• The Journal of the Korea Contents Association
• /
• v.21 no.6
• /
• pp.51-61
• /
• 2021

In the era of the 4th industrial revolution symbolized by the Internet of Things, big data and artificial intelligence, various embedded devices are increasing exponentially. These devices have communication functions despite their low specifications, so the possibility of personal information leakage is increasing, and security threats are also increasing. Embedded devices can have security issues at most levels, from hardware to services over the network. In addition, it is difficult to apply general security techniques because it has characteristics of resource constraints such as low specifications and low power, and the related technology has not been standardized. In this study, we present vulnerabilities and possible problems and considerations in applying SDN to embedded devices in consideration of structural characteristics and real-world discovered cases. This study presents vulnerabilities and possible problems and considerations when applying SDN to embedded devices. From a hardware perspective, we consider the problems of Wi-Fi chips and Bluetooth, the problems of open flow implementation, SDN controllers, and examples of structural properties. SDN separates the data plane and the control plane, and provides a standardized interface between the two, enabling efficient communication control. It can respond to the security limitations of existing network technologies that are difficult to respond to rapid changes.

• The KIPS Transactions:PartC
• /
• v.9C no.3
• /
• pp.323-330
• /
• 2002

Multicast services are gradually diversified and used widely. Proportionately, they become the center of attackers' attention and there are growing possibilities of an intelligence leak. Therefore, research related to secure multicast should be required to provide multicast service efficiently. This paper presents the architecture for secure multicast which provides efficient group management mechanism in group consists using member's dynamic join and leave. This architecture can provide secure multicast services to many users with regard to security aspects in one-to-many communication. The simulation results show that the proposed architecture achieves an efficient group management and a secure data transmission with low latency compared with the other existing secure multicast architecture.

• Korean Security Journal
• /
• no.61
• /
• pp.87-107
• /
• 2019

With the government policy on converting contract workers to full-time employees, there have been significant changes about the security personnel at the nation's critical facilities, including the National Assembly Building and airports. Moreover, the scheduled disbandment of the conscripted police force in 2023 has raised concerns about security management at different government agencies. To examine the college students' perceptions on the possible alternatives to fill the expected security gap, 234 undergraduate students of security management and protection in the Seoul metropolitan region were surveyed. Particularly, a comparative analysis was conducted on the legal bases and supervision, the employment types and salaries, and the scopes of responsibility and authority of suggested alternatives were compared. The results showed that utilization of private police forces was thought to be the most effective option. Based on the research findings, the university departments should develop and maintain a quality curriculum to educate their students to be prepared security professionals with a focus on emergency response capabilities and martial arts, including the courses on private police law and emergency rescue and cardiopulmonary resuscitation (CPR).

• Convergence Security Journal
• /
• v.23 no.3
• /
• pp.29-36
• /
• 2023

With the recent surge in exposure to fake advertising phishing sites in search engines, the damage caused by poor search quality and personal information leakage is increasing. In particular, the seriousness of the problem is worsening faster as the possibility of automating the creation of advertising phishing sites through tools such as ChatGPT increases. In this paper, the source code of fake advertising phishing sites was statically analyzed to derive structural commonalities, and among them, a detection crawler that filters sites step by step based on foreign domains and redirection was developed to confirm that fake advertising posts were finally detected. In addition, we demonstrate the need for new guide lines by verifying that the redirection page of fake advertising sites is divided into three types and returns different sites according to each situation. Furthermore, we propose new detection guidelines for fake advertising phishing sites that cannot be detected by existing detection methods.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.13 no.6
• /
• pp.173-186
• /
• 2013

New information technologies make it easy to access and acquire information in various ways. However, It also enable powerful and various threat to system security. To challenge these threats, various extended access control methods are being studied. We suggest a new extended access control method that make it possible to conform to security policies enforcement even with discrepancy between policy based constraints rules and query based constraints rules via their semantic relationship. New our approach derives semantic implications using tree hierarchy structure and coordinates the exceed privileges using semantic gap factor calculating the degree of the discrepancy. In addition, we illustrate prototype system architecture and make performance comparison with existing access control methods.

