• Proceedings of the Korean Information Science Society Conference
• /
• 2002.10d
• /
• pp.616-618
• /
• 2002

본 논문에서는 음성인식 성능을 높이기 위한 기본적 단계인 음성과 비음성 부분의 경계를 추출하는 음성 경계 추출 방법을 제안한다. 음성경계 추출을 위한 특징들로는 시간영역 분할 파라미터인 ZCR, MA를 사용하고 주파수 영역 분할 파라미터로 주파수 대역 파워 에너지 (Frequency band power energy), 포만트 계수 (Formant coefficient)를 사용하였고 각 파라미터들을 이용하여 음성 경계를 결정할 때 경험에 의해 임계치를 결정하는 단점을 보안하기 위해서 신경망을 이용한다. 신경망의 가중치와 임계치들은 지도 학습을 통해 최적화 되고, 학습을 통해 구성된 망을 음성과 비음성의 경계치 구분에 사용한다.

• Journal of Internet Computing and Services
• /
• v.15 no.6
• /
• pp.55-64
• /
• 2014

In a Web application, you can pass without restrictions special network security devices such as IPS and F/W, URL parameter, which is an important element of communication between the client and the server, is forwarded to the Web server. Parameters are modulated by an attacker requests a URL, disclose confidential information or through e-commerce, can take financial gain. Vulnerability parameter manipulation thereof cannot be able to determine whether to operate in only determined logical application, blocked with Web Application Firewall. In this paper, I will present a technique OTACUS(One-Time Access Control URL System) to complement the shortcomings of the measures existing approaches. OTACUS can be effectively blocked the modulation of the POST or GET method parameters passed to the server by preventing the exposure of the URL to the attacker by using clean URL technique simplifies complex URL that contains the parameter. Performance test results of the actual implementation OTACUS proves that it is possible to show a stable operation of less than 3% increase in the load.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.05c
• /
• pp.1917-1920
• /
• 2003

Bluetooth는 전형적인 무선 네크워크와는 달리 다른 새로운 네트워킹 파라다임으로서 어떠한 고정된 인프라에도 의존하지 않고, 이동 호스트만으로 구성된 네트워크이다. 이는 그 고유의 특성으로 인해 여러 방면에 걸척 사용될 수 있는 장점을 가지고 있으나, 외부로부터의 공격에 취약하다는 약점을 가지고 있다. 본 논문에서는 Bluetooth가 가지고 있는 보안 위협 요소들 중 링크키 생성을 위해 사용되어 지는 파라미터 교환 방식과 각종 키 생성 메커니즘을 분석한다. 또 안전한 파라미터 전달을 위한 프로토콜을 제한하였다. 제안된 프로토콜은 최소한의 메시지 교환만으로 링크키, 조합키, 생성에 필요한 각 파라미터를 안전하게 전달한다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.9B
• /
• pp.1073-1081
• /
• 2011

An URL parameter can hold some information that is confidential or vulnerable to illegitimate tampering. We propose Link-E-Param(Link with Encrypted Parameters) to protect the whole URL parameter names as well as their values. Unlike other techniques concealing only some of the URL parameters, it will successfully discourage attacks based on URL analysis to steal secret information on the Web sites. We implement Link-E-Param in the form of a servlet filter to be deployed on any Java Web server by simply copying a jar file and setting a few configuration values. Thus it can be used for any existing Web application without modifying the application. It also supports numerous encryption algorithms to choose from. Experiments show that our implementation induces only 2~3% increase in user response time due to encryption and decryption, which is deemed acceptable.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2022.05a
• /
• pp.195-196
• /
• 2022

url 은 사용자들에게 편의성을 제공하지만 이로 인해 발생하는 보안 문제점들이 있다. 파라미터 값을 변조해 발생하는 온라인 쇼핑몰 해킹이나 회사 내부망에서 관리자 페이지나 사내 기밀 게시판 등 평소라면 접근할 수 없는 숨겨진 페이지에 접근을 시도하는 문제점들이 발생해 이를 방지할 AES 방식의 url 암호화 기술을 구상해 보았다.

