• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.27 no.11C
• /
• pp.1090-1096
• /
• 2002

The HTTP does not support continuity for browser-server interaction between successive visits or a user due to a stateless feature. Cookies were invented to maintain continuity and state on the Web. Because cookies are transmitted in plain and contain text-character strings encoding relevant information about the user, the attacker can easily copy and modify them for his undue profit. In this paper, we design a secure cookies scheme based on X.509 public key certificate for solving these security weakness of typical web cookies. Our secure cookies scheme provides not only mutual authentication between client and server but also confidentiality and integrity of user information. Additionally, we implement our secure cookies scheme and compare it to the performance with SSL(Secure Socket Layer) protocol that is widely used for security of HTTP environment.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.04a
• /
• pp.424-427
• /
• 2015

근래 들어 모바일 기기의 시스템을 장악하여 사용자의 기밀 정보를 빼내는 악성 행위의 한 방법으로 Code Reuse Attack (CRA)이 널리 사용되고 있다. 이와 같은 CRA를 막기 위하여 call-return이 일어날 때마다 이들 address를 비교해 보는 shadow stack과 branch에 대한 몇 가지 규칙을 두어 CRA 를 탐지하는 branch regulation과 같은 방식이 연구되었다. 우리는 shadow stack과 branch regulation을 종합하여 여러 종류의 CRA를 적은 성능 오버헤드로 탐지할 수 있는 CRA Detection System을 만들고자 한다. 이를 위하여 반드시 선행 되어야 할 연구인 바이너리 파일 분석과 meta-data 생성 및 압축 기술을 제안한다. 실험 결과 생성된 meta-data는 압축 기술을 적용하기 전보다 1/2에서 1/3 가량으로 그 크기가 줄어들었으며 CRA Detection System의 탐지가 정상적으로 동작하는 것 또한 확인할 수 있었다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.10a
• /
• pp.346-349
• /
• 2014

Currently, the growing cyber threat continues, the damage caused by the evolution of malicious code incidents become more bigger. Such advanced attacks as APT using 'zero-day vulnerability' bring easy way to steal sensitive data or personal information. However it has a lot of limitation that the traditional ways of defense like 'access control' with blocking of application ports or signature base detection mechanism. This study is suggesting a way of controlling application activities focusing on keeping integrity of applications, authorization to running programs and changes of files of operating system by hardening of legitimate resources and programs based on 'white-listing' technology which analysis applications' behavior and its usage.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.11a
• /
• pp.672-675
• /
• 2013

FTP(File Transfer Protocol)는 호스트에서 다른 호스트로 파일을 전송하기 위한 프로토콜로써, 데이터를 평문으로 전송하기 때문에 기밀성이 보장되지 않는다. 현재 보안 기능이 제공되는 FTP로 FTPS(FTP over SSL)가 있다. FTPS는 TLS(Transport Layer Security)와 SSL(Secure Socket Layer) 암호화 프로토콜 기반에서 동작하는 FTP 이다. 따라서 FTPS는 TLS와 SSL과 같은 추가적인 시스템이 반드시 필요한 단점이 있다. 본 논문에서는 추가적인 암호화 프로토콜 없이 FTP 내에서 보안 기능을 제공하는 Secured FTP를 제안하였다. 본 논문에서 제안한 Secured FTP 는 FTP 내에서 Diffie-Hellman 알고리즘을 이용하여 비밀 키를 교환하고 AES(Advanced Encryption Standard)-Counter 알고리즘을 이용하여 FTP 데이터를 암호화 및 복호화하도록 설계하였다. 본 논문에서 제안한 Secured FTP를 Linux 운영체제에서 구현하였고 시험을 통하여 비밀 키가 정상적으로 교환되고, FTP 데이터가 암호화되어 전송되는 것을 확인하였다.

• Aerospace Engineering and Technology
• /
• v.12 no.2
• /
• pp.108-117
• /
• 2013

The oxidizer shutoff valve of a gas generator controls the mass flow rate of the propellant of a rocket engine using pilot pressure and spring the force of the valve. The developing oxidizer shutoff valve can be shut off if the pilot pressure is removed from the actuator. Therefore, force balancing is necessary to analyze the characteristics of the forces with respect to the opening and closing of the valve in order to evaluate its performance. In light of this, the valve has been designed to adjust the control pressure required to open the poppet and to determine the working fluid pressure at which the valve starts to close. Under cryogenic flow test as a tests level of C.R.T(Control Random Test), the chattering phenomena occurred due to much leakage of a metal seat section. The pressure for chattering of the oxidizer valve is predicted at about 11 bar using force balancing analysis.

