• Journal of KIISE:Computer Systems and Theory
• /
• v.34 no.11
• /
• pp.581-588
• /
• 2007

In Digital Right Management, symmetric cipher is used for content encryption to reduce encryption cost, AES, advanced encryption standard is usually used to multimedia encryption under desktop environment because of its reasonable security level and computation cost. But mobile handheld device often uses slow speed processor and operates under battery-powered environment. Therefore it requires low computation cost and low energy consumption. This paper proposes new stream cipher scheme which combines pseudo random number generator(PRNG) and dynamically generated permutations. Proposed scheme activates PRNG and generates original key streams. Then it generates extended key streams by applying permutation to original sequence. These extended key streams are XORed with plaintext and generate ciphertext. Proposed scheme reduces the usage of PRNG. Therefore this scheme is fast and consumes less energy in comparison with normal stream cipher. Especially, this scheme shows great speed up (almost 2 times) than normal stream cipher scheme in random access.

• Journal of KIISE:Computing Practices and Letters
• /
• v.9 no.4
• /
• pp.470-485
• /
• 2003

The steganography is one of methods that users can hide data. Some steganography softwares use audio data among multimedia data. However, these commercialized audio steganography softwares have disadvantages that the existence of hidden messages can or easily recognized visually and only certain-sized data can be hidden. To solve these problems, this study suggested, designed and implemented Dynamic Message Embedding (DME) algorithm. Also, to improve the security level of the secret message, the file encryption algorithm has been applied. Through these, StegoWaveK system that performs audio steganography was designed and implemented. Then, the suggested system and the commercialized audio steganography system were compared and analyzed on criteria of the Human Visilable System (HVS), Human Auditory System (HAS), Statistical Analysis (SA), and Audio Measurement (AM).

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.7C
• /
• pp.985-996
• /
• 2004

In order to solve the increasing security problems, IDSs(Intrusion Detection System) have appeared. However, local IDSs have a limit to detect various intrusions in a large-scale network environment. So there are a lot of researches in progress which organize the elements of IDS in a distributed or hierarchical manner. In this paper, we design a integrated IDS which exchanges messages between them through the standardized message format (IDMEF) and communication protocol (IDXP). We also propose a policy profile for an effective control of IDSs, and employ the PKI mechanism for mutual authentication. We implement a prototype system for the proposed IDSs communicating with Snort and analyze its performance.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.14 no.7
• /
• pp.821-829
• /
• 2004

A face recognition has been used for verifying and authorizing valid users, but its applications have been restricted according to lighting conditions. In order to minimizing the restricted conditions, this paper proposes a new algorithm of detecting the face from the input image obtained under the irregular lighting condition. First, the proposed algorithm extracts an edge difference image from the input image where a skin color and a face contour are disappeared due to the background color or the lighting direction. In the next step, it extracts a face region using the histogram of the edge difference image and the intensity information. Using the intensity information, the face region is divided into the horizontal regions with feasible facial features. The each of horizontal regions is classified as three groups with the facial features(including eye, nose, and mouth) and the facial features are extracted using empirical properties of the facial features. Only when the facial features satisfy their topological rules, the face region is considered as a face. It has been proved by the experiments that the proposed algorithm can detect faces even when the large portion of face contour is lost due to the inadequate lighting condition or the image background color is similar to the skin color.