• Convergence Security Journal
• /
• v.19 no.2
• /
• pp.59-72
• /
• 2019

In this day and age physical and cyber boundaries have converged due to the development of new technologies, such as the Internet of Things (IoT) and the Cyber Physical System (CPS). As the relationship between physical system and cyber technology strengthens, more diverse and complex forms of risk emerge. As a result, it is becoming difficult for single organization or government to fully handle this situation alone and cooperation based on information sharing and the strengthening of active defense systems are needed. Shifting to a system in which information suitable for various entities can be shared and automatically responded to is also necessary. Therefore, this study tries to find improvements for the current system of threat information collecting and sharing that can actively and practically maintain cyber defense posture, focusing particularly on the structuring of information sharing platforms. To achieve our objective, we use a risk communication theory from the safety field and propose a new platform by combining an action-oriented security process model.

• Journal of Industrial Convergence
• /
• v.22 no.5
• /
• pp.39-48
• /
• 2024

Due to COVID-19, much research has been conducted on learning loss and educational gaps due to the postponement of the start of school and prolonged online distance learning, and most of the research has focused on the phenomenon of educational gaps. If a pandemic situation like this occurs in the future, fundamental policies are needed to resolve the educational gap. A fundamental solution requires not only an understanding of the educational gap phenomenon, but also the structure behind the phenomenon. Therefore, from a structuralist perspective, this study sought to model the educational gap caused by COVID-19 as a prototype of systems thinking and identify its structure. In addition, we looked at the unintended consequences resulting from policies aimed at resolving existing educational gaps. In order to respond to similar disaster situations in the future, policies for resolving the digital gap, support for basic academic skills, quality improvement for distance learning, and self-directed learning were discussed based on the structure of this study.

• Convergence Security Journal
• /
• v.20 no.4
• /
• pp.143-151
• /
• 2020

The cyber battlefield called the fifth battlefield, is not based on geological information unlike the existing traditional battlefiels in the land, sea, air and space, and has a characteristics that all information has tightly coupled correlation to be anlayized. Because the cyber battlefield has created by the network connection of computers located on the physical battlefield, it is not completely seperated from the geolocational information but it has dependency on network topology and software's vulnerabilities. Therefore, the analysis for cyber battlefield should be provided in a form that can recognize information from multiple domains at a glance, rather than a single geographical or logical aspect. In this paper, we describe a study on the development of the cyber operation COP(Common Operational Picture), which is essential for command and control in the cyber warfare. In particular, we propose an architecure for cyber operation COP to intuitively display information based on visualization techniques applying the multi-layering concept from multiple domains that need to be correlated such as cyber assets, threats, and missions. With this proposed cyber operation COP with multi-layered visualization that helps to describe correlated information among cyber factors, we expect the commanders actually perfcrm cyber command and control in the very complex and unclear cyber battlefield.

• Journal of Convergence for Information Technology
• /
• v.7 no.6
• /
• pp.135-141
• /
• 2017

Recently, as elderly people suffering from chronic diseases have increased and disasters such as traffic accidents have increased, urgent rescue workers and doctors need to respond effectively to such emergencies. For elderly people, the difficulty in communicating their condition especially the health condition during disaster is one of the problems in which delay on immediate handling by rescue team can cause death. Providing a solution for this problem is one of the main issues in our research. In this paper, we use the QR code to communicate the minimum personal information and medical history needed for emergency medical treatment to emergency medical personnel, and to transmit the medical history and treatment data to the doctors of the hospital through QR code and fingerprint recognition, respectively. Especially, by using both QR code of smart phone and fingerprint of individual, we can protects personal information and strengthens privacy and security of medical information by allowing only authorized physicians to check medical records of the old patient.

• Journal of KIISE:Information Networking
• /
• v.30 no.6
• /
• pp.714-719
• /
• 2003

A Mobile IPv6 services exposes its vulnerability when a mobile node is roaming the subnets belonging to the different domains. The AAA infrastructure is strongly recommended when the ISPs need to authenticate the mobile user comes from the different domains. In addition to the basic requirements for the AAA service, the authentication latency and AAA message overhead should be minimized for the continuity of the mobile service. This paper considers the roaming service with AAA infrastructure in Mobile IPv6 and proposes an authentication scheme using delegation to authenticate the mobile node with effective manner. The effectiveness of the proposed scheme is confirmed using the cost analysis. The result shows at least 50% of performance enhancement when the MN is roaming fast under the control of the delegation.