• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.1C
• /
• pp.107-115
• /
• 2005

ATC (Abnormal traffic controller) is presented as next generation security technology to securely support reliable Internet service and to guarantee network survivability, which is deployed in Internet access point. The key concept of the ATC is abnormal traffic monitoring and traffic control technology. When fault factors exist continuously and/or are repeated, abnormal traffic control guarantees service completeness as much as possible. The ATC with control policy on abnormal traffic is superior to the ATC with blocking policy as well as conventional network node, when the ratio of effective traffic to abnormal traffic is higher than $30{\%}.$ When traffic intended unknown attack occurs, network IDS is high false positive probability and so is limited to apply. In this environment, the ATC can be a key player to help the network node such as router to control abnormal traffic.

• Journal of Digital Convergence
• /
• v.11 no.7
• /
• pp.215-223
• /
• 2013

As cloud computing is activated, a variety of cloud services are being distributed. However, to use each different cloud service, you must perform a individual user authentication process to service. Therefore, not only the procedure is cumbersome but also due to repeated authentication process performance, it can cause password exposure or database overload that needs to have user's authentication information each cloud server. Moreover, there is high probability of security problem that being occurred by phishing attacks that result from different authentication schemes and input scheme for each service. Thus, when you want to use a variety of cloud service, we proposed OpenID based user authentication scheme that can be applied to a multi-cloud environment by the trusted user's verify ID provider.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.48 no.5
• /
• pp.99-106
• /
• 2011

In many applications, wireless sensor networks could be thought as data-centric networks, and the sensor nodes are densely distributed over a large sensor field. The sensor nodes are normally vulnerable in terms of security since they are very often deployed in a hostile environment and open space. In this paper, we propose a scheme for contents-based anomaly detection in wireless sensor networks. In this scheme we use the characteristics of sensor networks where several nodes surrounding an event point can simultaneously detect the phenomenon occurring and the contents detected from these sensors are limited to inside a certain range. The proposed scheme consists of several phases; training, testing and refining phases. Anomaly candidates detected by the distance-based anomaly detection scheme in the testing phase are sent to the refining phase. They are then compared in the sink node with previously collected data set to improve detection performance in the refining phase. Our simulation results suggest the effectiveness of the proposed scheme in this paper evidenced by the improvements of the detection rate and the false positive rate.

• Journal of Korea Society of Industrial Information Systems
• /
• v.12 no.5
• /
• pp.110-119
• /
• 2007

In an extended enterprise, there is a shift to shared services, cosourcing and outsourcing, and extending out to partners, suppliers, and customers to accomplish business objectives more effectively. Along with this critical need, executives should be aware of the need to focus on optimizing the value of their information technology and reducing the related risks. So IT governance is critical, and many companies including spin-off venture are providing IT governance solution, but very little is known about brand management and marketing strategy of IT governance solution provider. The purpose of this study is to investigate brand positioning of IT governance solution company focusing on spin-off venture. The results of this study are summarized as follows. First, brand management is needed in the spin-off venture. second, IT governance solution companies including spin-off venture must provide something more than functional value. That is, they actively seek to emotional or symbolic value for their customers.

• Journal of the Korea Convergence Society
• /
• v.11 no.3
• /
• pp.45-52
• /
• 2020

In this study, we propose a new Relative position pattern unlocking solution based on blind interaction, which is a new unlocking method, and compared it with existing unlocking methods to verify usability and security improvement. And verified the practical value of the proposed new unlocking solution. The relative position pattern unlock method is easily remembered than the numeric code method and is worth practical enough to show a degree of learning ease similar to the drawing pattern method. The new method is safer to steal than other two methods. It can be manufactured at a low cost and can also be used by special users such as blind people. Therefore, the practical value is relatively high.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38A no.4
• /
• pp.295-302
• /
• 2013

