• Journal of Platform Technology
• /
• v.11 no.4
• /
• pp.35-49
• /
• 2023

Recently, real-time cyber threats are constantly occurring for various reasons. Most companies have the characteristic of digitizing important internal information and storing it centrally, so it can be said that the impact is very high when an Computer Security Incident occurs. All electronic device information collected and analyzed in the process of responding to an Computer Security Incident has the characteristic of being subject to change at any time. Submission of related evidence is required in future investigations and courts. At this time, the basic principles of digital forensics, such as the principle of integrity and the principle of chain of custody, must be followed to ensure legitimacy and accuracy of the evidence. In this paper, we propose a digital forensic-based Computer Security Incident Inspection and Response procedure in the Windows 10 environment to secure the legitimacy and accuracy of digital evidence collected and analyzed when an intrusion occurs, prevent intrusion in advance, and quickly recognize it.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.1
• /
• pp.45-50
• /
• 2023

Roblox, the world's No. 1 metaverse platform, has more than 3 billion subscription accounts and more than 150 millionmonthly active users (MAU). Despite such high interest in metaverse, existing studies on analyzing the risk of cyberattacks and security in the metaverse environment is insufficient. Therefore, in this paper, we propose a new steganography-basedcovert communication method in Roblox. In our proposed method, a secret message is hidden into an image by using a function provided in the Roblox Experience environment and then the image is automatically stored in the RobloxExperience participants' devices (PC or Smartphone) so that a malicious software can extract the hidden message fromthe image. By our experiments in the Roblox metaverse environment, we validated our proposed method works and thus want to inform our proposed method can be used in various cyberattacks and crimes such as the spread of secret commands, the establishment of a steganography botnet, and the mass distribution of malicious malware in metaverse platforms.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.1
• /
• pp.87-97
• /
• 2023

Containers are an emerging virtualization technology that can build an isolated environment more lightweight and faster than existing virtual machines. For that reason, many organizations have recently adopted them for their services. Yet, the container architecture has also exposed many security problems since all containers share the same OS kernel. In this work, we focus on the fact that an attacker can abuse host resources to make them unavailable to benign containers-also known as host resource exhaustion attacks. Then, we analyze the impact of host resource exhaustion attacks through real attack scenarios exhausting critical host resources, such as CPU, memory, disk space, process ID, and sockets in Docker, the most popular container platform. We propose five attack scenarios performed in several different host environments and container images. The result shows that three of them put other containers in denial of service.

• The Journal of the Convergence on Culture Technology
• /
• v.9 no.3
• /
• pp.159-166
• /
• 2023

Humanities are as crucial as the technology itself in the intelligent information society. Human-centered convergence information technology (IT), which reflects emotional and human nature, can be considered a unique technology with an optimistic outlook in the unpredictable future. Based on this research background, this paper proposed an education model that can improve the IT humanities capabilities of various learners, including elementary and secondary students, prospective teachers, incumbent teachers, school managers, and the general public, through analysis of previous studies on convergence education models. Furthermore, the practical aspects of the proposed model were closely examined so that the proposed education model could be stably incorporated and utilized in the educational field. There are seven strategies for implementing the education model proposed in this paper, including research on textbooks, teaching and learning materials, activation of research results, maker space creation, global joint research, online education operation, developing living lab governance, and diversification of self-sustaining platforms for sustainable and practical education. In the future, validity verification through expert Delphi is required as a follow-up study.

• KIPS Transactions on Computer and Communication Systems
• /
• v.12 no.5
• /
• pp.165-170
• /
• 2023

With the recent rise of blockchain technology, cryptocurrency platforms using it are increasing, and currency transactions are being actively conducted. However, crimes that abuse the characteristics of cryptocurrency are also increasing, which is a problem. In particular, phishing scams account for more than a majority of Ethereum cybercrime and are considered a major security threat. Therefore, effective phishing scams detection methods are urgently needed. However, it is difficult to provide sufficient data for supervised learning due to the problem of data imbalance caused by the lack of phishing addresses labeled in the Ethereum participating account address. To address this, this paper proposes a phishing scams detection method that uses both Trans2vec, an effective graph embedding techique considering Ethereum transaction networks, and semi-supervised learning model Tri-training to make the most of not only labeled data but also unlabeled data.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.1
• /
• pp.187-196
• /
• 2016

