• Title/Summary/Keyword: 보안규칙

Search Result 252, Processing Time 0.027 seconds

Design Method of Things Malware Detection System(TMDS) (소규모 네트워크의 IoT 보안을 위한 저비용 악성코드 탐지 시스템 설계 방안 연구)

  • Sangyoon Shin;Dahee Lee;Sangjin Lee
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.33 no.3
    • /
    • pp.459-469
    • /
    • 2023
  • The number of IoT devices is explosively increasing due to the development of embedded equipment and computer networks. As a result, cyber threats to IoT are increasing, and currently, malicious codes are being distributed and infected to IoT devices and exploited for DDoS. Currently, IoT devices that are the target of such an attack have various installation environments and have limited resources. In addition, IoT devices have a characteristic that once set up, the owner does not care about management. Because of this, IoT devices are becoming a blind spot for management that is easily infected with malicious codes. Because of these difficulties, the threat of malicious codes always exists in IoT devices, and when they are infected, responses are not properly made. In this paper, we will design an malware detection system for IoT in consideration of the characteristics of the IoT environment and present detection rules suitable for use in the system. Using this system, it will be possible to construct an IoT malware detection system inexpensively and efficiently without changing the structure of IoT devices that are already installed and exposed to cyber threats.

Adaptive Data Hiding Techniques for Secure Communication of Images (영상 보안통신을 위한 적응적인 데이터 은닉 기술)

  • 서영호;김수민;김동욱
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.29 no.5C
    • /
    • pp.664-672
    • /
    • 2004
  • Widespread popularity of wireless data communication devices, coupled with the availability of higher bandwidths, has led to an increased user demand for content-rich media such as images and videos. Since such content often tends to be private, sensitive, or paid for, there exists a requirement for securing such communication. However, solutions that rely only on traditional compute-intensive security mechanisms are unsuitable for resource-constrained wireless and embedded devices. In this paper, we propose a selective partial image encryption scheme for image data hiding , which enables highly efficient secure communication of image data to and from resource constrained wireless devices. The encryption scheme is invoked during the image compression process, with the encryption being performed between the quantizer and the entropy coder stages. Three data selection schemes are proposed: subband selection, data bit selection and random selection. We show that these schemes make secure communication of images feasible for constrained embed-ded devices. In addition we demonstrate how these schemes can be dynamically configured to trade-off the amount of ded devices. In addition we demonstrate how these schemes can be dynamically configured to trade-off the amount of data hiding achieved with the computation requirements imposed on the wireless devices. Experiments conducted on over 500 test images reveal that, by using our techniques, the fraction of data to be encrypted with our scheme varies between 0.0244% and 0.39% of the original image size. The peak signal to noise ratios (PSNR) of the encrypted image were observed to vary between about 9.5㏈ to 7.5㏈. In addition, visual test indicate that our schemes are capable of providing a high degree of data hiding with much lower computational costs.

Research of generate a test case to verify the possibility of external threat of the automotive ECU (차량 ECU의 외부 위협성 가능성을 검증하기 위한 테스트 케이스 생성 연구)

  • Lee, Hye-Ryun;Kim, Kyoung-Jin;Jung, Gi-Hyun;Choi, Kyung-Hee
    • Journal of the Korea Society of Computer and Information
    • /
    • v.18 no.9
    • /
    • pp.21-31
    • /
    • 2013
  • ECU(Electric Control Unit) on the important features of the vehicle is equipped, ECU between sending and receiving messages is connected to one of the internal network(CAN BUS), but this network easily accessible from the outside and not intended to be able to receive attacks from an attacker, In this regard, the development of tools that can be used in order to verify the possibility of attacks on attacks from outside, However, the time costs incurred for developing tools and time to analyze from actual car for CAN messages to be used in the attack to find. In this paper, we want to solve it, propose a method to generate test cases required for the attack is publicly available tool called Sulley and it explains how to find the CAN messages to be used in the attack. Sulley add the CAN messages data generated library files in provided library file and than Sulley execute that make define and execute file conform to the CAN communication preferences and create message rules. Experiments performed by the proposed methodology is applied to the actual car and result, test cases generated by the CAN messages fuzzing through Sulley send in the car and as a result without a separate tool developed was operating the car.