In the network coding, throughput can be increased by allowing the transformation of the received data at the intermediate nodes. However, the adversary can obtain more information at the intermediate nodes and make troubles for decoding of transmitted data at the sink nodes by modifying transmitted data at the compromised nodes. In order to resist the adversary activities, various information theoretic or cryptographic secure network coding schemes are proposed. Recently, a secure network coding based on the cryptographic hash function can be used at the random network coding. However, because of the computational resource requirement for cryptographic hash functions, networks with limited computational resources such as sensor nodes have difficulties to use the cryptographic solution. In this paper, we propose a new secure network coding scheme which uses linear transformations and table lookup and safely transmits n-1 packets at the random network coding under the assumption that the adversary can eavesdrop at most n-1 nodes. It is shown that the proposed scheme is an all-or-nothing transform (AONT) and weakly secure network coding in the information theory.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.5
• /
• pp.1073-1080
• /
• 2011

In this paper, we propose a novel digital watermarking method by virtual optics which secures multimedia information such as images, videos and sounds. To secure the multimedia data, we use Fresnel transform which describes the diffraction phenomena of the waves. Also, this method attaches the random phase function to Fresnel transform so that original image and watermark image would be gaussian random vectors. The complex numbers of watermark by Fresnel transform are separated the real part and the imaginary part. The former is embedded in original image as a encoding key imperceptibly and the latter is used for detecting the watermark as a decoding key. This method for digital watermarking ensures that watermark can be successfully registered and extracted from the watermarked image. Further, it provides the robustness to signal processing operation and geometric distortion and proves the strong resilience against cropping attack. The performance evaluation of the experiment is carried out with PSNR, and the numerical simulation results show the efficiency of the proposed method.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.241-244
• /
• 2011

Recently, Due to development of Internet techniques, user suddenly increased that Used of Web services and with out constraints of place and time has been provided. typically, Web services used ID/Password authentication. User confirmed personal data Stored on Web servers after user authorized. web service provider is to provide variety security techniques for the protection personal information. However, recently accident has happened is the malicious attackers may capture user information such as users entered personal information through new keyboard hooking. In this paper, we propose a keyboard hooking protected password input method using CAPTCHA. The proposed password input method is based on entering the password using mouse click or touch pad on the CAPTCHA image. The mapping of CAPTCHA image pixels is random.

• Journal of the Korean Society for Aviation and Aeronautics
• /
• v.17 no.2
• /
• pp.31-40
• /
• 2009

South Korea opened Incheon international airport(IIA) in march 29, 2001, with high expectations of becoming the distribution hub of Northeast Asia and aiming at a world best air hub. IIA compares quite well with any other leading airports in the world in it's facilities for the movement of people and vehicles. However, with the sequence of events following the September, 2001. terrorist attack and the war in Iraq, South Korea, an ally of the US, cannot be considered a safe haven from terrorism. At a point in time when national security is given utmost importance, it is necessary to reevaluate the security of airports, because international terrorism can only occur via air and seaports. Nowadays all the countries of the world have entered into competition for their national interests and innovation of their images. with the increasing role of international airports also comes an increased likelihood as a terrorist target, because it can affect so many people and countries. From the condition of current international terrorism, we can realize that our IIA is not completely safe from a terrorist attack. The major part of counterterrorism is event control process. It's very important for quickly saves an accident and rescues a life of person, In addition for the normalization which the airport operation is prompt. In conclusion, we should secure the legal responsibility and establish and establish a system under which we can work actively in order to implement counter terror activities from being taken an airport.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.1
• /
• pp.167-177
• /
• 2018

As the number of attacks on vehicles has increased, studies on CAN-based security technologies are actively being carried out. However, since the upper layer protocol of CAN differs for each vehicle manufacturer and model, there is a great difficulty in researches such as developing anomaly detection for CAN or finding vulnerabilities of ECUs. In this paper, we propose a method to infer the detailed structure of the data field of CAN frame by analyzing CAN trace to mitigate this problem. In the existing Internet environment, many researches for reverse engineering proprietary protocols have already been carried out. However, CAN bus has a structure difficult to apply the existing protocol reverse engineering technology as it is. In this paper, we propose new field classification methods with low computation-cost based on the characteristics of data in CAN frame and existing field classification method. The proposed methods are verified through implementation that analyze CAN traces generated by simulations of CAN communication and actual vehicles. They show higher accuracy of field classification with lower computational cost compared to the existing method.