• Journal of Convergence for Information Technology
• /
• v.9 no.10
• /
• pp.9-15
• /
• 2019

Recently, in the field of next-generation e-commerce and finance, interest in blockchain-based technologies such as Bitcoin and Ethereum is great. Although the security of blockchain technology is known to be secure, hacking incidents / accidents related to cryptocurrencies are being issued. The main causes were vulnerabilities in the external environment, such as taking over login sessions on cryptocurrency wallets, exposing private keys due to malware infection, and using simple passwords. However, private key management recommends general methods such as utilizing a dedicated application or local backup and physical archiving through document printing. In this paper, we propose a white box password-based private key protection scheme. As a result of safety and performance analysis, we strengthened the security against vulnerability of private key exposure and proved the processing efficiency of existing protocol.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.1
• /
• pp.57-70
• /
• 1999

Since a hybrid firewall filters packets at a network layer along with providing gateway functionalities at an application layer, it has a better performance than an If filtering firewall. In addition, it provides both the various kinds of access control mechanisms and transparent services to users. However, the security policies of a network layer are different from those of an application layer. Thus, the user interfaces for managing a hybrid firewalls in a consistent manner are needed. In this paper, we implement a graphical user interface to provide access control mechanisms and management facilities for a hybrid firewall such as log analysis, a real-time monitor for network traffics, and the statisics on traffics. And we also propose a new rule script language for specifying access control rules. By using the script language, users can generate the various forma of access control rules which are adapted by the existing firewalls.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.225-238
• /
• 2012

Among the various security threats in online games, the use of game bots is the most serious problem. In this paper, we propose a framework for user behavior analysis for bot detection in online games. Specifically, we focus on party play that reflects the social activities of gamers: In a Massively Multi-user Online Role Playing Game (MMORPG), party play log includes a distinguished information that can classify game users under normal-user and abnormal-user. That is because the bot users' main activities target on the acquisition of cyber assets. Through a statistical analysis of user behaviors in game activity logs, we establish the threshold levels of the activities that allow us to identify game bots. Also, we build a knowledge base of detection rules based on this statistical analysis. We apply these rule reasoner to the sixth most popular online game in the world. As a result, we can detect game bot users with a high accuracy rate of 95.92%.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.5
• /
• pp.157-163
• /
• 2022

As the online game market grows, the use of game bots is causing the most serious problem for game services. We propose a harvest coordinate analysis model to detect harvesting bots among game bots of the Massively Multiplayer Online Role-Playing Games(MMORPGs) genre. The proposed model analyzes the player's harvesting behavior using the coordinate data. Game bots can obtain in-game goods and items more easily than normal players and are not affected by realistic restrictions such as sleep time and character manipulation fatigue. As a result, there is a difference in harvesting coordinates between normal players and game bots. We divided the coordinate zones and used these coordinate zone differences to distinguish between game bot players and normal players. We created a dataset with NCSoft's AION log and applied it to a random forest model to detect game bots, and as a result, we derived performance with a recall of 0.72 and a precision of 0.92.

• Information Systems Review
• /
• v.22 no.4
• /
• pp.135-161
• /
• 2020

With the growth of blockchain and cryptocurrency-related markets, cryptocurrency exchanges are growing as a new industry. However, as the legal and regulatory definitions of cryptocurrencies are still in progress, unlike existing industrial groups, they are not under the supervision of regulatory agencies. As a result, users (i.e., cryptocurrency investors) have suffered two types of damage that could occur from hacking and other accidents on the exchanges. One type of the damage is the loss of assets caused by the extortion of personal information or account and the other is the damage from users who might be involved in external frauds. Both are analyzed in comparison with existing operators whose functions are like the exchanges. The results of this study show that membership (KYC: Know Your Client), log-in, and additional authentication in transactions are on the similar level to those of the operators while the fraud detection system (FDS) and anti-money laundering (AML) of fiat currencies and cryptocurrencies need rapid improvement.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.3
• /
• pp.563-572
• /
• 2016

Recently, a plenty of credit card payment protocols have been proposed in Korea. Several features of proposed protocols include: using passwords for user authentication in stead of official certificate for authenticity, and no need to download additional security module via ActiveX into user's devices. In this paper, we suggest two new credit card payment protocols that use both SSL(Security Socket Layer) as a standardized secure transaction protocol and password authentication to perform online shopping and payment. The first one is for the case where online shopping mall is different from PG(Payment Gateway) and can be compared to PayPal-based payment methods, and the second one is for the case where online shopping mall is the same as PG and thus can be compared to Amazon-like methods. Two proposed protocols do not require users to perform any pre-registration process which is separate from an underlying shopping process, instead users can perform both shopping and payment into a single process in a convenient way. Also, users are asked to input a distinct payment password, which increases the level of security in the payment protocols. We believe that two proposed protocols can help readers to better understand the recent payment protocols that are suggested by various vendors, and to analyze the security of their payment protocols.