A Method of Generating Changeable Face Template for Statistical Appearance-Based Face Recognition (통계적 형상 기반의 얼굴인식을 위한 가변얼굴템플릿 생성방법)

  • Lee, Chul-Han;Jung, Min-Yi;Kim, Jong-Sun;Choi, Jeung-Yoon;Kim, Jai-Hie
    • Journal of the Institute of Electronics Engineers of Korea SP
    • /
    • v.44 no.2 s.314
    • /
    • pp.27-36
    • /
    • 2007
  • Changeable biometrics identify a person using transformed biometric data instead of original biometric data in order to enhance privacy and security in biometrics when biometric data is compromised. In this paper, a novel scheme which generates changeable face templates for statistical appearance-based face recognition is proposed. Two different original face feature vectors are extracted from two different appearance-based approaches, respectively, each original feature vector is normalized, and its elements are re-ordered. Finally a changeable face template is generated by weighted addition between two normalized and scrambled feature vectors. Since the two feature vectors are combined into one by a two to one mapping, the original two feature vectors are not easily recovered from the changeable face template even if the combining rule is known. Also, when we need to make new changeable face template for a person, we change the re-ordering rule for the person and make a new feature vector for the person. Therefore, the security and privacy in biometric system can be enhanced by using the proposed changeable face templates. In our experiments, we analyze the proposed method with respect to performance and security using an AR-face database.

The Genealogical Study on SWIFTNet Trade Service Utility and Bank Payment Obligation (SWIFTNet TSU BPO의 계보학적 연구)

  • Lee, Bong-Soo
    • International Commerce and Information Review
    • /
    • v.18 no.3
    • /
    • pp.3-21
    • /
    • 2016
  • The thesis examines genealogical study of various aspects to overcome lots of problems which come by when we execute SWIFTNet TSU BPO. Practical implications regarding the innovation of electronic trade infrastructure are as follows. First, the shipping documents in the SWIFTNet TSU BPO are directly sent to an importer by an exporter after the baseline is confirmed. With this process itself, therefore, the bank cannot secure the account receivable. When initiating the SWIFTNet TSU BPO deal, it is needed to set regulations on the bank's account receivable security in the contract. Second, the SWIFTNet TSU BPO should also have an institutionally unified sharing platform with security, stability and convenience. It other words, it is needed to develop services which meet e-payment paradigm and international environments through continued analysis on market changes and flow. Third, the SWIFTNet TSU is useful in terms of promptness, reduction of risk in foreign exchange payment, cost reduction. Therefore, the SWIFT should be perfectly united and linked among the banks, importer and exporter to make the SWIFTNet TSU more convenient in countries around the world. Fourth, the SWIFT should be approached from the aspect of expansion of network and creation of a new business model through analysis on these problems with a worldwide perspective. At the same time, it is necessary to build a cooperative system to share information and promote comprehensive management for efficient operation.

  • PDF

A Study on the Police Station for Adoption of Local Police System (지역경찰관서 설치에 관한 연구)

  • Park, Chan-Hyeok;Jung, Eui-Rom
    • The Journal of the Korea Contents Association
    • /
    • v.18 no.8
    • /
    • pp.536-543
    • /
    • 2018
  • In 2003, the local police system was adopted, and the personnel and installation of local police agencies were subsequently changed. According to the "Police Law", local police station shall be established under the control of chief of police department, and the criteria for the installation of local police stations were to take into consideration of population, administrative districts, area, geographical characteristics, traffic and other conditions. The chief of local police has the authority to install district police station according to the "National Police Agency and its Organization". However, it is hard to say they were applied. Futhermore, it is inappropriate to apply the laws and regulations equally across the nation. Also, it has been criticized for its difficulties of patrolling, the weakened relationship with local residents, and poor quality of security services in rural areas. Therefore, this study suggests that the criteria for the installation of the police station should be made through a comprehensive analysis of the characteristics of the areas and security needs.

