• Proceedings of the Korean Information Science Society Conference
• /
• 2010.06a
• /
• pp.166-170
• /
• 2010

센서네트워크는 유비쿼터스 환경을 실현할 수 있는 기술로서, 최근 무인 경비 시스템이나 에너지 관리, 환경 모니터링, 홈 자동화, 헬스케어 응용 등과 같은 다양한 응용 분야에 활용되고 있다. 하지만 자신의 정보가 무선통신상에 쉽게 노출됨으로써 도청과 전송 메시지에 대한 위변조, 서비스 거부 공격을 받을 위험이 있다. 더욱이 센서네트워크의 자원 제약성(적은 메모리, 컴퓨팅 성능의 제약)과 키분배 관리의 어려움으로 인해 기존의 공개키, 대칭키 기반의 면안프로토콜을 대체할 수 있는 프로토콜이 필요하다. 그러므로 키분배 관리에 장 접을 가지는 Bilinear map 기반 프로토콜은 적합한 대안이다. 하지만 프로토콜에 사용되는 Pairing연산은 높은 컴퓨팅 성능이 요구된다. 따라서 제한된 성능을 가진 센서상의 구현을 위해서는 Computation Cost를 줄이고 연산 수행 속도를 가속화 할 필요성이 있다. 본 논문에서는 프로토콜 구현에 필요한 Pairing의 핵심 연산인 Multiplication을 대표적인 센서노드 프로세서인 MSP430상에서 최적화 구현함으로써 성능을 개선한다.

• Journal of the Korean Vacuum Society
• /
• v.21 no.5
• /
• pp.279-285
• /
• 2012

We report on the measurements of electronic transport properties of CVD graphene placed on a pre-patterned substrate with periodic nano trenches. A strong anisotropy has been observed between the transport parallel and perpendicular to the trenches. Characteristically different weak localization corrections have been also observed when the transport was perpendicular to the trench, which is interpreted as due to a density inhomogeneity generated by the potential modulations.

• Information Systems Review
• /
• v.9 no.3
• /
• pp.83-98
• /
• 2007

This study focused on online game security, which has been considered relatively insignificant when compared to the online game industry's rapid growth. In this study, the state of security incidents in the Korean game industry and security solutions for such cases were examined. At first the security incidents were classified according to the type of game security infringement. Based upon this classification, this study analyzed the causes that give rise to infringement of online game security, and developed technical solutions for such cases. Finally, this study verified whether or not these technical solutions could be applied to online game sites.

• Phonetics and Speech Sciences
• /
• v.6 no.2
• /
• pp.21-28
• /
• 2014

We propose a novel scheme for digital audio authentication of given audio files which are edited by inserting small audio segments from different environmental sources. The purpose of this research is to detect inserted sections from given audio files. We expect that the proposed method will assist human investigators by notifying suspected audio section which considered to be recorded or transmitted on different environments. GMM-UBM and GSV-SVM are applied for modeling the dominant environment of a given audio file. Four kinds of likelihood ratio based scores and SVM score are used to measure the likelihood for a dominant environment model. We also use an ensemble score which is a combination of the aforementioned five kinds of scores. In the experimental results, the proposed method shows the lowest average equal error rate when we use the ensemble score. Even when dominant environments were unknown, the proposed method gives a similar accuracy.

• Journal of IKEEE
• /
• v.19 no.4
• /
• pp.610-616
• /
• 2015

In this paper, an electronic ID system satisfying security requirements of authentication certificate was designed using fingerprint recognition. The proposed electronic ID system generates a digital signature with forgery prevention, confidentiality, content integrity, and personal identification (=non-repudiation) using fingerprint information, and also encrypts, sends, and verify it. The proposed electronic ID system exploits fingerprint instead of user password, so it avoids leakage and hijacking. And it provides same legal force as conventional authentication certificate. The proposed electronic ID consists of 4 modules, i.e. HSM device, verification server, CA server, and RA client. Prototypes of all modules are designed and verified to have correct operation.

