• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2019.05a
• /
• pp.290-292
• /
• 2019

Since the advent of blockchain and bitcoin, decentralization has been accelerating around the world as a public blockchain ethereum with smartcontract has begun. Developers can use Ethereum's blockchain development platform to develop "distributed applications" (DApp) running on a decentralized P2P network, and various types of devices from IoT to mobile can participate in a block-chain distributed environment have. Using Ethereum's blockchain development platform, developers can develop "Decentralized Application (DApp)" that run on a decentralized P2P network and various types of devices from IOT to mobile can participate in distributed blockchain environments. There are many ways to interact with the blockchain and the smart contract, but users tend to prefer the mobile methods due to their convenience and accessibility advantages. Therefore, the author developed an Android based voting DApp and researched related issues. Since the current development methods of DApp are not adequately researched and standardized, efficient methods for developing user-friendly DApp were studied. Because DApp has to spend a certain amount of fees to interact with blockchain, it has intensively investigated the gas problem of Smart Contract code and the security problem of code, and author would like to introduce it in this paper.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.19 no.2
• /
• pp.229-236
• /
• 2019

IOT middleware is required to play a pivotal role in interpreting, managing, and controlling data information of Internet devices (sensors, etc.). In particular, the root industry has different process flows for different industries, and there are various data processing requirements for each company. Therefore, a general purpose IOT middleware is needed to accommodate this. The IOT middleware structure proposed by this paper is a plug-in that can be used as an engine part for middleware basic processes such as communication, data collection, processing and service linkage, We propose a flexible and effective smart process for root industry. In addition, we propose a method to strengthen prevention and security against tampering, deodorization, etc. through encryption of network data between middleware plug - in and related service layer. We propose a system that will be developed as an IOT middleware platform that is specialized in the root industry so that it can be extended in various network protocols such as MQTT, COAP, XAMP.

• Journal of the Korea Safety Management & Science
• /
• v.22 no.4
• /
• pp.75-86
• /
• 2020

With the advent of the 4.0 era of logistics due to the Fourth Industrial Revolution, infrastructures have been built to receive the same services online and offline. Logistics services affected by logistics 4.0 and IT technology are rapidly changing. Logistics services are developing using technologies such as big data, artificial intelligence, blockchain, Internet of things, and augmented reality. The convergence of logistics services and various IT new technologies is accelerating, and the development of data management solution technology has led to the emergence of electronic cargo waybill to replace paper cargo waybill. The electronic waybill was developed to supplement paper waybill that lack economical and safety. However, the electronic waybill that appeared to complement the paper waybill are also in need of complementation in terms of efficiency and reliability. New research is needed to ensure that electronic cargo waybill gain the trust of users and are actively utilized. To solve this problem, electronic cargo waybill that combine blockchain technology are being developed. This study aims to improve the reliability, operational efficiency and safety of blockchain electronic cargo waybill. The purpose of this study is to analyze the blockchain-based electronic cargo waybill system and to derive evaluation indicators for system supplementation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.1
• /
• pp.141-154
• /
• 2022

In the data economy era, various policies are being implemented to create an active data distribution environment. In South Korea, the formation of a big data distribution platform and data trading began with the launch of the Financial Data Exchange under public data governance. In the case of major advanced countries in the data field, they have built a data distribution environment based on the data broker industry for decades and have strengthened national data competitiveness through added values generated from the industry. However, behind the active data distribution through data brokers, there are numerous information security issues, which have resulted in various privacy issues and national security threats. These problems can occur sufficiently in the process of domestic financial data exchange. In our study, we analyzed various information security issues of data trading caused by data brokers and derived information security requirements to be considered when trading data. We verified whether information security requirements are well reflected in the information security policy for each transaction stage of the domestic financial data exchange. Based on the verification, measurements to strengthen information security for financial data exchange are presented in our paper.

• Journal of Information Technology Services
• /
• v.21 no.3
• /
• pp.27-42
• /
• 2022

Open Data is an essential resource for the data industry. 'Act On Promotion Of The Provision And Use Of Public Data', enacted on July 30, 2013, mandates public institutions to manage the quality of Open Data and provide it to the public. Via such a legislation, the legal basis for the public to Open Data is prepared. Furthermore, public institutions are prohibited from developing and providing open data services that are duplicated or similar to those of the private sector, and private start-ups using open data are supported. However, as the demand for Open Data gradually increases, the cases of refusal to provide or interruption of Open Data held by public institutions are also increasing. Accordingly, the 'Open Data Mediation Committee' is established and operated so that the right to use data can be rescued through a simple dispute mediation procedure rather than complicated administrative litigation. The main issues dealt with in dispute settlement so far are usually the rights of third parties, such as open data including personal information, private information such as trade secrets, and copyrights. Plus, non-open data cannot be provided without the consent of the information subject. Rather than processing non-open data into open data through de-identification processing, positive results can be expected if consent is provided through active rights processing of the personal information subject. Not only can the Public Mydata Service be used by the information subject, but Open Data applicants will also be able to secure higher quality Open Data, which will have a positive impact on fostering the private data industry. This study derives a plan to establish a rights processing platform to enhance the usability of Open Data, including private information such as personal information, trade secrets, and copyright, which have become an issue when providing Open Data since 2014. With that, the proposals in this study are expected to serve as a stepping stone to revitalize private start-ups through the use of wide Open Data and improve public convenience through Public MyData services of information subjects.