• Review of KIISC
• /
• v.15 no.3
• /
• pp.13-28
• /
• 2005

광대역 통합망(BcN: Broadband convergence Network)에서 대역폭의 증가와 서비스의 통합으로 보안의 중요성이 빠르게 증가하고 있다. 그러므로 보안은 BcN에서 다루어져야 할 중요한 문제의 하나로 인식되어야 한다. BcN과 같은 QoS-aware 통신시스템에서 사용자는 원하는 서비스 품질 수준의 보장을 위하여 여러 가지의 서비스 클래스 중에서 선택할 수 있다. 그러나 보안은 아직 이런 QoS 구조에서 하나의 파라미터로 인정되지 않고 있으며, 보안-관련 서비스 클래스도 정의된 바 없다. 본고에서는 BcN 구조에서 발생할 수 있는 보안 취약성을 분석하고 BcN 인프라 정보보호를 위하여 관련 기술, 표준화, 국내 동향 등에 대하여 기술하고자 한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.6
• /
• pp.53-65
• /
• 2001

Authentication mechanism for W-CMDA IMT-2000 system is developed by 3GPP TSG SA WG3. We simulated the mechanism and algorithms. In this paper, we overview 3GPP authentication procedures and present results of our simulation. We validate the mechanism and parameters transmitted during authentication procedures and we also discuss parameters which are unclear in specification.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2001.10a
• /
• pp.491-498
• /
• 2001

IN this Paper we propose an encryption algorithm for security in data communication. this algorithm acts encryption operation after the compression of data in order to reduce the transmission time and storage an encryption key is generated by using a parameter. as soon as key value is generated the parameter is transmitted and key is recreated every 26 times of parameter changing. the random number which is a constituent unit of encryption key is stored in a table the table is reorganized when the key is generated 40 times in order to intensity the security of encryption key. the encryption of data is made through the operation process of the generated key and sour data and the decryption performs the revers operation of encryption after getting decryption key by searching the transmitted parameter. as this algorithm is performed lastly it is possible to be used in practice.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.1
• /
• pp.1-9
• /
• 2024

Multivariate Quadratic (MQ)-based digital signature schemes have advantages such as ease of implementation and small signature sizes, making them promising candidates for post-quantum cryptography. To enhance the efficiency of such MQ-based digital signature schemes, utilizing sparse matrices have been proposed, including HiMQ, which has been standardized by Korean Telecommunications Technology Association standard. However, HiMQ shares a similar key structure with Rainbow, which is a representative MQ-based digital signature scheme and was broken by the MinRank attack proposed in 2022. While HiMQ was standardized by a TTA and recommended parameters were provided, these parameters were based on cryptanalysis as of 2020, without considering recent attacks. In this paper, we examine attacks applicable to MQ-based digital signatures, specifically targeting HiMQ, and perform a security analysis. The most effective attack against HiMQ is the combined attack, an improved version of the MinRank attack proposed in 2022, and none of the three recommended parameters satisfy the desired security strength. Furthermore, HiMQ-128 and HiMQ-160 do not meet the minimum security strength requirement of 128-bit security level.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.52 no.4
• /
• pp.125-132
• /
• 2015

PCI Express is high-speed point-to-point serial protocol, the system is designed by analysing loss and jitter through Eye Diagram. It is necessarily analyzing high speed serial signals when the PCI Express Gen3 which has 8Gbps physical signal speed is designed especially. This paper deals with topology extraction, channel analysis, extraction of s-parameters and system signal integrity simulation within transceiver buffer models through PCI Express Gen3 server connecting switch system design. Optimal parameters of transmitter buffer equalizer are found through solution space simulation of de-emphasis and preshoot parameters to compensate channel loss.