• Convergence Security Journal
• /
• v.22 no.5
• /
• pp.3-9
• /
• 2022

Recently, in order to build a cyber physical system(CPS) that is a technology related to the 4th industry, the construction of the virtual control system for physical model and control circuit simulation is increasingly required in various industries. It takes a lot of time and money to convert documents that are not electronically documented through direct input. For this, it is very important to digitize a large number of drawings that have already been printed through object recognition using artificial intelligence. In this paper, in order to accurately recognize objects in drawings and to utilize them in various applications, a recognition technique using artificial intelligence by analyzing the characteristics of objects in drawing was proposed. In order to improve the performance of object recognition, each object was recognized and then an intermediate file storing the information was created. And the recognition rate of the next recognition target was improved by deleting the recognition result from the drawing. In addition, the recognition result was stored as a standardized format document so that it could be utilized in various fields of the control system. The excellent performance of the technique proposed in this paper was confirmed through the experiments.

• The Journal of the Convergence on Culture Technology
• /
• v.9 no.2
• /
• pp.483-491
• /
• 2023

Due to the spread of mobile devices, the use of mobile electronic notification services is increasing. For the mobile electronic notification service, the connecting information is required to identify the owner of the mobile device and the recipient of the notification. The connecting information is an online resident registration number, and safe management is essential. Therefore, in this paper, the processing flow, interconnecting standard, and management plan are proposed when a mobile electronic notification requesting agency requests the identity verification agency to convert the resident registration number of the recipient of the electronic notification to connecting information. In the proposed method, it is suggested that a safe mobile electronic notification service is possible by defining the process of collective conversion of connecting information between private organizations and personal identity proofing agency, information transmission and reception methods, and interworking standards.

• The Journal of the Convergence on Culture Technology
• /
• v.9 no.3
• /
• pp.579-585
• /
• 2023

The purpose of this study is to explore keywords within stalking-related news articles according to political orientation through the text network analysis, and then to examine the implicit intentions. Selecting total 1,607 articles including 824 articles of the conservative press(The Chosun Ilbo, The Joongang Ilbo) and 783 articles of the progressive press(The Hankyoreh, The Kyunghyang Shinmun) reported from January 1, 2018 to December 31, 2022, this study explored the aspect of topic category drawn through the topic modeling technique based on LDA(Latent Dirichlet Allocation). In the results of this study, the common topics of the conservative and progressive press were improvement of the perception of gender-based violence, personal protection & intensity of punishment, and disclosure of stalkers' personal information. Regarding the topics differently shown in those two press, the conservative press showed stalkers' harmful act, and outline of 'murder case at Sindang Station' while the progressive press showed request for aggravated punishment on the 'murder case at Sindang Station', and eradication of sexual exploitation crime (in cyber space). The results of this study imply that there are changes in the type of reporting according to ideological opinions about stalking in news articles.

• The Journal of the Convergence on Culture Technology
• /
• v.8 no.3
• /
• pp.559-569
• /
• 2022

Due to the spread of mobile devices, the use of mobile electronic notification services is increasing. For the mobile electronic notification service, the connecting information is required to identify the owner of the mobile device and the recipient of the notification. The connecting information is an online resident registration number, and safe management is essential. Therefore, in this paper, the processing flow, interconnecting standard, and management plan are proposed when a mobile electronic notification requesting agency requests the identity verification agency to convert the resident registration number of the recipient of the electronic notification to connecting information. In the proposed method, it is suggested that a safe mobile electronic notification service is possible by defining the process of collective conversion of connecting information between private organizations and personal identity proofing agency, information transmission and reception methods, and interworking standards.

• Smart Media Journal
• /
• v.12 no.5
• /
• pp.46-57
• /
• 2023

As the COVID-19 pandemic and the development of IT technology have led to the gradual popularization of remote and telecommuting, cloud computing technology is advancing, and cyber attack techniques are becoming more sophisticated and advanced. In response to these trends, companies are increasingly moving away from traditional perimeter-based security and adopting Zero Trust to strengthen their security. Zero Trust, based on the core principle of doubting and not trusting everything, identifies all traffic and grants access permissions through a strict authentication process to enhance security. In this paper, we analyze the background of Zero Trust adoption and the adoption policies and trends of countries that are proactively promoting its implementation. Additionally, we propose necessary efforts from governments and organizations to strengthen corporate security and considerations for companies when applying Zero Trust.