• Journal of Platform Technology
• /
• v.11 no.3
• /
• pp.45-55
• /
• 2023

This paper presents a model that supports decision-makers in the Korean film industry to maximize the success of online movies. To achieve this, we collected historical box office movies and clustered them into types to propose a model predicting each type's online box office performance. We considered various features to identify factors contributing to movie success and reduced feature dimensionality for computational efficiency. We systematically classified the movies into types and predicted each type's online box office performance while analyzing the contributing factors. We used automated machine learning (AutoML) techniques to automatically propose and select machine learning algorithms optimized for the problem, allowing for easy experimentation and selection of multiple algorithms. This approach is expected to provide a foundation for informed decision-making and contribute to better performance in the film industry.

• Journal of Platform Technology
• /
• v.11 no.4
• /
• pp.3-12
• /
• 2023

In the post-COVID era, the importance of quarantine measures is greatly emphasized, and accordingly, research related to the detection of mask wearing conditions and prevention of other infectious diseases using deep learning is being conducted. However, research on the detection and tracking of visitors to cultural facilities to prevent the spread of diseases is equally important, so research on this should be conducted. In this paper, a convolutional neural network-based object detection model is trained through transfer learning using a pre-collected dataset. The weights of the trained detection model are then applied to a multi-object tracking model to monitor visitors. The visitor detection model demonstrates results with a precision of 96.3%, recall of 85.2%, and an F1-score of 90.4%. Quantitative results of the tracking model include a MOTA (Multiple Object Tracking Accuracy) of 65.6%, IDF1 (ID F1 Score) of 68.3%, and HOTA (Higher Order Tracking Accuracy) of 57.2%. Furthermore, a qualitative comparison with other multi-object tracking models showcased superior results for the model proposed in this paper. The research of this paper can be applied to the hygiene systems within cultural facilities in the post-COVID era.

• Journal of Platform Technology
• /
• v.11 no.4
• /
• pp.35-49
• /
• 2023

Recently, real-time cyber threats are constantly occurring for various reasons. Most companies have the characteristic of digitizing important internal information and storing it centrally, so it can be said that the impact is very high when an Computer Security Incident occurs. All electronic device information collected and analyzed in the process of responding to an Computer Security Incident has the characteristic of being subject to change at any time. Submission of related evidence is required in future investigations and courts. At this time, the basic principles of digital forensics, such as the principle of integrity and the principle of chain of custody, must be followed to ensure legitimacy and accuracy of the evidence. In this paper, we propose a digital forensic-based Computer Security Incident Inspection and Response procedure in the Windows 10 environment to secure the legitimacy and accuracy of digital evidence collected and analyzed when an intrusion occurs, prevent intrusion in advance, and quickly recognize it.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.1
• /
• pp.45-50
• /
• 2023

Roblox, the world's No. 1 metaverse platform, has more than 3 billion subscription accounts and more than 150 millionmonthly active users (MAU). Despite such high interest in metaverse, existing studies on analyzing the risk of cyberattacks and security in the metaverse environment is insufficient. Therefore, in this paper, we propose a new steganography-basedcovert communication method in Roblox. In our proposed method, a secret message is hidden into an image by using a function provided in the Roblox Experience environment and then the image is automatically stored in the RobloxExperience participants' devices (PC or Smartphone) so that a malicious software can extract the hidden message fromthe image. By our experiments in the Roblox metaverse environment, we validated our proposed method works and thus want to inform our proposed method can be used in various cyberattacks and crimes such as the spread of secret commands, the establishment of a steganography botnet, and the mass distribution of malicious malware in metaverse platforms.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.1
• /
• pp.87-97
• /
• 2023

Containers are an emerging virtualization technology that can build an isolated environment more lightweight and faster than existing virtual machines. For that reason, many organizations have recently adopted them for their services. Yet, the container architecture has also exposed many security problems since all containers share the same OS kernel. In this work, we focus on the fact that an attacker can abuse host resources to make them unavailable to benign containers-also known as host resource exhaustion attacks. Then, we analyze the impact of host resource exhaustion attacks through real attack scenarios exhausting critical host resources, such as CPU, memory, disk space, process ID, and sockets in Docker, the most popular container platform. We propose five attack scenarios performed in several different host environments and container images. The result shows that three of them put other containers in denial of service.