• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.2
• /
• pp.75-84
• /
• 2008

Recently, the straightforward CRT-RSA was shown to be broken by fault attacks through many experimental results. In this paper, we analyze the fault attacks against CRT-RSA and their countermeasures, and then propose a new fault infective method resistant to the various fault attacks on CRT-RSA. In our CRT-RSA algorithm, if an error is injected in exponentiation with modulo p or q, then the error is spreaded by fault infective computation in CRT recombination operation. Our countermeasure doesn't have extra error detection procedure based on decision tests and doesn't use public parameter such as e. Also, the computational cost is effective compared to the previous secure countermeasures.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2022.05a
• /
• pp.531-534
• /
• 2022

승차 공유, 카풀, 렌터카의 이용률이 증가하면서 많은 사용자가 동일한 차량에 로컬 액세스 할 수 있는 시나리오가 더욱 보편화됨에 따라 차량 네트워크에 대한 공격 가능성이 커지고 있다. 차량용 CAN Bus Network에 대한 DoS(Denial of Service), Fuzzy Attack 및 Replay Attack과 같은 공격은 일부 ECU(Electronic Controller Unit) 비활성 및 작동 불능 상태를 유발한다. 에어백, 제동 시스템과 같은 필수 시스템이 작동 불가 상태가 되어 운전자에게 치명적인 결과를 초래할 수 있다. 차량 네트워크 침입 탐지를 위하여 많은 연구가 진행되고 있으나, 기존 화이트리스트를 이용한 탐지 방법은 새로운 유형의 공격이 발생하거나 희소성이 높은 공격일 때 탐지하기 어렵다. 본 논문에서는 인공신경망 기반의 CAN 버스 네트워크 침입 탐지 기법을 제안한다. 제안하는 침입 탐지 기법은 2단계로 나누어 진다. 1단계에서 정상 패킷 분포를 학습한 VAE 모형이 이상 탐지를 수행한다. 이상 패킷으로 판정될 경우, 2단계에서 인코더로부터 추출된 잠재변수와 VAE의 재구성 오차를 이용하여 공격 유형을 분류한다. 분류 결과의 신뢰점수(Confidence score)가 임계치보다 낮을 경우 학습하지 않은 공격으로 판단한다. 본 연구 결과물은 정보보호 연구·개발 데이터 첼린지 2019 대회의 차량 이상징후 탐지 트랙에서 제공하는 정상 및 3종의 차량 공격시도 패킷 데이터를 대상으로 성능을 평가하였다. 실험을 통해 자동차 제조사의 규칙이나 정책을 사전에 정의하지 않더라도 낮은 오탐율로 비정상 패킷을 탐지해 낼 수 있음을 확인할 수 있다.

• Journal of Nutrition and Health
• /
• v.42 no.1
• /
• pp.78-96
• /
• 2009

The purpose of this study was to analyze and evaluate the menu served in government offices foodservice by using Kasavana & Smith's Menu-Engineering. Sales and food costs were collected from the daily sales reports for a year from Jan 2 to Dec 31 in 2007. Calculation for menu analysis and customer's data were done by computer using the MS 2003 Excel spreadsheet program and SPSS 12.0 package program. Menu mix% (MM%) and unit contribution margin were used as variables by Kasavana & Smith. Four possible classifications by Menu-Engineering technique were turned out as 'STAR', 'PLOWHORSE', 'PUZZLE', 'DOG'. The main menus served during a year were 128 dishes and about 141 peoples visited this restaurant daily. The mean age of the men was $44.1\;{\pm}\;6.3$, women were $32.7\;{\pm}\;6.4$ and showed that was statistically higher than that of women (p < .0001). The rates of STAR menus were 'Western style (75.0%)', 'guk/tang-ryu (48.1%)', 'jjigae/ jeongol-ryu (23.1%)', 'bap-ryu (17.2%)' in sequence. There were no STAR menus in gui/jorim/jjim-ryu. PLOWHORSE menus were 'gui-ryu (75.0%)', 'guk/tang-ryu (29.6%)', 'bap-ryu (27.6%)' in sequence. There were no PUZZLE or DOG menus in 'jjigae/jeongol-ryu'. PUZZLE menus were 'jorim/jjim-ryu and Myeonryu (each 33.3%)', 'bap-ryu (31.0%)' in sequence. PUZZLE menus were a lots of 'Chinese food (75.0%)' and 'myeonryu (55.6%)'. This study provides the basic data based on regularly menu analysis method applied the scientific menu analysis techniques in government offices food services, I'd like to suggest that the menu management must be done based on the necessity and result of menu analysis according to the seasonal and middle, long-term plans.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 1999.05a
• /
• pp.203-207
• /
• 1999

In this paper we propose the automated generation algorithm of penetration scenario using association mining technique. Until now known intrusion detections are classified into anomaly detection and misuse detection. The former uses statistical method, features selection, neural network method in order to decide intrusion, the latter uses conditional probability, expert system, state transition analysis, pattern matching for deciding intrusion. In proposed many intrusion detection algorithms unknown penetrations are created and updated by security experts. Our algorithm automatically generates penetration scenarios applying association mining technique to state transition technique. Association mining technique discovers efficient and useful unknown information in existing data. In this paper the algorithm we propose can automatically generate penetration scenarios to have been produced by security experts and is easy to cope with intrusions when it is compared to existing intrusion algorithms. Also It has advantage that maintenance cost is not high.

