• Journal of Convergence for Information Technology
• /
• v.10 no.7
• /
• pp.7-13
• /
• 2020

IoT which is the core IT of the 4^th industrial revolution, is providing various services from users in the conversion with other industries. The IoT convergence technology is leading the communication paradigm of communication environment in accordance with the increase of convenience for users. However, it is urgently needed to establish the security measures for the rapidly-developing IoT convergence technology. As IoT is closely related to digital ethics and personal information protection, other industries should establish the measures for coping with threatening elements in accordance with the introduction of IoT. In case when security incidents occur, there could be diverse problems such as information leakage, damage to image, monetary loss, and casualty. Thus, this paper suggests a certificate management technique for safe control over access in IoT-based Cloud convergence environment. This thesis designed the device/user registration, message communication protocol, and device renewal/management technique. On top of performing the analysis on safety in accordance with attack technique and vulnerability, in the results of conducting the evaluation of efficiency compared to the existing PKI-based certificate management technique, it showed about 32% decreased value.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.11 no.1
• /
• pp.76-81
• /
• 2018

The Internet of Things (IoT), which is emerging as a future economic growth engine, has been actively introduced in areas close to our daily lives. However, there are still IoT security threats that need to be resolved. In particular, with the spread of smart homes and smart cities, an explosive amount of closed-circuit televisions (CCTVs) have been installed. The Internet protocol (IP) information and even port numbers assigned to CCTVs are open to the public via search engines of web portals or on social media platforms, such as Facebook and Twitter; even with simple tools these pieces of information can be easily hacked. For this reason, a big-data analytics system is needed, capable of supporting quick responses against data, that can potentially contain risk factors to security or illegal websites that may cause social problems, by assisting in analyzing data collected by search engines and social media platforms, frequently utilized by Internet users, as well as data on illegal websites.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.12
• /
• pp.157-167
• /
• 2009

Recently, the leakage of confidential information and personal information is taking place on the Internet more frequently than ever before. Most of such online security incidents are caused by attacks on vulnerabilities in web applications developed carelessly. It is impossible to detect an attack on a web application with existing firewalls and intrusion detection systems. Besides, the signature-based detection has a limited capability in detecting new threats. Therefore, many researches concerning the method to detect attacks on web applications are employing anomaly-based detection methods that use the web traffic analysis. Much research about anomaly-based detection through the normal web traffic analysis focus on three problems - the method to accurately analyze given web traffic, system performance needed for inspecting application payload of the packet required to detect attack on application layer and the maintenance and costs of lots of network security devices newly installed. The UTM(Unified Threat Management) system, a suggested solution for the problem, had a goal of resolving all of security problems at a time, but is not being widely used due to its low efficiency and high costs. Besides, the web filter that performs one of the functions of the UTM system, can not adequately detect a variety of recent sophisticated attacks on web applications. In order to resolve such problems, studies are being carried out on the web application firewall to introduce a new network security system. As such studies focus on speeding up packet processing by depending on high-priced hardware, the costs to deploy a web application firewall are rising. In addition, the current anomaly-based detection technologies that do not take into account the characteristics of the web application is causing lots of false positives and false negatives. In order to reduce false positives and false negatives, this study suggested a realtime anomaly detection method based on the analysis of the length of parameter value contained in the web client's request. In addition, it designed and suggested a WAF(Web Application Firewall) that can be applied to a low-priced system or legacy system to process application data without the help of an exclusive hardware. Furthermore, it suggested a method to resolve sluggish performance attributed to copying packets into application area for application data processing, Consequently, this study provide to deploy an effective web application firewall at a low cost at the moment when the deployment of an additional security system was considered burdened due to lots of network security systems currently used.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2013.01a
• /
• pp.67-70
• /
• 2013

