• Journal of the Korea Society of Computer and Information
• /
• v.15 no.12
• /
• pp.75-84
• /
• 2010

As broadcasting in Mobile Ad hoc NETwork (MANET) is the process that a node sends a packet to all other nodes in the network. it is used for routing protocols such as Ad hoc On demand Distance Vector (AODV) to disseminate control information for establishing the routes. In this paper, we propose Probabilistic Broadcasting mechanism based on Distance Ratio between sender and receive node in MANETs. The proposed approach is based on the combination of probability and distance based approach. A mobile node receiving broadcast packets determines the probability of rebroadcasting considering distance ratio from sender. The distance ratio of a node is calculated by the distance from sender and the length of radio field strength. As a node with high distance ratio is located far away from sender, rebroadcast probability is set to high value. On contrary, the low rebroadcast probability is set for a node with low distance ratio which is close to sender. So it reduces packets transmission caused by the early die-out of rebroadcast packets. Compared with the simple flooding and fixed probabilistic flooding by simulation, our approach shows better performances results. Proposed algorithm can reduce the rebroadcast packet delivery more than 30% without scanting reachability, where as it shows up to 96% reachability compared with flooding.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.295-303
• /
• 2023

As the cloud computing market grows, a variety of cloud services are now reliably delivered. Administrative agencies and public institutions of South Korea are transferring all their information systems to cloud systems. It is essential to develop security solutions in advance in order to safely operate cloud services, as protecting cloud services from misuse and malicious access by insiders and outsiders over the Internet is challenging. In this paper, we propose a zero trust model for cloud storage services that store sensitive data. We then verify the effectiveness of the proposed model by operating a cloud storage service. Memory, web, and network forensics are also performed to track access and usage of cloud users depending on the adoption of the zero trust model. As a cloud storage service, we use Amazon S3(Simple Storage Service) and deploy zero trust techniques such as access control lists and key management systems. In order to consider the different types of access to S3, furthermore, we generate service requests inside and outside AWS(Amazon Web Services) and then analyze the results of the zero trust techniques depending on the location of the service request.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.1
• /
• pp.123-132
• /
• 2015

In cloud storage, processing the duplicated data, namely deduplication, is necessary technology to save storage space. Users who store sensitive data in remote storage want data be encrypted. However Cloud storage server do not detect duplication of conventionally encrypted data. To solve this problem, Convergent Encryption has been proposed. But it inherently have weakness due to brute-force attack. On the other hand, to save storage space as well as save bandwidths, client-side deduplication have been applied. Recently, various client-side deduplication technology has been proposed. However, this propositions still cannot solve the security problem. In this paper, we suggest a secure source-based deduplication technology, which encrypt data to ensure the confidentiality of sensitive data and apply proofs of ownership protocol to control access to the data, from curious cloud server and malicious user.

• Journal of Digital Convergence
• /
• v.12 no.6
• /
• pp.311-316
• /
• 2014

Social network server due to the popularity of smart phones, and data stored in a big usable access data services are increasing. Big Data Big Data processing technology is one of the most important technologies in the service, but a solution to this minor security state. In this paper, the data services provided by the big -sized data is distributed using a double hash user to easily access to data of multiple distributed hash chain based data processing technique is proposed. The proposed method is a kind of big data data, a function, characteristics of the hash chain tied to a high-throughput data are supported. Further, the token and the data node to an eavesdropper that occurs when the security vulnerability to the data attribute information to the connection information by utilizing hash chain of big data access control in a distributed processing.

• Journal of IKEEE
• /
• v.23 no.4
• /
• pp.1360-1365
• /
• 2019

In this paper, we describe a sound source localization(SSL) system which can be applied to mobile robot and automatic control systems. Usually the SSL method finds the Interaural Time Difference, the Interaural Level Difference, and uses the geometrical principle of microphone array. But here we proposed another approach based on the deep neural network to obtain the horizontal directional angle(azimuth) of the sound source. We pick up the sound source signals from the two microphones attached symmetrically on both sides of the robot to imitate the human ears. Here, we use difference of spectral distributions of sounds obtained from two microphones to train the network. We train the network with the data obtained at the multiples of 10 degrees and test with several data obtained at the random degrees. The result shows quite promising validity of our approach.

