• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.7
• /
• pp.1393-1400
• /
• 2017

As the number of smartphone users increases, vulnerability to privacy protection is increasing. This is because personal information is stored on various servers connected to the Internet and the user is authenticated using the same ID and password. Authentication methods such as OTP, FIDO, and PIN codes have been introduced to solve traditional authentication methods, but their use is limited for authentication that requires sharing with other users. In this paper, we propose the authentication method that is needed for the management of shared information such as hospitals and corporations. The proposed algorithm is an algorithm that can authenticate users in the same place in real time using smart phone IMEI, QR code, BLE, push message. We propose an authentication algorithm that can perform user authentication through mutual cooperation using a smart phone and can cancel realtime authentication. And we designed and implemented a mutual authentication system using proposed algorithm.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.05a
• /
• pp.495-498
• /
• 2005

이 논문에서는 이동통신단말기를 이용한 신용카드 및 온-라인 금융거래에 관한 방법을 제안한다. 제안한 방법은 먼저, 신용카드 회원이 신용카드사 거래승인시스템으로부터 보안코드를 이동통신단말기로 수신 받는 보안코드수신단계, 보안코드를 가맹점의 인증 단말기에 입력하는 단계, 입력된 보안코드의 일치여부를 비교하는 단계 및 최종 승인단계의 과정으로 구성된다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.12
• /
• pp.2670-2678
• /
• 2011

Because of the development of IPTV, user is provided service of multimedia data regardless the location. But the number of users who try to get service of IPTV game illegally is also increasing. In this paper, user authentication protocol in IPTV housing using PIN code not to access easily for teenagers not to access to prohibited games. The proposed protocol combines authority data in IPTV household and creates a disposable password using PIN code to prevent teenagers from accessing illegally to the prohibited games and saves the data in certification server and set-top box to prevent forced accessing.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.11 no.9
• /
• pp.1786-1792
• /
• 2007

In this paper, we proposed a recognition system for resident registration cards using ART-1 and PCA algorithm. To extract registration numbers and issue date, Sobel mask and median filter are applied first and noise removal follows. From the noise-removed image, horizontal smearing is used to extract the regions, which are binarized with recursive binarization algorithm. After that vortical smearing is applied to restore corrupted lesions, which are mainly due to the horizontal smearing. from the restored image, areas of individual codes are extracted using 4-directional edge following algorithm and face area is extracted by the morphologic characteristics of a registration card. Extracted codes are recognized using ART-1 algorithm and PCA algorithm is used to verify the face. When the proposed method was applied to 25 real registration card images, 323 characters from 325 registration numbers and 166 characters from 167 issue date numbers, were correctly recognized. The verification test with 25 forged images showed that the proposed verification algorithm is robust to detect forgery.

• Proceedings of the Korean Information Science Society Conference
• /
• 2005.07a
• /
• pp.223-225
• /
• 2005

기존의 패킷 교환 네트워크는 해킹과 같은 보안 공격에 많은 취약점을 가지고 있다. 침입차단시스템 (Firewall system)과 침입탐지 시스템 (Intrusion Detection system)같은 보안 시스템이 개발되고 있지만 DOS나 Probe등을 비롯한 다양한 공격에 대해 적극적으로 대처 할 수 없다. 결과 DARPA를 비롯한 여러 기관에서 전송중인 액티브 패킷이 라우터에서 관리자의 정책을 담고 있는 코드를 실행할 수 있고 그 코드의 실행결과에 따라 라우터의 상태를 변경할 수 있는 액티브 네트워크 전반적인 구조를 제안하였다. 하지만 액티브 네트워크에서 중요한 것은 기존 네트워크와 달리 액티브 패킷이 액티브 노드의 자원에 접근함으로써 발생하게 되는 네트워크 보안이다. 따라서 액티브 노드의 NodeOs단에 Crypto engine, Integrity Engine, Authentication Engine, Authorization Engine등을 비롯한 액티브 노드 인증 및 액티브 패킷/코드 인증 보안 모듈을 둠으로써 액티브 노드 간 서로 안전한 협업적 관리를 통해 보안을 강화한다.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2012.07a
• /
• pp.379-380
• /
• 2012