• The Journal of the Convergence on Culture Technology
• /
• v.9 no.5
• /
• pp.397-401
• /
• 2023

The study presents milestones for the Korean military to win the future battlefield based on the 4th Industrial Revolution. Chapter 1 deals with the necessity of research on how advanced countries operate industrial technology in the defense sector based on the 4th Industrial Revolution. Chapter 2 examines the current technology status of the 4th Industrial Revolution in Korea and the concept of Korean combat. Chapter 3 analyzes the military robotic technology of advanced military countries through examples of unmanned combat robots in the United States, Israel, and Germany. In the end, in future battles, it will be possible to dominate the battlefield only by taking a leap into a super-connected and super-intelligent military based on a high-tech platform. Our military should also research and develop military robotics in accordance with the characteristics of each combat system, and further expand and develop the concept of combat performance to protect our core capabilities and centers from enemy cyber, electronic warfare, and space attacks.

• Journal of Platform Technology
• /
• v.12 no.3
• /
• pp.55-61
• /
• 2024

As the digital environment becomes more complex and cyber attacks become more sophisticated, the importance of data protection is emerging. As various security threats such as data leakage, system intrusion, and authentication bypass increase, secure key management is emerging. Key Management System (KMS) manages the entire encryption key life cycle procedure and is used in various industries. There is a need for a key management system that considers requirements suitable for the environment of various industries including public and finance. The purpose of this paper is to derive the characteristics of the key management system for each industry by comparing and analyzing key management systems used in representative industries. As for the research method, information was collected through literature and technical document analysis and case analysis, and comparative analysis was conducted by industry sector. The results of this paper will be able to provide a practical guide when introducing or developing a key management system suitable for the industrial environment. The limitations are that the analyzed industrial field was insufficient and experimental verification was insufficient. Therefore, in future studies, we intend to conduct specific performance tests through experiments, including key management systems in various fields.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.4
• /
• pp.785-802
• /
• 2017

As cyber threats using malicious code continue to increase, many security and vaccine companies are putting a lot of effort into analysis and detection of malicious codes. However, obfuscation techniques that make software analysis more difficult are applied to malicious codes, making it difficult to respond quickly to malicious codes. In particular, commercial obfuscation tools can quickly and easily generate new variants of malicious codes so that malicious code analysts can not respond to them. In order for analysts to quickly analyze the actual malicious behavior of the new variants, reverse obfuscation(=de-obfuscation) is needed to disable obfuscation. In this paper, general analysis methodology is proposed to de-obfuscate the software used by a commercial obfuscation tool, Themida. First, We describe operation principle of Themida by analyzing obfuscated executable file using Themida. Next, We extract original code and data information of executable from obfuscated executable using Pintool, DBI(Dynamic Binary Instrumentation) framework, and explain the implementation results of automated analysis tool which can deobfuscate to original executable using the extracted original code and data information. Finally, We evaluate the performance of our automated analysis tool by comparing the original executable with the de-obfuscated executable.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.4
• /
• pp.1025-1036
• /
• 2016

The conversion of the international standard web utilization HTML5 technology is being developed for improvement of the internet environment based on nonstandard technology like ActiveX. Hyper Text Markup Language 5 (HTML5) of basic programming language for creating a web page is designed to consider the security more than HTML4. However, the range of attacks increased and a variety of security threats generated from HTML4 environment inherited by new HTML5 API. In this paper, we focus on the script-based attack such as CSRF (Cross-Site Request Forgery), Cookie Sniffing, and HTML5 API such as CORS (Cross-Origin Resource Sharing), Geolocation API related with the infringement of the personal information. We reproduced the infringement cases actually and embodied a detection module of a Plug-in type diagnosed based on client. The scanner allows it to detect and respond to the vulnerability of HTML5 previously, thereby self-diagnosing the reliability of HTML5-based web applications or web pages. In a case of a new vulnerability, it also easy to enlarge by adding another detection module.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.385-395
• /
• 2018

With the development of Internet, cyber attack has become a major threat. To detect cyber attacks, intrusion detection system(IDS) has been widely deployed. But IDS has a critical weakness which is that it generates a large number of false alarms. One of the promising techniques that reduce the false alarms in real time is machine learning. However, there are problems that must be solved to use machine learning. So, many machine learning approaches have been applied to this field. But so far, researchers have not focused on features. Despite the features of IDS alerts are important for performance of model, the approach to feature is ignored. In this paper, we propose new feature set which can improve the performance of model and can be extracted from a single alarm. New features are motivated from security analyst's know-how. We trained and tested the proposed model applied new feature set with real IDS alerts. Experimental results indicate the proposed model can achieve better accuracy and false positive rate than SVM model with ordinary features.