• Convergence Security Journal
• /
• v.21 no.3
• /
• pp.75-80
• /
• 2021

This study provided personnel and recruitment information related to job offer and job hunting, and proposed a non-face-to-face platform that can facilitate matching of one-time services as well as periodic services. The existing recruitment and job search method for personal assistant of the disabled is a one-way matching method in which a person in charge of the service providing centers assigns an activity assistant belonging to the institution when a consumer requests an personal assistant service, so the choice of job seekers is very weak. The job matching platform of the activity assistant for the disabled can be logged in separately by dividing users and separating them into the interface of the disabled or the disabled family members (job seekers) and activity assistants for the disabled (job seekers). Search for job offer and job seekers that meet their respective conditions, and real-time bidirectional decision-making through the chat function, and when the activity assistance service is completed, recruiters and job seekers can write service reviews and evaluations from their own point of view. The real-time interactive decision-making matching platform will also help minimize blind spots where it is difficult to provide services when short-term or one-time assistance is needed.

• Journal of Platform Technology
• /
• v.11 no.3
• /
• pp.32-44
• /
• 2023

A blockchain bridge (hereinafter referred to as "bridge") is a service that enables the transfer of assets between blockchains. A bridge accepts virtual assets from users and delivers the same virtual assets to users on other blockchains. Users use bridges because they cannot transfer assets to other blockchains in the usual way because each blockchain environment is independent. Therefore, the movement of assets through bridges is not traceable in the usual way. If a malicious actor moves funds through a bridge, existing asset tracking tools are limited in their ability to trace it. Therefore, this paper proposes a method to obtain information on bridge usage by identifying the structure of the bridge and analyzing the event logs of bridge requests. First, to understand the structure of bridges, we analyzed bridges operating on Ethereum Virtual Machine(EVM) based blockchains. Based on the analysis, we applied the method to arbitrary bridge events. Furthermore, we created an automated tool that continuously collects and stores bridge usage information so that it can be used for actual tracking. We also validated the automated tool and tracking method based on an asset transfer scenario. By extracting the usage information through the tool after using the bridge, we were able to check important information for tracking, such as the sending blockchain, the receiving blockchain, the receiving wallet address, and the type and quantity of tokens transferred. This showed that it is possible to overcome the limitations of tracking asset movements using blockchain bridges.

• The Journal of the Korea Contents Association
• /
• v.9 no.8
• /
• pp.64-72
• /
• 2009

AMR(Automatic Meter Reading), which means that it reads the meter of electricity, gas, or water, etc at a remote place automatically through wired or wireless communication, has been studied in terms of Power Line Communication method and Local Area Wireless Communication method, etc. In this paper, we designed and implemented JCA(Java Card for AMR) capable of AMR, which is based on java Card technology indispensable to the ubiquitous world. In this paper, JCA follows standard transactional procedures offered by power supply company and manages power usage log and billing data, and is designed in order to satisfy EMV multi-functional specifications. Because JCA is a multi-functional smart card capable of post-issuance applets as an open platform, it is installed into other applications of affiliated concerns as well as credit card and traffic card applications. Not only the proposed JCA is a low cost system, compared to other AMR systems, but is capable of paying rates in advance or later by applying authentication and security function of java Card. In addition the proposed JCA system can create value added services such as affiliated services with corporate alliance.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.24 no.5
• /
• pp.495-503
• /
• 2014

In recent days, a study of the intrusion detection system collecting and analyzing network data, packet or logs, has been actively performed to response the network threats in computer security fields. In particular, Bayesian network has advantage of the inference functionality which can infer with only some of provided data, so studies of the intrusion system based on Bayesian network have been conducted in the prior. However, there were some limitations to calculate high detection performance because it didn't consider the problems as like complexity of the relation among network packets or continuos input data processing. Therefore, in this paper we proposed two methodologies based on K-menas clustering to improve detection rate by reforming the problems of prior models. At first, it can be improved by sophisticatedly setting interval range of nodes based on K-means clustering. And for the second, it can be improved by calculating robust CPT through applying weighted-leaning based on K-means clustering, too. We conducted the experiments to prove performance of our proposed methodologies by comparing K_WTAN_EM applied to proposed two methodologies with prior models. As the results of experiment, the detection rate of proposed model is higher about 7.78% than existing NBN(Naive Bayesian Network) IDS model, and is higher about 5.24% than TAN(Tree Augmented Bayesian Network) IDS mode and then we could prove excellence our proposing ideas.