수중 음향 센서 네트워크(Underwater Acoustic Sensor Network, UW-ASN) 환경에서 센서노드간 데이터를 안전하게 전송하기 위해 우선적으로 암호화 알고리즘을 사용하지만, 암호화 알고리즘만으로는 충분한 안전성을 제공하지 못한다. 암호화 알고리즘은 기밀성을 제공하지만 무결성은 제공하지 못하기 때문이다. 그렇기 때문에 수중 통신 환경에서도 암호화 기술 이외에, 전송된 데이터가 변경되지 않고 안전하게 전송되었다는 무결성을 보장할 수 있는 암호화 기술이 적용되어야 한다. 이에 본 논문에서는 무결성 보장을 위한 메시지 인증 기술에 대한 연구를 진행하며, 수중 환경에 가장 적합한 메시지 인증코드(MAC)의 도출을 위한 분석 절차를 제안한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.11a
• /
• pp.676-679
• /
• 2013

최근 피싱과 파밍으로 인한 사용자들의 피해가 속출하고 있다. 또, OTP(One Time Password)의 MITM 공격에 대한 취약성이 밝혀지면서 기존의 인증기법을 개선할 필요가 있다. 그러므로 피싱과 파밍 공격을 방지하고 OTP의 취약점을 개선한 인증기법을 제안하는 것은 매우 중요한 문제이다. 본 논문에서는 메신저를 이용한 피싱/파밍 방지기능을 제안한다. 또한 제안하는 기법은 1차로 기존과 같은 ID / PWD 방식 인증과 2차로 모바일 메신저 상에서의 인증시작버튼, 3차로 물리적인 QR코드 인식 후 인증을 하는 3단계 인증을 통해 개선한다. 제안하는 인증기법은 일상생활 속에서 많이 사용하는 메신저와 카메라 기능을 통해 진행되므로 사용자는 추가적인 기능을 배울 필요가 없으며, 친숙하게 사용할 수 있다. 피싱/파밍 공격은 물론 MITM공격에 대한 취약점을 메신저의 특징과 2차, 3차 인증단계를 이용해 막아낼 수 있을 것으로 기대된다.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.11
• /
• pp.125-136
• /
• 2013

In this paper, we proposed SSL VPN-based network access control technology which can verify user authentication and integrity of user terminal. Using this technology, user can carry out a safety test to check security services such as security patch and virus vaccine for user authentication and user terminal, during the VPN-based access to an internal network. Moreover, this system protects a system from external security threats, by detecting malicious codes, based on behavioral patterns from user terminal's window API information, and comparing the similarity of sequential patterns to improve the reliability of detection.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.2B
• /
• pp.162-169
• /
• 2009

Message Authentication Code (MAC) assures integrity of messages. In Mobile WiMAX, 128-bit Cipher-based MAC (CMAC) is calculated for management messages but only the least significant half is actually used truncating the most significant 64 bits. Naming these unused most significant 64bits Shared Authentication Information (SAI), we suggest that SAI can be applied to protect the network from DDoS attack which exploits idle mode vulnerabilities. Since SAI is the unused half of CMAC, it is as secure as 64bits of CMAC and no additional calculations are needed to obtain it. Moreover, SAI doesn't have to be exchanged through air interface and shared only among MS, BS, and ASN Gateway. With these good properties, SAI can efficiently reduce the overheads of BS and ASN GW under the DDoS attack.

• Journal of the Korea Society of Computer and Information
• /
• v.26 no.7
• /
• pp.57-64
• /
• 2021

In this paper, we propose and test the efficacy of an easy-to-use user location certification system for public places that relies on frequencies outside the audible range for humans. The inaudible frequencies come in signal frequency between 18-20 kHz and are generated by general audio speaker. After an individual's smart device detects the signal frequency, it sends the frequency value, user's personal ID, and user's location to a system server that certifies the user's visit location currently. The system server then saves a user visit record and categorizes it by individual. To show the usefulness of this proposed system, we developed a user visit certification application for smart devices linked to a system server. We then conducted a user visit certification experiment using the proposed system, with the result showing 99.6% accuracy. For a comparison, we then held a user visit certification experiment using a QR code, which confirmed that our proposed system performs better than QR code location certification. This proposed system can thus provide restaurants and other facilities reliable user contact tracing and electronic visitor access lists in the age of COVID-19.