• Review of KIISC
• /
• v.27 no.2
• /
• pp.34-40
• /
• 2017

제어시스템(발전시설, 전력시설, 교통시설 등)은 생산성, 가용성, 안전성을 목적으로 다양한 제어기기들로 구성되며, 물리적으로 다양한 위치에 분산되어 운영되고 있다. 그리고 안전성과 가용성을 유지하기 위해 시스템 도입 시 기존 시스템에 영향을 미치지 않는지 검증을 수행 후 시스템을 도입한다. 이러한 이유로 신규 기술의 도입이나, 기기의 변경이 자유롭지 않다. 이와 같은 제어시스템의 특성으로 인해 현재 증가되고 있는 제어시스템 사이버공격에 대한 보안대책 또는 기술들의 적용이 쉽지 않아 사이버공격에 취약한 상황이다. 제어시스템은 상위 시스템의 제어 명령을 통해 하위 제어기기 또는 필드기기를 제어하는 형태로 제어 명령의 무결성 유지가 특히 중요하다. 이는 곧 제어시스템에 환경에 접근한 공격자가 인가되지 않은 장비를 제어시스템에 연결하고, 악성 제어명령을 전송하게 된다면 제어기기는 이를 인지하지 못하고 정지되거나 오작동을 유발 할 수 있다는 것을 의미한다. 본 논문에서는 제어시스템 내 제어명령의 무결성 유지를 위해 임베디드 Add-on 단말을 통해 OTP 값을 생성, 전달, 검증하는 방안을 제안한다. 해당 방안은 상위노드와 하위노드 사이에 Add-on 장치를 두어 상위노드에서 제어명령 발생 시, 제어명령에 OTP값을 통해 캡슐화하고 하위노드로 전달한다. Add-on 장비는 일반 IT시스템과 상이한 제어시스템의 특성에 맞게 고안되었으며 제어시스템 내에 발생되는 제어명령 위변조, 제어명령 재사용 공격 등을 차단 할 수 있다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.10a
• /
• pp.346-349
• /
• 2014

Currently, the growing cyber threat continues, the damage caused by the evolution of malicious code incidents become more bigger. Such advanced attacks as APT using 'zero-day vulnerability' bring easy way to steal sensitive data or personal information. However it has a lot of limitation that the traditional ways of defense like 'access control' with blocking of application ports or signature base detection mechanism. This study is suggesting a way of controlling application activities focusing on keeping integrity of applications, authorization to running programs and changes of files of operating system by hardening of legitimate resources and programs based on 'white-listing' technology which analysis applications' behavior and its usage.

• Convergence Security Journal
• /
• v.18 no.3
• /
• pp.27-35
• /
• 2018

The certificate is electronic information issued by an accredited certification body to certify an individual or to prevent forgery and alteration between communications. Certified certificates are stored in PCs and smart phones in the form of encrypted files and are used to prove individuals when using Internet banking and smart banking services. Among the rapidly growing Android-based malicious applications are malicious apps that leak personal information, especially certificates that exist in the form of files. This paper proposes a method for judging whether malicious codes leak certificates by using DroidBox, an Android-based dynamic analysis tool.

• The Journal of Korean Institute of Information Technology
• /
• v.17 no.10
• /
• pp.101-113
• /
• 2019

Recently, the intelligent video surveillance technology has become able to provide various services such as predictive surveillance that have not been provided previously. Securing the security of the intelligent video surveillance is essential, and malicious manipulation of the original CCTV video data can lead to serious social problems. Therefore, in this paper, we proposed an intelligent video surveillance environment based on blockchain. The proposed scheme guarantees the integrity of the CCTV image data and protects the ROI privacy through the edge blockchain, so there is no privacy exposure of the object. In addition, it is effective because it is possible to increase the transmission efficiency and reduce storage by enabling video deduplication.

• Journal of the Korea Society of Computer and Information
• /
• v.28 no.3
• /
• pp.59-65
• /
• 2023

As research on blockchain applications in various fields is actively increasing, management of private keys that prove users of blockchain has become important. If you lose your private key, you lose all your data. In order to solve this problem, previously, blockchain wallets, private key recovery using partial information, and private key recovery through distributed storage have been proposed. In this paper, we propose a safe private key backup and recovery method using Shamir's Secrete Sharing (SSS) scheme and biometric information, and evaluate its safety. In this paper, we propose a safe private key backup and recovery method using Shamir's Secrete Sharing (SSS) scheme and biometric information, and evaluate its safety against robustness during message exchange, replay attack, man-in-the-middle attack and forgery and tampering attack.