockchain is used to implement a process of certificated application registration and a fake app identification and detection mechanism is proposed on Hyperledger Fabric framework.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.6
• /
• pp.81-93
• /
• 2006

A file system is an evidence resource of cyber crime in computer forensics. Therefore the methods of recovering the file system and searching important information have been offered. However, the methods for finding a malicious fie in free blocks or slack spaces have not been suggested. In this paper, we propose an investigation method to find a maliciously executable fragmented file. After estimating if a file is executable with a machine code rate, we conclude it could be malicious by comparing a similarity of instruction sequences. To examine instruction sequences, we also propose a method of profiling malicious files using file and a method of comparing the continued scores. As the results, we could exactly pick out the malicious execution files, such as buffer overflow attack program, at fitting threshold level.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.1
• /
• pp.125-133
• /
• 2011

According to proliferation of mobile devices, security threats have been continuously increased such as illegal or unintentional file transmission of important data to an external mass-storage device. Therefore, we propose a protection method to prohibit an illegal outflow to this device and implement this method. This method extracts signatures from random locations of important file and uses them to detect and block illegal file transmission. To get signatures, a target file is divided by extracting window size and more than one signatures are extracted in this area. To effective signature sampling, various extraction ways such as full, binomial distribution-based and dynamic sampling are implemented and evaluated. The proposed method has some advantages. The one is that an attacker cannot easily predict the signature and its extraction location. The other is that it doesn't need to modify original data to protect it. With the help of these advantages, we can say that this method can increase efficiency of easy-to-use and it is a proper way leakage prevention in a mobile device.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.1
• /
• pp.73-81
• /
• 2021

When downloading files using an app or web-based application on the user's mobile phone, the path is set to be saved in the pre-defined default directory. Many applications requiring access to storage, including file managers, require a write or read permission of storage to provide numerous functions and services. This means that the application will have direct access to the download folder where the numerous files downloaded. In this paper, to prove our feasibility of attack using the security vulnerabilities mentioned above, we developed a file hacking function disguised as an encryption function in the file management application. The file that encrypted will be sent to hackers via E-mail simultaneously on the background. The developed application was evaluated from VirusTotal, a malicious analysis engine, was not detected as a malicious application in all 74 engines. Finally, in this paper, we propose a defense technique and an algorithm based on the Trusted Execution Environment (TEE) to supplement these storage vulnerabilities.

• Journal of Internet of Things and Convergence
• /
• v.7 no.1
• /
• pp.9-19
• /
• 2021

The data mining design incorporated with big data based cloud computing system is investigated for the nuclear terrorism prevention where the conventional physical protection system (PPS) is modified. The networking of terror related bodies is modeled by simulation study for nuclear forensic incidents. It is needed for the government to detect the terrorism and any attempts to attack to innocent people without illegal tapping. Although the mathematical algorithm of the study can't give the exact result of the terror incident, the potential possibility could be obtained by the simulations. The result shows the shape oscillation by time. In addition, the integration of the frequency of each value can show the degree of the transitions of the results. The value increases to -2.61741 in 63.125th hour. So, the terror possibility is highest in later time.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.4
• /
• pp.582-590
• /
• 2022

As security threats caused by cyber attacks continue, security control is mainly operated in the form of a service business with expertise for rapid detection and response. Accordingly, a number of studies have been conducted on the operation of security control services. However, due to the research on the resulting management, indicators, and measurements, the work process has not been studied in detail, causing confusion in the field, making it difficult to respond to security accidents. This paper presents ISMS-P-based service management methods and proposes an easy outsourcing service management method for client by checklisting each item derived from the mapping of 64 items of ISMS-P protection requirements through business relevance analysis. In addition, it is expected to help implement periodic security compliance and acquire and renew ISMS-P in the mid- to long-term, and to contribute to enhancing security awareness of related personnel.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.7
• /
• pp.955-961
• /
• 2021

In modern warfare, the importance of electronic warfare, which carries out a mission that using radio wave to find out enemy information or to protect ally information, has increased. Radar jamming technique is one of the most representative techniques of EA(Electronic Attack), it disturbs and deceives enemy radar system in order to secure ally location information. Velocity deception jamming technique, which is one of the radar jamming techniques, generally operate against pulse-doppler radar which use doppler effect in order to track target's velocity and location. Velocity Deception Jamming Technique can be implemented using DRFM(Digital Radio Frequency Memory) that performs Frequency Modulation. In this paper, I describe implementation method of VGPO/VGPI(Velocity Gate Pull-Off/Pull-In) velocity deception jamming technique using phase-sampled DRFM, and verify the operation of VGPO/VGPI velocity deception jamming technique with board test under signal injection condition.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.12
• /
• pp.1880-1889
• /
• 2022

The online portal platform provides online news with online comments, but the anonymity of comments causes incivility, and online comments are considered social problems. While there are many foreign language-based incivility detection studies, in-depth research is not being conducted in Korea since there has not been implemented Korean language dataset which is labeled detailed criteria of incivility. In this study, the incivility notation of comments was conducted in a total of 13 items, uncivil words were summarized. Furthermore, Attention algorithm was applied to each comment and summary to extract embedding vectors. 2-d CNN followed at the end to detect incivility in given data. As a result, we showed that the proposed algorithm is useful for anti-citizen detection such as name-calling and offensive tones. This study is expected to contribute to the formation of a healthy online comment culture by detecting uncivil comments which hinder democratic discourse.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.12
• /
• pp.1872-1879
• /
• 2022

Recently, with the development of artificial intelligence technology, research to use artificial intelligence to detect hacking attacks is being actively conducted. However, the fact that security data is a representative imbalanced data is recognized as a major obstacle in composing the learning data, which is the key to the development of artificial intelligence models. Therefore, in this paper, we propose a W-VAE oversampling technique that applies VAE, a deep learning generation model, to data extraction for oversampling, and sets the number of oversampling for each class through weight calculation using K-NN for sampling. In this paper, a total of five oversampling techniques such as ROS, SMOTE, and ADASYN were applied through NSL-KDD, an open network security dataset. The oversampling method proposed in this paper proved to be the most effective sampling method compared to the existing oversampling method through the F1-Score evaluation index.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.24 no.3
• /
• pp.163-169
• /
• 2024

Anti-drone (anti-drone) is at the center of the debate over the failure to shoot down a North Korean drone that invaded the metropolitan area at the end of 2022. Anti-drone is a means of detecting and restraining drone flights in unauthorized airspace. Anti-drone technology is a key defense system for drone technology that is essential in the current illegal situation of various drones. We must be alert in the war in Ukraine, where the role of drones has increased. Drone attacks, which are not easy to defend, may determine the victory or defeat of the war. Competition for anti-drone technology development in countries around the world will rise. When new anti-drone technology emerges, drones that go beyond it will be developed. This study presented the current status of anti-drone by analyzing the defense system of domestic drones.