• Journal of the Korea Society for Simulation
• /
• v.20 no.3
• /
• pp.69-78
• /
• 2011

A large-scale sensor network usually operates in open and unattended environments, hence individual sensor node is vulnerable to various attacks. Therefore, malicious attackers can physically capture sensor nodes and inject false reports into the network easily through compromised nodes. These false reports are forwarded to the base station. The false report injection attack causes not only false alarms, but also the depletion of the restricted energy resources in a battery powered network. The statistical en-route filtering (SEF) mechanism was proposed to detect and drop false reports en route. In SEF, the choice of routing paths largely affect the energy consumption rate and the detecting power of the false report. To sustain the secure routing path, when and how to execute the path re-selection is greatly need by reason of the frequent network topology change and the nodes's limitations. In this paper, the regional path re-selection period determination method is proposed for efficient usage of the limited energy resource. A fuzzy logic system is exploited in order to dynamically determine the path re-selection period and compose the routing path. The simulation results show that up to 50% of the energy is saved by applying the proposed method.

• Information Systems Review
• /
• v.20 no.4
• /
• pp.43-57
• /
• 2018

We propose network effects upon the investment decision of cloud-based ERP. Using the survey data collected from 82 companies in 2015, we examine whether IT managers have an intention to adopt real options in order to manage the risk of cloud-based ERP investments and how the network effects influence upon the intention to adopt real options. Based on prior literature, we propose a research model with 4 hypotheses. We find partial support of the hypotheses from the empirical analysis: technological risks has a positive impact upon the adoption of real options such as defer, contract, and abandon. In contrast, we find no significant impact of security risks upon real options. We validate positive network effects upon the adoption of real options such as defer, contract, and abandon. This work empirically find that IT managers in Korean middle and small sized firms have an intention to adopt real options when the managers realize economic, technological, and relationship risks and when they expect network effects.

• Journal of the Korea institute for structural maintenance and inspection
• /
• v.28 no.3
• /
• pp.100-107
• /
• 2024

Currently, in Korea, due to the rapid aging and deterioration of facilities, the minimum Maintenance Level and Performance Level' of facilities are required by the 'Facility Safety Act' or 'Infrastructure Management Act'. Since infrastructure assets have a long lifespan and the pattern of deterioration over time is complex, it is very difficult to maintain infrastructure as 'minimum maintenance state' or 'minimum performance state' by the current way of management. 'Asset Management' shall be performed not only by a technical perspective, but also by an accounting perspective such as cost and asset value. However, due to lack of awareness of 'asset management' among stakeholder, only technical perspective management is being carried out in practice. In order to effectively manage infrastructure assets, complex consideration of various asset value factors such as budget and service as well as safety and durability are required. In this paper, we presented a theory to evaluate and quantify the road network value for efficient asset management of the road network. We also presented a method of simulation to apply the theory presented in this paper. Through simulation and the results derived from this study, it is possible to specify the budget for the future national asset management, and to optimize the strategy for the management of old road facilities.

• KIPS Transactions on Computer and Communication Systems
• /
• v.6 no.4
• /
• pp.197-202
• /
• 2017

The remote healthcare monitoring system enables a doctor to diagnose and monitor patient's health problem from a distance. Previous researches have focused on key establishment method between a patient and a particular doctor to solve personal health information disclosure problem in data transmission process. However, when considering a misdiagnosis of doctor, the result of a diagnosis by a many doctors is more reliable. In previous work, in order to select multiple doctors, patient should generate shared key for each chosen doctor and perform many times encryptions. Therefore, in this paper, we propose a secure data transmission protocol for receiving diagnosis from multiple doctors using identity-based proxy re-encryption scheme. In proposed protocol, a patient don't need key management work for session key. Also, monitoring server performs re-encryption process on behalf of patient. So, we can reduce computational burden of patient in previous work.

• Convergence Security Journal
• /
• v.6 no.4
• /
• pp.141-151
• /
• 2006

The destructive power of cyber threat arrived to until the phase which it threatens to direct and seriously in national security undergoes an important national institutuin hacking event of 2004 and Internet paralysis accidents of 2003. 1. 25. So Cyber terror and Cyber warfare is not the hypothetical enemy situation. It is more actual security situation and identify as magnification of warfare concept of incapacitation national important ability include military command system of the adversary, communication, energy, finance and transportation system. consequently, with the progress of cyber threat, it is necessary that looking at a number of general plan to make up for the weak points in cyber warfare operation system. Thus, the focus of this study is to examine new ways of developing a comprehensive cyber security management system.