• Journal of Digital Convergence
• /
• v.12 no.11
• /
• pp.233-239
• /
• 2014

Ultra high-resolution content, the file size is very large, therefore existing encoding techniques, it is not possible to transmit via the network. Efficient use of the network encoder HEVC corporation can be transferred. Compression requires a lot of time because it requires a distributed transcoding system. Distributed transcoding system is a distributed data store, and then encoded using a large number of nodes. The disadvantage of distributed transcoding system for distributed information is exposed or vulnerable to attack by internal managers. In this paper, when the super high definition content transcoding, distributed transcoding system does not guarantee the confidentiality of the problem to solve. We are using SNA, HEVC encoded content data encrypted using the secret distributing scheme was. Consequently, secure shared transcoding is possible, the internal administrator could prevent the attack.

• Journal of Digital Convergence
• /
• v.11 no.1
• /
• pp.275-281
• /
• 2013

This space is for the of your study in English. If simple menu item changes or the addition of check items are necessary on GUI menu of existing test equipments for military facilities that are programmed by using RAD tools such as Visual C++, they should go through complex steps, such as numerous conducting steps, coding, flash design modification, recompiling and distribution. It is cumbersome process and waste much time. Also, on implementing them, it was worried about leaking secrets because a number of military security considerations were included. To solve such as the above problem, we proposed commercial RIA technologies and a COTS fault diagnostic knowledge-based system that implemented by the XML data design technique in this research. The proposed approach solves the problem of existing methods, reduced inspection time, and improved performance, usability, and maintainability.

• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.12
• /
• pp.491-498
• /
• 2016

Recently leakages of confidential information and internal date have been steadily increasing by using booting technique on portable OS such as Windows PE stored in portable storage devices (USB or CD/DVD etc). This method allows to bypass security software such as USB security or media control solution installed in the target PC, to extract data or insert malicious code by mounting the PC's storage devices after booting up the portable OS. Also this booting method doesn't record a log file such as traces of removable storage devices. Thus it is difficult to identify whether the data are leaked and use trace-back technique. In this paper is to propose method to help facilitate the process of digital forensic investigation or audit of a company by collecting and analyzing BIOS firmware images that record data relating to BIOS settings in flash memory and finding traces of portable storage devices that can be regarded as abnormal events.

• The Journal of Society for e-Business Studies
• /
• v.17 no.4
• /
• pp.57-68
• /
• 2012

As the functions and technology of IT security solution has been diversified and complicated, it is necessary to make the functions standardized. The common criteria (CC) evaluation and certification scheme was introduced with this background in 2000. For over 10 years after the introduction of CC evaluation and certification scheme, many security solution vendors have developed functions following the security functional requirement in CC. Most of CC evaluators and developers think that CC has helped to enhance the security of the solution. So, it is a right time to prove the affirmative effects of CC in quantity. In this research, we compare two cases, the security status of the solution before and after the experience of CC evaluation, and analyze the results. We made the questionnaire for the domestic solutions vendors. We show that CC has made positive effects on the security of the solution quantitatively using statistical analysis. This research is meaningful security enhancement of domestic security solutions.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.9
• /
• pp.440-446
• /
• 2016

Military secrets or confidential data of any organization are extremely important assets. They must be discluded from outside. To do this, methods for detecting anomalous attacks and intrusions inside the network have been proposed. However, most anomaly-detection methods only cover aspects of intrusion from outside and do not deal with internal leakage of data, inflicting greater damage than intrusions and attacks from outside. In addition, applying conventional anomaly-detection methods to data exfiltration creates many problems, because the methods do not consider a number of variables or the internal network environment. In this paper, we describe issues considered in data exfiltration detection for anomaly detection (DEDfAD) to improve the accuracy of the methods, classify the methods as profile-based detection or machine learning-based detection, and analyze their advantages and disadvantages. We also suggest future research challenges through comparative analysis of the issues with classification of the detection methods.