• Proceedings of the Korea Information Processing Society Conference
• /
• 2012.11a
• /
• pp.1076-1079
• /
• 2012

스마트폰의 사용이 생활에 필수적인 요소가 되었다. 스마트폰 특징의 가장 핵심적인 부분이 다양한 콘텐츠를 사용자의 취향에 맞게 선택 할 수 있다는 점이기에 스마트폰의 콘텐츠 시장 또한 빠르게 커지고 있다. 오픈 마켓인 안드로이드의 특성 상 누구나 어플리케이션을 만들어 원하는 곳에 배포할 수 있고 어플리케이션을 다운받을 수 있는 소스도 한정되어 있지 않기 때문에 스마트폰 보안을 위협하는 악의적인 어플리케이션에 노출되기 쉽다. 개인적인 정보가 저장되어 있는 핸드폰의 특징 상 악성코드에 노출 될 경우 전화번호부 유출로 인한 인한 스팸이나 피싱에서 크게는 금융정보 유출까지, 입을 수 있는 피해가 크다. 이를 방지하기 위해 클라우드 컴퓨팅을 이용해 단계적으로 악의적인 어플리케이션을 걸러 내고 클라우드 서버에 어플리케이션 실행 환경을 제공함으로써 사용자의 기기를 안전하게 보호 할 수 있는 시스템을 제안한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.5
• /
• pp.147-157
• /
• 2003

We often use cryptographic systems on small devices such as mobile phones, smart cards and so on. But such devices are delicate against the tlreat of key exposure of secret keys. To reduce the damage caused by exposure of secret keys stored on such devices, the concept of forward security is introduced. In this Paper, we present a new forward secure signature scheme based on Gap Diffie-Hellman groups. Our scheme achieves security against chosen-message attacks under the computational Diffie-Hellman assumption in the random oracle model.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.6
• /
• pp.1323-1330
• /
• 2010

The amount of acoustic data gathered from the acoustic data gathering system is increased dramatically as the acoustic data gathering system become various and highly effective. It is needed to transmit this acoustic data to analysis environment for precise analysis. In this gathering/analysis system, it is also needed the stable transmitting as well as highly perfect security. But the existing system using the conveying method needs a lot of time. In case of using networks, the low speed networking vulnerable in the stable transmitting and the information security is impossible to materialize. In this paper, I would like to propose a transmitting and management system sending a massive gathering acoustic data in the unsecurity and low speed networking environment. The implemented system is to transmit the acoustic data safely in low speed networking environment and secure the acoustic data from various threats.

• Journal of Internet Computing and Services
• /
• v.11 no.4
• /
• pp.129-141
• /
• 2010

In digital computing environment, for the mal functions in appliances and system errors, the unaccepted intrusion should be occurred. The evidence collecting technology uses the system which was damaged by intruders and that system is used as evidence materials in the court of justice. However the collected evidences are easily modified and damaged in the gathering evidence process, the evidence analysis process and in the court. That’s why we have to prove the evidence’s integrity to be valuably used in the court. In this paper, we propose a mechanism for securing the reliability and the integrity of digital evidence that can properly support the Computer Forensics. The proposed mechanism shares and manages the digital evidence through mutual authenticating the damaged system, evidence collecting system, evidence managing system and the court(TTP: Trusted Third Party) and provides a secure access control model to establish the secure evidence management policy which assures that the collected evidence has the corresponded legal effect.

• Journal of KIISE:Information Networking
• /
• v.33 no.4
• /
• pp.310-323
• /
• 2006

In this paper, we describe a secure cluster-routing protocol based on a multi-layer scheme in ad hoc networks. We propose efficient protocols, Authentication based on Multi-layer Clustering for Ad hoc Networks (AMCAN), for detailed security threats against ad hoc routing protocols using the selection of the cluster head (CH) and control cluster head (CCH) using a modification of cluster-based routing ARCH and DMAC. This protocol provides scalability of Shadow Key using threshold authentication scheme in ad hoc networks. The proposed protocol comprises an end-to-end authentication protocol that relies on mutual trust between nodes in other clusters. This scheme takes advantage of Shadow Key using threshold authentication key configuration in large ad hoc networks. In experiments, we show security threats against multilayer routing scheme, thereby successfully including, establishment of secure channels, the detection of reply attacks, mutual end-to-end authentication, prevention of node identity fabrication, and the secure distribution of provisional session keys using threshold key configuration.