• Journal of the Institute of Convergence Signal Processing
• /
• v.8 no.1
• /
• pp.51-57
• /
• 2007

In this paper we introduce the concept of MPLS-based VPN and propose a scheme for providing VPN services in MPLS networks. Furthermore, we design the control components and the operational procedures and evaluated the performance of traditional VPN implementation methods and MPLS-based VPN. In this scheme it is possible to solve several problems that IP-based VPN pertains via the allocation of VPN ID and virtual space without tunneling, thereby providing effective VPN services. In other words, the MPLS-based VPN scheme uses MPLS networking technology together with the PSTN which can achieve a perfect segregation of user traffic on per-customer basis in a physical link and can guarantee high reliability and security levels. Specially, in the perspective of customers, it can save networking facilities installation and maintenance costs considerably. On the contrary, it possesses some shortcomings in that its deployment tends to be restricted within an ISP's network boundary and it is vulnerable to external security break-ins when going through public networks such as the Internet due to its lack of data encryption capability.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.3
• /
• pp.35-45
• /
• 2013

MANET has a weak point because it allows access from not only legal nodes but also illegal nodes. Most of the MANET researches had been focused on attack on routing path or packet forwarding. Nevertheless, there are insuffcient studies on a comprehensive approach to detect various attacks on malicious nodes at packet forwarding processes. In this paper, we propose a technique, named DTecBC (detection technique of malicious node behaviors based on collaboration), which can handle more effciently various types of malicious node attacks on MANET environment. The DTecBC is designed to detect malicious nodes by communication between neighboring nodes, and manage malicious nodes using a maintain table. OPNET tool was used to compare with Watchdog, CONFIDANT, SRRPPnT for verifying effectiveness of our approach. As a result, DTecBC detects various behaviors of malicious nodes more effectively than other techniques.

• Journal of KIISE:Information Networking
• /
• v.29 no.1
• /
• pp.77-85
• /
• 2002

The surge in use of networks has recently increased demands for cryptography. Cryptography, however, can cause various problems because of difficulty of key management. A lot of researchers have been concentrating on the key recovery technique to eliminate the reverse effect of using these kinds of security and to promote positive aspects of using it. They have suggested many key recovery techniques up to the present. we propose a mechanism as a solution, which are employed to reduce the time needed to reconnect SG and the host in Host-to-Gateway in VPNs supporting IPsec, in case they are disconnected. This new mechanism using KRFSH stores information at each session in advance so that users can recall the session information when needed to rebuild the tunnel between SG and the host in a VPN. As a result, the mechanism built into SG will solve the problems above in host-to-gateway VPNs using IPsec.

• Journal of Information Technology and Architecture
• /
• v.11 no.2
• /
• pp.175-185
• /
• 2014

This study is based on the information security management system, the threat from mobile office, mobile office configuration item type, vulnerability analysis and control at the level of the current possibilities for technology to its purpose. To perform exploratory study for mobile Office to target the new technology, we were used the integrated research methods such as the documentary survey, expert FGI and real user's survey. To identify the main risk areas of mobile office services, we develop the mobile service layer model that separated the place, terminal, network, server according to service deliverly system. Finally, the result of survey for threats and vulnerabilities showed that the control of the terminal of user is a significant.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.1
• /
• pp.5-14
• /
• 2018

With the advance of the 4th industrial revolution, Internet of Things (IoT) technology is actively being studied. In the era of the IoT, a decentralized operation is required to reduce load on servers and enable autonomous IoT data communication rather than focusing on centralized operation of being server client structures. This paper analyzes the security of a blockchain, a new form of distributed database platform that supports integrity and permanence of data. To achieve this, we divide the blockchain's major operations into a consensus process, network communication process, and key management process, and then describe possible attacks and countermeasures in each process. We also describe the attack occurred in typical cryptocurrency platforms such as Bitcoin and Ethereum.