스마트폰 보급은 현대인들에게 시간적, 공간적 제약에서 벗어나 언제 어디서나 무선 인터넷을 사용하여 모바일 뱅킹, 결재, 증권거래 등 원하는 서비스를 이용할 수 있게 해주었다. 사용자들은 이를 이용하여 다양한 정보들을 검색, 저장, 이용한다. 그러나 무선 인터넷의 순기능과는 반대로 최근 모바일 기기의 보안취약점을 이용한 악성애플리케이션 및 각종 공격으로 사용자 개인정보탈취의 위협이 증가하고 있다. 사회공학공격의 일종인 피싱(Phishing)은 신뢰받는 기관을 사칭하여 만들어놓은 가짜사이트에 사용자로부터 자신의 개인정보 및 금융정보를 입력하게끔 유도하여 사용자정보를 탈취하는 방법으로 최근 SMS를 이용하여 정부 및 금융기관을 사칭한 문자를 보내 피싱사이트로 접속을 유도하는 피해사례가 증가하고 있다. 본 논문에서는 국내 피싱사이트의 유형을 분석하고 피싱사이트로 접근을 유도하는 방법 중 하나인 SMS를 이용한 피싱을 방지 할 수 있는 시스템을 고안한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.847-857
• /
• 2019

Recently, various cyber threats such as Ransomware and APT attack are increasing by e-mail. The characteristic of such an attack is that it is important to take administrative measures by improving personal perception of security because it bypasses technological measures such as past pattern-based detection The purpose of this study is to investigate the human factors of employees who are vulnerable to spam mail attacks through field experiments and to establish future improvement plans. As a result of sending 7times spam mails to employees of a company and analyzing training report, It was confirmed that factors such as the number of training and the recipient 's gender, age, and workplace were related to the reading rate. Based on the results of this analysis, we suggest ways to improve the training and to improve the ability of each organization to carry out effective simulation training and improve the ability to respond to spam mail by awareness improvement.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.15 no.12
• /
• pp.7292-7301
• /
• 2014

With the development of IT Info-Communications technology, the vehicle with a combination of wireless-communication technology has resulted in significant research into the convergence of the component of existing traffic with information, electronics and communication technology. Intelligent Vehicle Communication is a Machine-to-Machine (M2M) concept of the Vehicle-to-Vehicle. The Vehicle-to-Infrastructure communication consists of safety and the ease of transportation. Security technologies must precede the effective Intelligent Vehicle Communication Structure, unlike the existing internet environment, where high-speed vehicle communication is with the security threats of a wireless communication environment and can receive unusual vehicle messages. In this paper, the Vehicle Identification number between the V2I and the secure message communication protocol was proposed using hash functions and a time stamp, and the validity of the vehicle was assessed. The proposed system was the performance evaluation section compared to the conventional technique at a rate VPKI aspect showed an approximate 44% reduction. The safety, including authentication, confidentiality, and privacy threats, were analyzed.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.15 no.8
• /
• pp.5294-5302
• /
• 2014

The development of public-key-based technique that enables a variety of services(E-government, e-banking, e-payment, etc.) evaluated as having complete safety. On the other hand, vulnerabilities(e.g, heartbleed bug, etc.) are constantly being discovered. In this paper, a public key infrastructure to verify the safety and reliability, the collision rate using OpenSSL key pair was analyzed. the experiment was performed using the following procedure. Openssl was used to create five private certification agencies, and each of the private certificate authority certificates to create 2 million, generating a total of 10 million by the certificate of the key pair conflicts analysis. The results revealed 35,000 in 1 million, 0.35% chance of a public key, a private key conflict occurred. This is sufficient in various fields(E-payment, Security Server, etc.). A future public-key-based technique to remove the threat of a random number generator, large minority issues, in-depth study of selection will be needed.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.11
• /
• pp.746-754
• /
• 2016

Smart healthcare systems, a convergent industry based on information and communications technologies (ICT), has emerged from personal health management to remote medical treatment as a distinguished industry. The smart healthcare environment provides technology to deliver vital information, such as pulse rate, body temperature, health status, and so on, from wearable devices to the hospital network where the physician is located. However, since it deals with the patient's personal medical information, there is a security issue for personal information management, and the system may be vulnerable to cyber-attacks in wireless networks. Therefore, this study focuses on a key-development and device-management system to generate keys in the smart environment to safely manage devices. The protocol is designed to provide safe communications with the generated key and to manage the devices, as well as the generated key. The security level is analyzed against attack methods that may occur in a healthcare environment, and it was compared with existing key methods and coding capabilities. In the performance evaluation, we analyze the security against attacks occurring in a smart healthcare environment, and the security and efficiency of the existing key encryption method, and we confirmed an improvement of about 15%, compared to the existing cipher systems.