• Convergence Security Journal
• /
• v.12 no.4
• /
• pp.9-15
• /
• 2012

In recently years, repackaged malwares are becoming increased rapidly in Android smartphones. The repackaging is a technique to disassemble an app in a market, modify its source code, and then re-assemble the code, so that it is commonly used to make malwares by inserting malicious code in an app. However, it is impossible to collect all the apps in many android markets including too many apps. To solve the problem, we propose RePAD (RePackaged App Detector) scheme that is composed of a client and a remote server. In the smartphone-side, the client extracts the information of an app with low CPU overhead when a user installs the app. The remote server analyzes the information to decide whether the app is repackaged or not. Thus, the scheme reduces the time and cost to decide whether apps are repackaged. For the experiments, the client and server are implemented as an app on Galaxy TAB and PC respectively. We indicated that seven pairs of apps among ones collected in official and unofficial market are repackaged. Furthermore, RePAD only increases the average of CPU overhead of 1.9% and the maximum memory usage of 3.5 MB in Galaxy TAB.

• Journal of KIISE:Software and Applications
• /
• v.30 no.7_8
• /
• pp.642-648
• /
• 2003

In this paper, we are interested in checking equivalence of FSMs(finite state machines). Two FSMs are equivalent if and only if their responses are always equal with each other with respect to the same external stimuli. Equivalence checking FSMs makes complicated FSM be substituted for simpler one, if they are equivalent. We can also determine the system satisfies the requirements, if they are all written in FSMs. In this paper, we regard equivalence checking problem as model checking one. For doing so, we construct the product model $M ={M_A} {\beta}{M_B} from two FSMs ${M_A} and {M_B}$. And we also get the temporal logic formula ${\Phi}$ from the equivalence checking definition. Then, we can check with model checker whether if satisfies ${\Phi}$, written $M= {.\Phi}$. Two FSMs are equivalent, if $M= {.\Phi}$ Otherwise, it is not equivalent. In that case, model checker generates counterexamples which explain why FSMs are not equivalent. In summary, we solve the equivalence checking problem with model checking techniques. As a result of applying to several examples, we have many satisfiable results.

• Journal of Biomedical Engineering Research
• /
• v.24 no.3
• /
• pp.175-181
• /
• 2003

Studies of muscle fatigue have mostly been checked under isometric exercise. However EMG signals from isotonic exercise generate uncontrollable noise, so there were difficulties in gathering reliable median frequency and muscle fatigue index if frequency analysis was equally applied in isometric exercise. This study tried to compare the differences of muscle fatigue determinant variables in terms of median frequency searching methods of EMG signal, which was estimated in isotonic exercise. To accomplish this, we determined median frequency by using different FFT intervals and overlapping ration of consecutive FFT sections under the same EMG signal, and then searched for a linear regression line, and compared initial median frequency, slope, and muscle fatigue index which were variables under the linear regression line. In result of comparison, initial median frequency was more elevated as FFT exercise interval became larger. The slope of the linear regression line showed distinguishable decreasing tendency as FFT intervals were larger and overlapping sections were smaller. Significant tendency of muscle fatigue index in FFT interval was shown by high muscle fatigue index in specific FFT intervals.

• Journal of the Korean Magnetics Society
• /
• v.23 no.1
• /
• pp.18-25
• /
• 2013

MFL PIG (Magnetic Flux Leakage Pipeline Inspection Gauge) is called the system which detects the defect for underground pipelines by using magnetic flux leakage method in nondestructive testing. This method is very suitable for testing pipelines because pipeline has high magnetic permeability. MFL PIG generates the magnetic fields to the pipe axially oriented, and detect the signal of leakage flux by using hall sensor. However, MFL PIG is hard to detect the axially oriented crack with small size because the magnetic flux leakage is not enough to be occurred. To detect the small size and axially oriented crack, the circumferential MFL (CMFL) PIG is being proposed and it can maximize the leakage flux for the axial crack by performing magnetic fields circumferentially on the pipe. In this paper, CMFL PIG is applied to detect the axially oriented crack with small size and the analysis for the distribution and the amplitude of the leakage flux signal is performed by using three dimensional finite element method. From sensing signals, the method how to determine the shape of axially oriented cracks is proposed and verified with experiment.

• Journal of Ecology and Environment
• /
• v.29 no.6
• /
• pp.503-509
• /
• 2006

To determine the minimum area for conservation of four Halophytic species populations, we evaluate the genetic diversity of four species based on the AFLP method using thirteen primer sets. Four species populations, Phragmites communis Trin, Suaeda japonica Makino, Zoysia sinica Hance, and S. maritima (L.) Dumort, from the southwestern coast of Korea, were selected for this study. The genetic diversity index ($\Psi_{ST}$) of Phragmites communis was 0.3856, Suaeda japonica 0.1445, Suaeda maritima 0.1669, and Zoysia sinica 0.2422. Based on the genetic diversity of population, we could determine the minimum area for conservation of each species as follows. P. communis needs $500{\times}500m^2$, S. japonica, S. maritima, and Z. sinica $100\times100m^2$ for keeping their genetic identity.

• The KIPS Transactions:PartC
• /
• v.9C no.6
• /
• pp.831-840
• /
• 2002

Due to the advance of computer and communication technology, intrusions or crimes using a computer have been increased rapidly while tremendous information has been provided to users conveniently Specially, for the security of a database which stores important information such as the private information of a customer or the secret information of a company, several basic suity methods of a database management system itself or conventional misuse detection methods have been used. However, a problem caused by abusing the authority of an internal user such as the drain of secret information is more serious than the breakdown of a system by an external intruder. Therefore, in order to maintain the sorority of a database effectively, an anomaly defection technique is necessary. This paper proposes a method that generates the normal behavior profile of a user from the database log of the user based on an association mining method. For this purpose, the Information of a database log is structured by a semantically organized pattern tree. Consequently, an online transaction of a user is compared with the profile of the user, so that any anomaly can be effectively detected.