Development Plan of Safety Management on Intelligent Robot (지능형 로봇에 대한 안전관리 발전방안)

  • Ju, Il-Yeop
    • Korean Security Journal
    • /
    • no.26
    • /
    • pp.89-119
    • /
    • 2011
  • The purpose of this study is to progress the development plan of safety management on the intelligent robot through safety analysis on the intelligent robot, major present condition of safety management on the intelligent robot, enforcement method of safety management on the intelligent robot. The following is the result of the study. First, we have to establish the provision or the special legislation to regulate the safety management of the intelligent robot substantially in the intelligent robot development and supply promotion law, the enforcement ordinance, the enforcement regulation. And, we should propel to establish the provision on the safety management of the intelligent robot in the laws related on ethics and safety. Second, we should establish the Robot Ethical Charter through the national and international agreement to give a guarantee against the safety management of the intelligent robot. Furthermore, we have to induces people's interest on the safety management of the intelligent robot through offering the public information of the Robot Ethical Charter for coexistence of human and robot and have to understand about rights of the intelligent robot. Third, the security industry and learned circles have to recognize the important effect that the intelligent robot gets in the security industry and try to grope the safety management and the application plan on the intelligent robot. Also, the security industry and learned circles should concern not only using and managing of the intelligent robot including the military robot, the security robot but also protecting human from the intelligent robot.

  • PDF

A Study on functional priority of smart home service for single-person household - focusing on Perceived Attributes of Innovations - (1인 가구를 위한 스마트 홈 서비스 기능의 우선순위 연구 - 인지된 혁신 특성 요인을 중심으로 -)

  • Lim, Se Eun;Park, Seung Ho
    • Design Convergence Study
    • /
    • v.15 no.2
    • /
    • pp.37-52
    • /
    • 2016
  • The purpose of this study is to suggest functional priority to increase probability to be adopted by single-person household by designating single-person household as potential early adopter of smart home service. Smart home service is spread slowly for its value. This study applied diffusion of innovations theory to solve this problem. Single-person household who has no other family member who can take care of household is chosen as potential early adopter. This study tried to find grounds of functional priorities through an online survey. The survey questionnaires were composed as following. First, representative attributes of single- person household were reviewed, then measuring questions according to the attributes were recomposed based upon preceding study. After that, concept and status of smart home service were reviewed. and smart home service functions to be measured in this study were selected through analysis based upon representative cases, then Measuring questionnaire were made were three factors which chosen by referring to preceding study about perceived attributes of innovations applied to selected functions. As a result of analyzed 62 responses, except excluded functions which has perceived any special value, set priorites with 9 functions. These functional priorities obtained from these studies will play a role as fundamental data to provide valuable service to single-person household and have a meaning as a starting point to increase rate of adoption for smart home service.

The Relationship with Electronic Trust, Web Site Commitment and Service Transaction Intention in Public Shipping B2B e-marketplace (해운 B2B e-marketplace의 전자적 신뢰, 사이트몰입 및 서비스 거래의도와의 관계성)

