• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.42 no.1
• /
• pp.193-204
• /
• 2017

The security of Internet systems critically depends on the capability to keep anti-virus (AV) software up-to-date and maintain high detection accuracy against new malware. However, malware variants evolve so quickly they cannot be detected by conventional signature-based detection. In this paper, we proposed a malware classification method based on sequence patterns generated from the network flow of malware samples. We evaluated our method with 766 malware samples and obtained a classification accuracy of approximately 40.4%. In this study, malicious codes were classified only by network behavior of malicious codes, excluding codes and other characteristics. Therefore, this study is expected to be further developed in the future. Also, we can predict the attack groups and additional attacks can be prevented.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.1C
• /
• pp.107-115
• /
• 2005

ATC (Abnormal traffic controller) is presented as next generation security technology to securely support reliable Internet service and to guarantee network survivability, which is deployed in Internet access point. The key concept of the ATC is abnormal traffic monitoring and traffic control technology. When fault factors exist continuously and/or are repeated, abnormal traffic control guarantees service completeness as much as possible. The ATC with control policy on abnormal traffic is superior to the ATC with blocking policy as well as conventional network node, when the ratio of effective traffic to abnormal traffic is higher than $30{\%}.$ When traffic intended unknown attack occurs, network IDS is high false positive probability and so is limited to apply. In this environment, the ATC can be a key player to help the network node such as router to control abnormal traffic.

• The KIPS Transactions:PartC
• /
• v.17C no.1
• /
• pp.1-14
• /
• 2010

IEEE 802.15.4[1] has been standardized for the physical layer and MAC layer of LR-PANs(Low Rate-Wireless Personal Area Networks) as a technology for operations with low power on sensor networks. The standardization is applied to the variety of applications in the shortrange wireless communication with limited output and performance, for example wireless sensor or virtual wire, but it includes vulnerabilities for various attacks because of the lack of security researches. In this paper, we analyze the vulnerabilities against the denial of sleep attacks on the MAC layer of IEEE 802.15.4, and propose a detection mechanism against it. In results, we analyzed the possibilities of denial of sleep attacks by the modification of superframe, the modification of CW(Contention Window), the process of channel scan or PAN association, and so on. Moreover, we comprehended that some of these attacks can mount even though the standardized security services such as encryption or authentication are performed. In addition to, we model for denial of sleep attacks by Beacon/Association Request messages, and propose a detection mechanism against them. This detection mechanism utilizes the management table consisting of the interval and node ID of request messages, and signal strength. In simulation results, we can show the effect of attacks, the detection possibility and performance superiorities of proposed mechanism.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.6
• /
• pp.1271-1283
• /
• 2019

The fourth industrial revolution and digital transformation are also bringing major changes to the financial ecosystem in Korea. Already, global financial firms overseas are opening their financial markets and exploring new financial businesses by seeking ways to co-prosperity with fintech firms. However, it is also true that the domestic financial environment has failed to respond to the changes due to its monopolistic and closed structure. In response, the government began pushing for the introduction of open banking in December 2019 with the aim of fully opening the financial settlement system. However, unlike the existing simple financial transaction structure, open banking still has an unresolved part due to the unclear relationship of responsibilities between interested parties in the event of financial accidents due to the complex linkage structure of transactions such as financial firms, fintech firms and customers. This study analyzed the security threat of open banking in depth. By doing so, the government and financial firms want to present policy proposals that need to be improved to enhance the safety of open banking in korea and protect financial consumers, as well as new financial models that have improved the vulnerable parts of existing models.

• The KIPS Transactions:PartC
• /
• v.16C no.2
• /
• pp.165-182
• /
• 2009

Mobile IPv6 spends considerable bandwidth considering that its signal volume is proportional to the mobile and also it should be strengthened to support the binding signal volume, the traffic, and effective mobility. So, the study in NEMO(Network Mobility), an extended version of Mobile IPv6, has been conducted. NEMO provides its mobility by putting several mobiles and more than one portable router into one unit called as mobile network. Because nodes access Internet via the portable router at this time, it receives transparency without any additional work and that much reduces binding signal while solving binding storm. By supporting mobility, NEMO is able to have various mobile structures which realize several networks hierarchically and it is necessary to improve its safety and security by authenticating among the upper networks or the lower ones while moving. Also, it is extremely required to begin a study in the device to improve efficiency accompanied with mobility, which is executed by the fast hand-off as well as the safe authentication. For those reasons, this paper not only classifies various NEMO mobile scenarios into 7 ways, but also provides AAA authentication of each scenario, the authentication through the safety authentication and fast handoff authentication using F+HMIPv6 and the way to reduce both signaling volume and packet delays efficiently during the handoff.

• The KIPS Transactions:PartC
• /
• v.13C no.7 s.110
• /
• pp.821-830
• /
• 2006

As internet worms are spread out worldwide, the detection and filtering of worms becomes one of hot issues in the internet security. As one of implementation methods to detect worms, the Linux Netfilter kernel module can be used. Its basic operation for worm detection is a string matching where coming packet(s) on the network is/are compared with predefined worm signatures(patterns). A worm can appear in a packet or in two (or more) succeeding packets where some part of worm is in the first packet and its remaining part is in its succeeding packet(s). Assuming that the maximum length of a worm pattern is less than 1024 bytes, we need to perform a string matching up to two succeeding packets of 2048 bytes. To do so, Linux Netfilter keeps the previous packet in buffer and performs matching with a combined 2048 byte string of the buffered packet and current packet. As the number of concurrent connections to be handled in the worm detection system increases, the total size of buffer (memory) increases and string matching speed becomes low In this paper, to reduce the memory buffer size and get higher speed of string matching, we propose a string matching scheme without using buffer. The proposed scheme keeps the partial matching result of the previous packet with signatures and has no buffering for previous packet. The partial matching information is used to detect a worm in the two succeeding packets. We implemented the proposed scheme by modifying the Linux Netfilter. Then we compared the modified Linux Netfilter module with the original Linux Netfilter module. Experimental results show that the proposed scheme has 25% lower memory usage and 54% higher speed compared to the original scheme.