Android applications are inherently vulnerable to a repackaging attack such that malicious codes are easily inserted into an application and then resigned by the attacker. These days, it occurs often that such private or individual information is leaked. In principle, all Android applications are composed of user defined methods and APIs. As well as accessing to resources on platform, APIs play a role as a practical functional feature, and user defined methods play a role as a feature by using APIs. In this paper we propose a scheme to analyze sensitive APIs mostly used in malicious applications in terms of how malicious applications operate and which API they use. Based on the characteristics of target APIs, we accumulate the knowledge on such APIs using a machine learning scheme based on Naive Bayes algorithm. Resulting from the learned results, we are able to provide fine-grained numeric score on the degree of vulnerabilities of mobile applications. In doing so, we expect the proposed scheme will help mobile application developers identify the security level of applications in advance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.4
• /
• pp.705-717
• /
• 2020

Cities in the world are rushing to develop smart cities to create a sustainable and happy city by solving many problems in cities using information and communication technologies such as big data and IoT. However, in Korea's smart cities and smart city certification systems, the focus is on platform-oriented hardware infrastructure, and the information security aspect is first considered to build and authenticate. It is a situation in which a response system for the risk of leakage of big data containing personal information is needed through policy research on the aspect of personal information protection for smart city operation. This paper analyzes the types of personal information in smart cities, problems associated with the construction and operation of smart cities, and the limitations of the current smart city law and personal information protection management system. As a solution, I would like to present a model of a personal information protection management system in the smart city field and propose a plan to strengthen personal information protection through this. Since the management system model of this paper is applied and operated in the national smart city pilot cities, demonstration cities, and CCTV integrated control centers, it is expected that citizens' personal information can be safely managed.

• The Journal of the Korea Contents Association
• /
• v.9 no.8
• /
• pp.64-72
• /
• 2009

AMR(Automatic Meter Reading), which means that it reads the meter of electricity, gas, or water, etc at a remote place automatically through wired or wireless communication, has been studied in terms of Power Line Communication method and Local Area Wireless Communication method, etc. In this paper, we designed and implemented JCA(Java Card for AMR) capable of AMR, which is based on java Card technology indispensable to the ubiquitous world. In this paper, JCA follows standard transactional procedures offered by power supply company and manages power usage log and billing data, and is designed in order to satisfy EMV multi-functional specifications. Because JCA is a multi-functional smart card capable of post-issuance applets as an open platform, it is installed into other applications of affiliated concerns as well as credit card and traffic card applications. Not only the proposed JCA is a low cost system, compared to other AMR systems, but is capable of paying rates in advance or later by applying authentication and security function of java Card. In addition the proposed JCA system can create value added services such as affiliated services with corporate alliance.

• Journal of Digital Contents Society
• /
• v.9 no.4
• /
• pp.607-616
• /
• 2008

By the advancement of computer & network technology, the paridigm of 'Network Computer' has been realizing`. In what is called network computer, computer system and computing resource is incomparably seem to be expanded compared with conventional network technology[1]. Network connected computer system consitute a massive virtual computer, it is possible for people to use an enourmous amout of computing resource distributed widely through the network. It is also possible that we make client lightweight by the use of computer system & all shared computing resources on the network in our computer processing and we call this type of client system as thin-client. Thin-client and network computer are on and the same network paradigm in that both paradigm featuring the active use of computer system and resource on the network[2]. In network computer paragem, network itself is regarded as a basic platform for the transfer of application, so it is possible that client access remote serve system to run remote applications through the network[3]. In this paper, we propose the system architecture for the implementation of network computer by the use of Web browser, X window system and Pyjamas. By the use of network computer proposed in this paper, it is possible for people to run application on the server system as if he run local application, and it is expected to improve the security and maintenance efficiency.

• Journal of Digital Convergence
• /
• v.11 no.3
• /
• pp.415-426
• /
• 2013

Smart work has recently introduced as a way to solve problems such as greenhouse gas emissions, low birth rate and aging as well as to improve productivity. Because of development of ICT infrastructure and the proliferation of smart devices, the mobile office has the most commonly used within types of smart work in Korea. But the adoption of the mobile office in small businesses is only half of that of large corporations. The security issue appears to be one of the biggest obstacles to the introduction of smart work in small businesses. Therefore, the purpose of this study is to analyze the information security factors that should be considered when the mobile office is introduced to small businesses. By analyzing the previous studies, the information security factors of the mobile office are classified 5 groups composed of 24 factors. 5 groups are terminals, applications and platforms, networks, servers and users. According to the survey result using AHP, 'User' was drawn to the most important group, and 'Data Encryption', 'Wireless LAN Control' and 'Terminal Recovery When Leaving' were drawn to the important information security factors of the mobile office among 24 factors.