  • Kim, Yong-Man;Kim, Seog-Yong;Lee, Jong-Hwan;Shim, Gyu-Yeol
    • Journal of Global Scholars of Marketing Science
    • /
    • v.17 no.4
    • /
    • pp.113-139
    • /
    • 2007
  • This study aims to, looking from a standpoint of network, has investigated the shipping industry's B2B e-marketplace, the characteristics that can earn electronic trust from the users, and characteristics of the web-site. It has examined the mechanism whereby electronic trust be earned and how it affects web-site involvement and service transaction intention. Ultimately, The study attempts to make proposals whereby such trust can lead for a cooperative trading community in the shipping industry's B2B e-marketplace The Covalence structural equation modeling was designed and empirically tested for the shipping industry's B2B e-marketplace. The shipping industry employees were given questionnaires and data were analyzed. Except for perceived security of the three characteristic factors on the web-site, the perceived site quality and characteristics factors in operation only affected co-variables. Transaction Fairness was determined to be the most important factor among exogenous factors increasing electronic trust. With regards to transaction rules, if a transaction is beneficial only to one side, then no long term transaction will not take place. If the concerned parties properly recognize that transaction fairness is crucial to electronic transaction, then it will enormously contribute to successful operations of shipping e-marketplace. Also, Perceived efficiency in transaction also affects electronic trust. This reduces transaction costs and speeds up and simplifies the transaction process. It has reduced greater time and costs than existing off-line transaction, and would positively affect electronic trust. By making an open forum for participants to obtain information for transaction, they can gather useful information, and at the same time, the web-site operator can provide information, which, in turn, will increase electronic trust in electronic transaction. Furthermore, such formation of trust in electronic transaction influences shipping companies in such a way that they will want to continuously participate in the transaction, raising web-site involvement. The result of increased trust is that shipping companies in the future will do business with each other and form a foundation for continuous transactions amongst themselves. Consequently, the formation of trust in electronic transaction greatly influences web-site involvement and service transaction intention. The results of the study have again proved that in order to maintain continuous business relationship with the current clients, electronic trust in virtual space, which operates the shipping industry's B2B e-marketplace, is important for the interested parties.

  • PDF

A Study on the Legislation for the Commercial and Civil Unmanned Aircraft System Operation (국내 상업용 민간 무인항공기 운용을 위한 법제화 고찰)

  • Kim, Jong-Bok
    • The Korean Journal of Air & Space Law and Policy
    • /
    • v.28 no.1
    • /
    • pp.3-54
    • /
    • 2013
  • Nowadays, major advanced countries in aviation technology are putting their effort to develop commercial and civil Unmanned Aircraft System(UAS) due to its highly promising market demand in the future. The market scale of commercial and civil UAS is expected to increase up to approximately 8.8 billon U.S. dollars by the year 2020. The usage of commercial and civil UAS covers various areas such as remote sensing, relaying communications, pollution monitoring, fire detection, aerial reconnaissance and photography, coastline monitoring, traffic monitoring and control, disaster control, search and rescue, etc. With the introduction of UAS, changes need to be made on current Air Traffic Management Systems which are focused mainly manned aircrafts to support the operation of UAS. Accordingly, the legislation for the UAS operation should be followed. Currently, ICAO's Unmanned Aircraft System Study Group(UASSG) is leading the standardization process of legislation for UAS operation internationally. However, some advanced countries such as United States, United Kingdom, Australia have adopted its own legislation. Among these countries, United States is most forth going with President Obama signing a bill to integrate UAS into U.S. national airspace by 2015. In case of Korea, legislation for the unmanned aircraft system is just in the beginning stage. There are no regulations regarding the operation of unmanned aircraft in Korea's domestic aviation law except some clauses regarding definition and permission of the unmanned aircraft flight. However, the unmanned aircrafts are currently being used in military and under development for commercial use. In addition, the Ministry of Land, Infrastructure and Transport has a ambitious plan to develop commercial and civil UAS as Korea's most competitive area in aircraft production and export. Thus, Korea is in need of the legislation for the UAS operation domestically. In this regards, I personally think that Korea's domestic legislation for UAS operation will be enacted focusing on following 12 areas : (1)use of airspace, (2)licenses of personnel, (3)certification of airworthiness, (4)definition, (5)classification, (6)equipments and documents, (7)communication, (8)rules of air, (9)training, (10)security, (11)insurance, (12)others. Im parallel with enacting domestic legislation, korea should contribute to the development of international standards for UAS operation by actively participating ICAO's UASSG.

  • PDF