• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.3
• /
• pp.608-613
• /
• 2006

There are many e-showing mall because of revitalization of e-commerce system. It is necessary to recommending system of products that is for saving time and effort of customer. In this paper, we propose the system that is applying classification among data mining techniques to analysis of log data of customer. This log data contains access of user and purchasing of products. The proposed system operates in two phases. The first phase is composed of data filter module and association extraction module among web pages. The second phase is composed of personalization module and rule generation module. Customer can easily know the recommended sites because the proposed system can present rank of the recommended web pages to customer. As a result, the proposed system can efficiently do recommending of products to customer.

• Journal of Communications and Networks
• /
• v.18 no.3
• /
• pp.273-287
• /
• 2016

White-box cryptography presented by Chow et al. is an obfuscation technique for protecting secret keys in software implementations even if an adversary has full access to the implementation of the encryption algorithm and full control over its execution platforms. Despite its practical importance, progress has not been substantial. In fact, it is repeated that as a proposal for a white-box implementation is reported, an attack of lower complexity is soon announced. This is mainly because most cryptanalytic methods target specific implementations, and there is no general attack tool for white-box cryptography. In this paper, we present an analytic toolbox on white-box implementations of the Chow et al.'s style using lookup tables. According to our toolbox, for a substitution-linear transformation cipher on n bits with S-boxes on m bits, the complexity for recovering the $$O\((3n/max(m_Q,m))2^{3max(m_Q,m)}+2min\{(n/m)L^{m+3}2^{2m},\;(n/m)L^32^{3m}+n{\log}L{\cdot}2^{L/2}\}\)$$, where $m_Q$ is the input size of nonlinear encodings,$m_A$ is the minimized block size of linear encodings, and $L=lcm(m_A,m_Q)$. As a result, a white-box implementation in the Chow et al.'s framework has complexity at most $O\(min\{(2^{2m}/m)n^{m+4},\;n{\log}n{\cdot}2^{n/2}\}\)$ which is much less than $2^n$. To overcome this, we introduce an idea that obfuscates two advanced encryption standard (AES)-128 ciphers at once with input/output encoding on 256 bits. To reduce storage, we use a sparse unsplit input encoding. As a result, our white-box AES implementation has up to 110-bit security against our toolbox, close to that of the original cipher. More generally, we may consider a white-box implementation of the t parallel encryption of AES to increase security.

• Vascular Specialist International
• /
• v.34 no.4
• /
• pp.88-93
• /
• 2018

Purpose: This study aimed to compare surgical revisions and balloon angioplasty after surgical thrombectomy on thrombosed dialysis access as a first event. Materials and Methods: Records of patients undergoing creation of arteriovenous grafts (AVGs) at the Gachon University Gil Medical Center between March 2008 and February 2016 were reviewed. Among them, patients who underwent treatment on first-time thrombotic occlusion after AVG creation were identified. Outcomes were primary, primary-assisted, and secondary patency. The patency was generated using the Kaplan-Meier method, and patency rates were compared by log-rank test. Results: A total of 59 de novo interventions (n=26, hybrid interventions; n=33, surgical revisions) for occlusive AVGs were identified. The estimated 1-year primary patency rates were 47% and 30% in the surgery and hybrid groups, respectively. The estimated primary patency rates were not different between the two groups (log-rank test, P=0.73). The Kaplan-Meier estimates of 6 and 12 months for primary-assisted patency rates were 68% and 57% in the surgery group and 56% and 56% in the hybrid group. The Kaplan-Meier estimates of 12 and 24 months secondary patency rates were 90% and 71% in the surgery group and 79% and 62% in the hybrid group. There were no differences in the estimated primary-assisted and secondary patency rates between the two groups. Conclusion: Our results showed no significant difference between the two groups in terms of primary patency (P=0.73), primary-assisted patency (P=0.85), and secondary patency (P=0.78). However, percutaneous transluminal angioplasty can give more therapeutic options for both surgeons and patients.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.4
• /
• pp.97-110
• /
• 2004

As modem web services become enormously complex, web attacks has become frequent and serious. Existing security solutions such as firewalls or signature-based intrusion detection systems are generally inadequate in securing web services, and analysis of raw web log data is simply impractical for most organizations. Visual display of "interpreted" web logs, with emphasis on anomalous web requests, is essential for an organization to efficiently track web usage patterns and detect possible web attacks. In this paper, we discuss various issues related to effective real-time visualization of web usage patterns and anomalies. We implemented a software tool named SAD (session anomaly detection) Viewer to satisfy such need and conducted an empirical study in which anomalous web traffics such as Misuse attacks, DoS attacks, Code-Red worms and Whisker scans were injected. Our study confirms that SAD Viewer is useful in assisting web security engineers to monitor web usage patterns in general and anomalous web sessions in particular.articular.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.5
• /
• pp.47-57
• /
• 2006

Mobile Ad-hoc networks have various implementation constraints such as infrastructure-free, no trusted authority, node mobility, and the limited power and small memory of mobile device. And just like wired networks, various security issues such as authentication, confidentiality, integrity, non-repudiation, access control, availability and so on have been arisen in mobile Ad-hoc networks. But we focus on authentication of these security issues because it is quitely affected by the characteristics of networks. In this paper, we propose the authentication protocol that can limit the size of certificate repository as $log_2N$ and assures to make a trusted certificate path from one node to another, adopting the concept of Hamming distance. Particularly, our protocol can construct a trusted certificate path in spite of decreasing or increasing the number of nodes in mobile Ad-hoc network.