• Convergence Security Journal
• /
• v.13 no.2
• /
• pp.15-24
• /
• 2013

In the 1960s, economic growth served to step up industrialization and urbanization, which was concurrent with th e urban concentration of population, and this phenomenon led to an increase in crime, and there was a rapid increase in demand for security at the same time. So the law enforcement authorities instituted the security service act in a move to secure quasi-police force. The enactment of the security service act has been put in force up to now, fueling the growth of security business. Mean while, the security industry has attained a splendid growth as one of growth industries, and it's required to look back on the past to determine new directions for the industry to make a new leap forward. Thus, the 1970s was a period to lay the groundwork for Korean private security, and the purpose of this study was to examine the social environments of the 1970s related to private security and what accelerated the development of private security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.1
• /
• pp.155-165
• /
• 2018

As medical healthcare industry is growing up rapidly these days, providing various new healthcare service is considered carefully. Health information is considered to be more important than financial information; therefore, protecting health information becomes a very significant task. Ransomware is now targeting industry groups that have high information value. Especially, ransomware has grown in various ways since entering maturity in 2017. Healthcare industry is highly vulnerable to ransomeware since most healthcare organizations are configured in closed network with lack of malware protection. Only meeting the security criteria is not the solution. In the case of a successful attack, restoration process must be prepared to minimize damages as soon as possible. Ransomware is growing rapidly and becoming more complex that protection must be improved much faster. Based on ISO 27799 and 27002 standard, we extract and present security measures against advanced ransomware to maintain and manage healthcare system more effectively.

• Convergence Security Journal
• /
• v.19 no.1
• /
• pp.19-30
• /
• 2019

As the 4th industrial revolution has recently become a hot topic, the importance of autonomous vehicles has increased and interest has been increasing worldwide, and accidents involving autonomous vehicles have also occurred. With the development of autonomous vehicles, the possibility of a cyber-hacking threat to the car network is increasing. Various countries, including the US, UK and Germany, have developed guidelines to counter cyber-hacking of autonomous vehicles, In the case of Korea, limited temporary operation of autonomous vehicles is being carried out, but the legal system to be applied in case of accidents caused by vehicle network hacking is insufficient. In this paper, based on the existing legal system, we examine the civil liability caused by the cyber hacking of the autonomous driving car, while we propose a law amendment suited to the characteristics of autonomous driving car and a legal system improvement plan that can give sustainable trust to autonomous driving car.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.115-118
• /
• 2014

Underwater Wireless Communication System can be useful for research of quality of water, ocean resources exploration, analysis ocean environment and so on. However, there exist security threats including data loss, data forgery, and another variety of security threats, because of characteristics of water, various geographical factors, intended attack, etc. To solve these problem, in this paper, we propose a CCM-UW mode of operation modified form of CCM mode of operation, providing data confidentiality, integrity, origin authentication and anti-attack prevent, for the Underwater Wireless Communication System. By implementing CCM-UW in MACA protocol(Underwater Wireless Communication MAC Protocol) and measuring speed of communication, we confirm the applicability of the security and analyze the communication environment impact.

• Convergence Security Journal
• /
• v.18 no.5_1
• /
• pp.53-58
• /
• 2018

MANET transmits data by hop-by-hop method because it is composed of mobile nodes without support of any infrastructure. Its structure is very similar to a block chain. However, it is exposed to various threats such as data tampering or destruction by malicious nodes because of transmission method. So, ensuring the integrity of transmitted data is an important complement to MANET. In this paper, we propose a method to apply the block chain technique in order to protect the reliability value of the nodes consisting the network from malicious nodes. For this, hierarchical structure of a cluster type is used. Only cluster head stores the reliability information of the nodes in a block and then, this can be spread. In addition, we applied block generation difficulty automatic setting technique using the number of nodes selecting cluster head and the reliability of cluster head to prevent the spread of wrong blocks. This can prevent block generation and spread by malicious nodes. The superior performance of the proposed technique can be verified by comparing experiments with the SAODV technique.