• Convergence Security Journal
• /
• v.20 no.4
• /
• pp.143-151
• /
• 2020

The cyber battlefield called the fifth battlefield, is not based on geological information unlike the existing traditional battlefiels in the land, sea, air and space, and has a characteristics that all information has tightly coupled correlation to be anlayized. Because the cyber battlefield has created by the network connection of computers located on the physical battlefield, it is not completely seperated from the geolocational information but it has dependency on network topology and software's vulnerabilities. Therefore, the analysis for cyber battlefield should be provided in a form that can recognize information from multiple domains at a glance, rather than a single geographical or logical aspect. In this paper, we describe a study on the development of the cyber operation COP(Common Operational Picture), which is essential for command and control in the cyber warfare. In particular, we propose an architecure for cyber operation COP to intuitively display information based on visualization techniques applying the multi-layering concept from multiple domains that need to be correlated such as cyber assets, threats, and missions. With this proposed cyber operation COP with multi-layered visualization that helps to describe correlated information among cyber factors, we expect the commanders actually perfcrm cyber command and control in the very complex and unclear cyber battlefield.

• Review of KIISC
• /
• v.26 no.4
• /
• pp.41-46
• /
• 2016

전통적으로 바이오인식기술은 출입국심사(전자여권, 승무원 승객 신원확인), 출입통제(도어락, 출입통제 근태관리), 행정(무인민원발급, 전자조달), 사회복지(미아찾기, 복지기금관리), 의료(원격의료, 의료진 환자 신원확인), 정보통신(휴대폰 PC 인터넷 인증), 금융(온라인 뱅킹, ATM 현금인출) 등 다방면에서 폭넓게 보급되어 실생활에서 널리 활용되고 있다. [그림1]은 신체적 특징(Physiological biometrics)과 행동적 특징(Behavioral biometrics)을 이용한 사용자 인증기술인 바이오인식기술의 유형과 함께 각 기술별 보안취약점(괄호 안 빨강색글자)을 나타내고 있다. 최근 들어, 모바일 지급결제서비스 ATM 인출기 인터넷전문은행 등과 같은 핀테크 분야에서 비대면 인증기술로 바이오인식기술이 각광을 받기 시작했다. 한편, 가짜지문 등 기존의 신체적 특징을 이용한 바이오인식기술의 위변조 위협에 대한 우려 존재함에 따라 뇌파 심전도 근전도 맥박 등 살아있는 사람의 행동적(신체의 기능적) 특징을 이용한 생체신호를 이용하여 비대면 인증기술로서 활용하기 위하여 주요 선진국에서 차세대 바이오인식 기술개발이 가속화되고 있는 추세이다.[1] 또한, 이러한 생체신호는 최근에 삼성전자, LG전자, 애플 등에서 스마트워치를 통해 심장박동수를 측정하고 스마트폰을 통하여 모바일 지급결제, 헬스케어 등과 같은 IoT 모바일 융복합 응용서비스에 활용될 전망이다. 본고에서는 뇌파 심전도(심박수)와 같은 생체신호를 측정하는 스마트워치 밴드형 의복형 또는 패치형태의 웨어러블 디바이스와 같은 생체신호센서, 생체신호 인증기술 및 관련표준화 동향을 고찰해 보기로 한다. 국내외 관련기술과 표준화 동향을 면밀히 분석하여 지난 2015년 5월29일에 발족한 국내외 전문가그룹인 KISA"모바일 생체신호 인증기술 표준연구회"(이하 KISA 표준연구회)가 구심점이 되어 한국형 생체신호를 이용한 차세대 텔레바이오인식기술에 대한 연구개발과 국내외 표준화 추진에 박차를 가할 계획이다.