• Journal of Convergence for Information Technology
• /
• v.11 no.2
• /
• pp.1-9
• /
• 2021

OASIS(Online Archiving & Searching Internet Sources) is a web archiving project of the National Library of Korea started in 2004 to systematically collect, manage, and preserve online digital information resources. In this study, the following problems were derived by analyzing the access log of the OASIS website and conducting a user survey. First, people's awareness of the OASIS project was very low, and there were many first-time visitors to the website. Second, active promotion and service reorganization to improve the use of OASIS was insufficient. The study suggested that the improvement point of this was to strengthen its own direct promotion and indirect promotion in connection with other agencies. In addition, it was proposed to enhance the service through user-customized services and to reinforce content that induces interest and fun.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.11
• /
• pp.19-27
• /
• 2022

In this study, we propose a language and platform to describe and manage the MLOps(Machine Learning Operations) workflow for time series data anomaly detection. Time series data is collected in many fields, such as IoT sensors, system performance indicators, and user access. In addition, it is used in many applications such as system monitoring and anomaly detection. In order to perform prediction and anomaly detection of time series data, the MLOps platform that can quickly and flexibly apply the analyzed model to the production environment is required. Thus, we developed Python-based AI/ML Modeling Language (AMML) to easily configure and execute MLOps workflows. Python is widely used in data analysis. The proposed MLOps platform can extract and preprocess time series data from various data sources (R-DB, NoSql DB, Log File, etc.) using AMML and predict it through a deep learning model. To verify the applicability of AMML, the workflow for generating a transformer oil temperature prediction deep learning model was configured with AMML and it was confirmed that the training was performed normally.

• International journal of advanced smart convergence
• /
• v.11 no.1
• /
• pp.11-18
• /
• 2022

Securities and investment services have and use large data. Investors started to invest through their own analysis methods. There are 22 major securities and investment companies in Korea and only 6 companies support open API. Python is effective for requesting and receiving, analyzing text data from open API. Daishin Securities Co. is the only open API that officially supports Python, and eBest Investment & Securities Co. unofficially supports Python. There are two important differences between CYBOS plus of Daishin Securities Co. and xingAPI of eBest Investment & Securities Co. First, we must log in to CYBOS plus to access the server of Daishin Securities Co. And the python program does not require a logon. However, to receive data using xingAPI, users log on in an individual Python program. Second, CYBOS plus receives data in a Request/Reply method, and zingAPI receives data through events. It can be thought that these points will show a difference in response time. Response time is important to users who use open APIs. Data were measured from August 5, 2021, to February 3, 2022. For each measurement, 15 repeated measurements were taken to obtain 420 measurements. To increase the accuracy of the study, both APIs were measured alternately under same conditions. A paired t-test was performed to test the hypothesis that the null hypothesis is there was no difference in means. The p-value is 0.2961, we do not reject null hypothesis. Therefore, we can see that there is no significant difference between means. From the boxplot, we can see that the distribution of the response time of eBest is more spread out than that of Cybos, and the position of the center is slightly lower. CYBOS plus has no restrictions on Python programming, but xingAPI has some limits because it indirectly supports Python programming. For example, there is a limit to receiving more than one current price.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.1
• /
• pp.229-235
• /
• 2015

ICT healing platform is based on bio-signal and life habit information target to alarm early sickness concept prevention chronic pain. ICT(Information & Communication Technology) healing platform target on personal lead health management care of several health agencies and open of the (hospital, fitness center, health examination center, personal health device) personal health information together to personal device. Support Analysis Platform and Open API to vitalization optional services. In this paper proposal to access personality healing data Open Gateway Framework of Healing Platform Adaptor (HPAdaptor) ICT healing platform means Data relaying link to EMR(Electronic health record), korean medicine, life log, wellness, chronic pain, and fineness several personal health data provider and service provider personal healing data with software engine. After Design HPAdaptor can use for data and service provider record storage, mobile platform and analytics platform need data service or platform relying reference model.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.3 no.5
• /
• pp.548-574
• /
• 2009

Personal information (hereinafter referred to as "PI") infringement has recently emerged as a serious social problem in Korea. PI infringement in the public and private sector is common. There were 182,666 cases of PI in 2,624 public organizations during the last three years. Online infringement cases have increased. PI leakage causes moral and economic damage and is an impediment to public confidence in public organizations seeking to manage e-government and maintain open and aboveboard administration. Thus, it is an important matter. Most cases of PI leakage result from unsatisfactory management of security, errors in home page design and insufficient system protection management. Protection management, such as encryption or management of access logs should be reinforced urgently. However, it is difficult to comprehend the scope of practical technology management satisfied legislation and regulations. Substantial protective countermeasures, such as access control, certification, log management and encryption need to be established. It is hard to deal with the massive leakage of PI and its security management. Therefore, in this study, we analyzed the conditions for the technical protection measures during the processing phase of PI. In addition, we classified the standard control items of protective measures suited to public circumstances. Therefore, this study provides a standard and checklist by which staff in public organizations can protect PI via technical management activities appropriate to laws and ordinances. In addition, this can lead to more detailed and clearer instructions on how to carry out technical protection measures and to evaluate the current status.