• Journal of The Korean Society of Grassland and Forage Science
• /
• v.32 no.2
• /
• pp.149-156
• /
• 2012

his experiment was carried out to evaluate the effects of nitrogen top dressing levels on the growth, feed value, and anthocyanin content for developing functional feed of colored barley. A colored barley cultivar, Boanchalbori, was tested in this experiment. Nitrogen top dressing levels was six (0, 20, 40, 60, 80, 100%) and top dressing time was a regeneration time. In case of productivity, heading data was get behind and dry matter rate was significant decreased with higher nitrogen top dressing levels (p<0.05). Fresh yield, dry matter yield and TDN yield was increased with higher nitrogen top dressing levels, but not significant. In case of feed value, crude protein content was significant increased with higher nitrogen top dressing levels (p<0.05), and higher in the order of spike, whole and leaf culme of the plant. Percent NDF and ADF was decreased with higher nitrogen top dressing levels in leaf culme, but no difference in spike and whole (p<0.05), and higher in the order of leaf culme, whole and spike of the plant. TDN was increased with higher nitrogen top dressing levels in leaf culme, but no difference in spike and whole (p<0.05), and higher in the order of spike, whole and leaf culme of the plant. Total anthocyanin content was significant decreased with higher nitrogen top dressing levels in leaf culme and whole (p<0.05), and higher in the order of leaf culme, whole and spike of the plant. Specially, cyanidin-3-glucoside (C3G), delphinidin (Del), malvidin-3-glucoside (M3G) and malvidin (Mal) show a significant decrease. So there are an accumulation of anthocyanin in the culm, and standard nitrogen top dressing levels dressing on the regeneration time for produces high anthocyanin content of the colored barley.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.8C
• /
• pp.1113-1124
• /
• 2004

In this paper, we proposed a hardware(H/W) structure which can compress and recontruct the input image in real time operation and implemented it into a FPGA platform using VHDL(VHSIC Hardware Description Language). All the image processing element to process both compression and reconstruction in a FPGA were considered each of them was mapped into H/W with the efficient structure for FPGA. We used the DWT(discrete wavelet transform) which transforms the data from spatial domain to the frequency domain, because use considered the motion JPEG2000 as the application. The implemented H/W is separated to both the data path part and the control part. The data path part consisted of the image processing blocks and the data processing blocks. The image processing blocks consisted of the DWT Kernel fur the filtering by DWT, Quantizer/Huffman Encoder, Inverse Adder/Buffer for adding the low frequency coefficient to the high frequency one in the inverse DWT operation, and Huffman Decoder. Also there existed the interface blocks for communicating with the external application environments and the timing blocks for buffering between the internal blocks The global operations of the designed H/W are the image compression and the reconstruction, and it is operated by the unit of a field synchronized with the A/D converter. The implemented H/W used the 69%(16980) LAB(Logic Array Block) and 9%(28352) ESB(Embedded System Block) in the APEX20KC EP20K600CB652-7 FPGA chip of ALTERA, and stably operated in the 70MHz clock frequency. So we verified the real time operation of 60 fields/sec(30 frames/sec).

• The Journal of Society for e-Business Studies
• /
• v.20 no.1
• /
• pp.117-135
• /
• 2015

Mobile wallet that can keep coupons and membership cards for mobile is one of rapidly growing services due to its usability and financial benefit. However, in spite of its rapid growth, the increase of users who do not use continuously it is an important consideration to service providers for making a profit. This study aims to test the effects of factors affecting the continuous use intention of mobile wallet based on VAM (Value-based Adoption Model) which can analyse them in both benefit and sacrifice aspects, so as to suggest considerations to increase the use period of mobile wallet for service providers. The research findings supported the hypotheses regarding to the effects of usefulness, value-expression, perceived security and enjoyment in the benefit aspect and technicality in the sacrifice aspect on perceived value. In addition, the causal path from perceived value to continuous use intention was significant. The study results are expected to be used in marketing or service improvement for short-term users by taking account of emotional factors as well as functional factors.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.7
• /
• pp.291-305
• /
• 2008

Previous study about Mobile Music Contents was mainly focused on Industry factors & enterprise factors like Technology. This study is not only focused on Technology factors, but also Customer & System factors like TAM of original, and also, this study first tried to find the Mobile Internet medium's customer purchase by each property's Mobile Music Contents from assorting the Mobile music Contents property and defining them. So to speak of this study have tried to concretely verify the factors of purchase. And also, I proposed an transformated model, and added independent variable factors, 'distinction', 'speed of system', 'speed of network', 'a career of use', 'amount of use', 'preservation', 'customization', 'information', 'confidence', 'omni presentation', 'potential possibility of reproduce'. By applying TAM this study has measured how the product property. user property, and system property causes effect to customer purchase of Mobile Music Contents. In results, First, success 8 factors were determined to be the purchase of 'Ringtone'. Second, 8 factors were determined to be the purchase of 'Ring-Back tone', but, 'The use of convenience' was not influenced 'Intention of Purchase'. Third, 6 factors were determined to be the purchase of 'Full Track Download of Music'. At the Conclusion this study presented a scheme that these study results could be applied in actual company and academic world.