• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.3
• /
• pp.547-554
• /
• 2022

Recently, the field of telemedicine is growing rapidly due to the COVID-19 pandemic. However, the cost of telemedicine services is relatively high, since cloud computing, video conferencing, and cyber security should be considered. Therefore, in this paper, we design and implement a cost-effective P2P-based telemedicine system. It is implemented using the widely used the open source computing platform, Raspberry Pi, and P2P network that frees users from security problems such as the privacy leakage by the central server and DDoS attacks resulting from the server/client architecture and enables trustworthy identifying connection system using SSL protocol. Also it enables users to check the other party's status including body temperature in real time by installing a thermal imaging camera using Raspberry Pi. This allows several medical diagnoses that requires visual aids. The proposed telemedicine system will popularize telemedicine service and meet the ever-increasing demand for telemedicine.

• Korean Journal of Construction Engineering and Management
• /
• v.23 no.4
• /
• pp.47-56
• /
• 2022

In a construction project, process planning is an important factor in determining the success or failure of a project. In particular, it is necessary to systematically establish a process plan in the early stage because the finishing work of an apartment house involves more interference than the foundation work or the frame work. First, in this study the problems of Tact process management were identified, Based on the data from the case project, conventional Tact process management and compositive Tact process management were compared and analyzed. Second, cost analysis was performed on applicable plastering work to suggest the necessity and direction of compositive Tact process management. Third, the appropriateness of manpower according to the number of construction households is analyzed through cost analysis. Through this, the validity and effectiveness of compositive Tact process management were verified based on the results derived from this study.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.4
• /
• pp.617-635
• /
• 2021

Internet of Things (IoT) devices connected to the network without appropriate security solutions have become a serious security threat to ICT infrastructure. Moreover, due to the nature of IoT devices, it is difficult to apply currently existing security solutions. As a result, IoT devices have easily become targets for cyber attackers, and malware attacks on IoT devices are actually increasing every year. Even though several security solutions are being developed to protect IoT infrastructure, there is a great risk to apply unverified security solutions to real-world environments. Therefore, verification tools to verify the functionality and performance of the developed security solutions are also needed. Furthermore, just as security threats vary, there are several security solution s that defend against them, requiring suitable verification tools based on the characteristics of each security solution. In this paper, we propose an high-speed malware propagation tool that spreads malware at high speed in the IoT infrastructure. Also, we can verify the functionality of the security solution that detect and quickly block attacks spreading in IoT infrastructure by using the high-speed malware propagation tool.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.6
• /
• pp.1205-1214
• /
• 2021

Edge Computing is used as a solution to the cost problem and transmission delay problem caused by network bandwidth consumption that occurs when IoT/CPS devices are integrated into the cloud by performing artificial intelligence (AI) in an environment close to the data source. Since edge computing runs on devices that provide high-performance computation and network connectivity located in the real world, it is necessary to consider application integrity so that it is not exploited by cyber terrorism that can cause human and material damage. In this paper, we propose a technique to protect the integrity of edge computing applications implemented in a script language that is vulnerable to tampering, such as Python, which is used for implementing artificial intelligence, as container images and then digitally signed. The proposed method is based on the integrity protection technology (Docker Contents Trust) provided by the open source container technology. The Docker Client was modified and used to utilize the whitelist for container signature information so that only containers allowed on edge computing devices can be operated.

• Journal of the Korea Convergence Society
• /
• v.13 no.5
• /
• pp.155-164
• /
• 2022

Considerable interest has been directed toward utilizing virtual environment-based simulations for teacher education which provide authentic experience of classroom environment and repetitive training. Emotional Interaction should be considered for more advanced simulation learning performance. Since emotion is important factors in creative thinking, inspiration, concentration, and learning motivation, identifying learners' emotional interactions and applying these results to teaching simulation is essential activities. In this context, this study aims to identify the objective data for the empathetic response through the movement of the learner's EEG (Electroencephalogram) and eye-tracking, and to provide clues for designing emotional teaching simulation. The results of this study indicated that intended empathetic response was provided and in terms of valence (positive and negative) states and situational interest played an important role in determining areas of interest. The results of this study are expected to provide guidelines for the design of emotional interactions in simulations for teacher education as follow; (a) the development of avatars capable of expressing sophisticated emotions and (b) the development of scenarios suitable for situations that cause emotional reactions.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.243-253
• /
• 2022

Recently, cyber attacks on national infrastructure facilities have continued to occur. As a result, the vulnerabilities of ICS-CERTs have more than doubled from last year, and the vulnerabilities to industrial control systems such as nuclear facilities are increasing day by day. Most control system operators formulate vulnerability countermeasures based on the vulnerability information sources of industrial control systems provided by ICS-CERT in the United States. However, it is difficult to apply this to the security of domestic control systems because ICS-CERT does not contain all relevant vulnerability information and does not provide vulnerabilities to domestic manufacturer's products. In this research, we will utilize publicly available vulnerability-related information such as CVE, CWE, ICS-CERT, and CPE to discover vulnerabilities that may exist in control system assets and may occur in the future. I proposed a plan that can predict possible vulnerabilities and applied it to information on major domestic control systems.