• Journal of the Korea Convergence Society
• /
• v.9 no.9
• /
• pp.15-22
• /
• 2018

As smart devices become popular, users can use authentication services in various methods. Authentication services include authentication using an ID and a password, authentication using a sms, and authentication using an OTP(One Time Password). This paper proposed an authentication system that solves the security problem of knowledge-based authentication using optical character recognition and can easily and quickly authenticate users. The proposed authentication system extracts a character from an uploaded image by a user and authenticates the user using the extracted character information. The proposed authentication system has the advantage of not using a password or an OTP that are easily exposed or lost, and can not be authenticated without using accurate photographs. The proposed authentication system is platform independent and can be used for user authentication, file encryption and decryption.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.8
• /
• pp.1818-1824
• /
• 2015

Cloud computing draws attention as an application to provide dynamically scalable infrastructure for application, data and file storage. An untrusted remote server can cause a variety of problems in the field of data protection. It may process intentionally or involuntarily user's data operations(modify, insert, delete) without user's permission. It may provide false information in order to hide his mistakes in the auditing process. Therefore, it is necessary to audit the integrity of data stored in the cloud server. In this paper, we propose a new data auditing system that can verify whether servers had a malicious behavior or not. Performance and security analysis have proven that our scheme is suitable for cloud computing environments in terms of performance and security aspects.

• The KIPS Transactions:PartC
• /
• v.11C no.1
• /
• pp.39-46
• /
• 2004

It has been happening to transfer not only the general information but also the valuable information through the universal Internet. So security accidents as the expose of secret data and document increase. But we don't have stable structure for transmitting important data. Accordingly, in this paper we intend to use network based Intrusion Detection System modules and detect the extrusion of important data through the network, and propose and design the method for investigating concealment data to protect important data and investigate the secret document against the terrorism. We analyze the method for investigating concealment data, especially we use existing steganalysis techniques, so we propose and design the module emphasizing on the method for investigating stego-data in E-mail of attach files or Web-data of JPG, WAVE etc. Besides, we analyze the outcome through the experiment of the proposed stego-data detection system.

• Journal of the Korean Society for information Management
• /
• v.20 no.1
• /
• pp.301-320
• /
• 2003

The rapidly increasing use of the Internet and advancement of the communication network, the explosive growth of digital contents from personal home pages to professional information service the emerging file exchange service and the development of hacking techniques . these are some of the trends contributing to the spread of illegal reproduction and distribution of digital contents, thus threatening the exclusive copyrights of the creative works that should be legally protected Accordingly, there is urgent need for a digital copyright management system designed to provide centralized management while playing the role of bridge between the copyright owners and users for smooth trading of the rights to digital contents, reliable billing, security measures, and monitoring of illegal use. Therefore, in this study, I examined the requirements of laws and systems for the introduction of the centralized management system to support smooth distribution of digital contents, and also researched on the current status of domestic and international centralized management system for copyrights. Furthermore, 1 tried to provide basic materials for the standardization of digital contents copyright management information through the examination of the essential elements of the centralized digital contents management such as the system for unique identification the standardization for data elements, and the digital rights management (DHM) .

• The KIPS Transactions:PartC
• /
• v.13C no.1 s.104
• /
• pp.19-26
• /
• 2006

Recently, web server hacking is trending toward web application hacking which uses comparatively vulnerable web applications based on open sources. And, it is possible to hack databases using web interfaces because web servers are usually connected databases. Web application attacks use vulnerabilities not in web server itself, but in web application structure, logical error and code error. It is difficult to defend web applications from various attacks by only using pattern matching detection method and code modification. In this paper, we propose a method to secure the web applications based on profiling which can detect and filter out abnormal web application requests.

• Journal of Digital Convergence
• /
• v.12 no.10
• /
• pp.253-258
• /
• 2014

Recently, the development of cloud computing technology is developed as soon as smartphones is increases, and increased that users want to receive big data service. Hadoop framework of the big data service is provided to hadoop file system and hadoop mapreduce supported by data-intensive distributed applications. But, smpartphone service using hadoop system is a very vulnerable state to data authentication. In this paper, we propose a initial authentication protocol of hadoop system assisted by smartphone service. Proposed protocol is combine symmetric key cryptography techniques with ECC algorithm in order to support the secure multiple data processing systems. In particular, the proposed protocol to access the system by the user Hadoop when processing data, the initial authentication key and the symmetric key instead of the elliptic curve by using the public key-based security is improved.