• The KIPS Transactions:PartC
• /
• v.9C no.4
• /
• pp.467-472
• /
• 2002

Recently, Networks are required to adopt the security system and security consulting because of security threats and vulnerabilities of systems. Enterprise Security Management (ESM) is a system which establishes the security zone composed of security systems and Firewalls and applies the security policy to each security system. A relevant ESM is based on the effective policy and the proper security system. Particularly, multiple firewalls in ESM are concerned with the security policy about each traffic. In this paper, we describe the problems that can be occurred when we select the firewalls to apply security policy of access control in ESM composed of multiple firewalls and propose the FALCON algorithm, which is able to select the firewalis to apply the policy. We expect that FALCON algorithm offers stability, scalability and compactness for selecting firewall set.

• Smart Media Journal
• /
• v.5 no.4
• /
• pp.9-17
• /
• 2016

Over the next 20 years it will begin the exodus from the Internet and smart phones to the Internet of Things. The heart of IoT gives new utility and value with connectivity among things around people to the human. In future, Industrial environment will be intimately connect all among machines and machines or factories and factories in all processing, and by digitizing of all goods and production life-cycle, which is a combination of virtual world and real world, the digital factory will become reality eventually. The proposed IoT or IIoT based Download OTA (Over-the-Air) provides a flexible mechanism for downloading Media objects of any type and size from a network. Moreover, proposed IoT based DLOTA provides a part of security by lightweight encryption, OTP, and CapBAC technique.

• Journal of Internet Computing and Services
• /
• v.2 no.4
• /
• pp.41-53
• /
• 2001

Multi-distributed web cluster model built for high availability E-Business model exposes internal system nodes on its structural characteristics and has a potential that normal job performance is impossible due to the intentional prevention and attack by an illegal third party. Therefore, the security system which protects the structured system nodes and can correspond to the outflow of information from illegal users and unfair service requirements effectively is needed. Therefore the suggested distributed invasion detection system is the technology which detects the illegal requirement or resource access of system node distributed on open network through organic control between SC-Agents based on the shared memory of SC-Server. Distributed invasion detection system performs the examination of job requirement packet using Detection Agent primarily for detecting illegal invasion, observes the job process through monitoring agent when job is progressed and then judges the invasion through close cooperative works with other system nodes when there is access or demand of resource not permitted.

• Journal of Digital Convergence
• /
• v.13 no.1
• /
• pp.263-268
• /
• 2015

Put your information in the object-based sensors and mobile networks has been developed that correlate with ubiquitous information technology as the development of IT technology. However, a security solution is to have the data stored in the server, what minimal conditions. In this paper, we propose a data management method is applied to a hash chain of the properties of the multiple techniques to the data used by the big user and the data services to ensure safe handling large amounts of data being provided in the big data services. Improves the safety of the data tied to the hash chain for the classification to classify the attributes of the data attribute information according to the type of data used for the big data services, functions and characteristics of the proposed method. Also, the distributed processing of big data by utilizing the access control information of the hash chain to connect the data attribute information to a geographically dispersed data easily accessible techniques are proposed.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.11
• /
• pp.2067-2072
• /
• 2016

Recently, due to the development of attack techniques that can circumvent existing information protection systems, continuous threats in a form unrecognized by the user have threatened information assets. Therefore, it is necessary to support the prompt responses to anticipated attempts of APT attacks, bypass access attacks, and encryption packet attacks, which the existing systems have difficulty defending against through a single response, and to continuously monitor information protection systems with a defense strategy based on Indicators of Attack (IOA). In this paper, I suggest a centralized intelligent information protection system to support the intelligent response to a violation by discerning important assets through prevention control in a performance impact assessment about information properties in order to block the attack routes of APT; establishing information control policies through weakness/risk analyses in order to remove the risks in advance; establishing detection control by restricting interior/exterior bypass networks to server access and monitoring encrypted communications; and lastly, performing related corrective control through backup/restoration.