• Journal of KIBIM
• /
• v.12 no.4
• /
• pp.19-31
• /
• 2022

With the development of 3D-based CAD (Computer Aided Design), attempts at freeform building design have expanded to small and medium-sized buildings in Korea. However, a standardized system for continuous utilization of shape data and BIM conversion process implemented with 3D-based NURBS is still immature. Without accurate review and management throughout the Freeform building project, interference between members occurs and the cost of the project increases. This is very detrimental to the project. To solve this problem, we proposed a continuous utilization process of 3D shape information based on BIM parameters. Our process includes algorithms such as Auto Split, Panel Optimization, Excel extraction based on shape information, BIM modeling through Adaptive Component, and BIM model utilization method using ID Code. The optimal cutting reference point was calculated and the optimal material specification was derived using the Panel Optimization algorithm. With the Adaptive Component design methodology, a BIM model conforming to the standard cross-section details and specifications was uniformly established. The automatic BIM conversion algorithm of shape data through Excel extraction created a BIM model without omission of data based on the optimized panel cutting reference point and cutting line. Finally, we analyzed how to use the BIM model built for automatic conversion. As a result of the analysis, in addition to the BIM utilization plan in the general construction stage such as visualization, interference review, quantity calculation, and construction simulation, an individual management plan for the unit panel was derived through ID data input. This study suggested an improvement process by linking the existing research on atypical panel optimization and the study of parameter-based BIM information management method. And it showed that it can solve the problems of existing Freeform building project.

• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.12
• /
• pp.445-452
• /
• 2022

Class distribution of unbalanced data is an important part of the digital world and is a significant part of cybersecurity. Abnormal activity of unbalanced data should be found and problems solved. Although a system capable of tracking patterns in all transactions is needed, machine learning with disproportionate data, which typically has abnormal patterns, can ignore and degrade performance for minority layers, and predictive models can be inaccurately biased. In this paper, we predict target variables and improve accuracy by combining estimates using Synthetic Minority Oversampling Technique (SMOTE) and Light GBM algorithms as an approach to address unbalanced datasets. Experimental results were compared with logistic regression, decision tree, KNN, Random Forest, and XGBoost algorithms. The performance was similar in accuracy and reproduction rate, but in precision, two algorithms performed at Random Forest 80.76% and Light GBM 97.16%, and in F1-score, Random Forest 84.67% and Light GBM 91.96%. As a result of this experiment, it was confirmed that Light GBM's performance was similar without deviation or improved by up to 16% compared to five algorithms.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.1
• /
• pp.123-140
• /
• 2022

Recently, research on solving problems that have introduced the concept of smart city in countries and companies around the world is in progress due to various urban problems. A smart city converges the city's ICT, connects all the city's components with a network, collects and delivers data, and consists of a supply chain composed of various IoT products and services. The increase in various cyber security threats and supply chain threats in smart cities is inevitable, in addition to establishing a framework such as supply chain security policy, authentication of each data provider and service according to data linkage and appropriate access control are required in a Zero-Trust point of view. To this end, a smart city security model has been developed for smart city security threats in Korea, but security requirements related to supply chain security and zero trust are insufficient. This paper examines overseas smart city security trends, presents international standard security requirements related to ISMS-P and supply chain security, as well as security requirements for applying zero trust related technologies to domestic smart city security models.

• Journal of Internet Computing and Services
• /
• v.22 no.6
• /
• pp.151-162
• /
• 2021

Steganography is an advanced technique that hides secret messages by transforming them into subtle noise and spreading them within multimedia files such as images, video and audio. This technology has been exploited in a variety of espionage and cyber attacks. SNS messenger is an attractive SNS Service platform for sending and receiving multimedia files, which is the main medium of steganography. In this study, we proposed two noble steganography communication techniques that guarantee the complete reception rate through the use of thumbnail images in the SNS messenger environment. In addition, the feasibility was verified through implementation and testing of the proposed techniques in a real environment using KakaoTalk, a representative SNS messenger in south korea. By proposing new steganography methods in this study, we re-evaluate the risk of the steganography methods and promoted follow-up studies on the corresponding defense techniques.