• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.12C
• /
• pp.995-1003
• /
• 2010

The content-based hashing for authentication and copy protection of image, video and 3D model has to satisfy the robustness and the security. For the security analysis of the hash value, the modelling method based on differential entropy had been presented. But this modelling can be only applied to the image hashing. This paper presents the modelling for the security analysis of the hash feature value in 3D model hashing based on differential entropy. The proposed security analysis modeling design the feature extracting methods of two types and then analyze the security of two feature values by using differential entropy modelling. In our experiment, we evaluated the security of feature extracting methods of two types and discussed about the trade-off relation of the security and the robustness of hash value.

• Journal of the Korean Operations Research and Management Science Society
• /
• v.32 no.2
• /
• pp.149-162
• /
• 2007

In the era of the internet and ubiquitous computing, IS users are still facing a variety of threats. Therefore, a need of more tightened information security service increases unprecedentedly. In this sense, this study is aimed at proposing a new research model in which IT assets (i.e., network, system, and information influence) Security and Information Security Service (i.e., confidentiality, integrity, nonrepudiation, authentication) affect information security quality positively, leading to users' satisfaction eventually. To prove the validity of the proposed research model, PLS analysis is applied with valid 177 questionnaires. Results reveal that both IT assets Security and Information Security Service influence informations security qualify positively, and user satisfaction as well. From the results, it can be concluded that Korean government's recent orchestrated efforts to boost the IT assets Security and Information Security Service helped great improve the information security quality and user satisfaction.

• The Transactions of the Korea Information Processing Society
• /
• v.7 no.4
• /
• pp.1184-1192
• /
• 2000

Multicast has communication mechanism that is able to transfer voice, video for only the specific user group. As compared to unicast, multicast is more susceptive to attack such as masquerading, malicious replay, denial of service, repudiation and traffic observation, because of the multicast has much more communication links than unicast communication. Multicast-specific security threats can affect not only a group's receivers, but a potentially large proportion of the internet. In this paper, we proposed the multicast security model that is able to secure multi-group communication in CBT(Core Based Tree), which is multicast routing. And designed the multicast key distribution protocol that can offer authentication, user privacy using core (be does as Authentication Server) in the proposed model.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.14 no.3
• /
• pp.1428-1438
• /
• 2013

Services take place in Internet environment, a formation of the trust relationship between user and service provider for services. Different authentication schemes such as using Certificate of Public Key Infrastructure authentication and using ID/PW for a simple user authentication have been proposed for trust relationship. In addition, in the case of electronic financial transactions, transaction integrity and non-repudiation features are provided. These services are provided in Internet environment, use various measures to ensure service safety. However, it was difficult to prevent attacks using existing security technology because of emergence of MITB attack that manipulate the memory area of the Web browser and social engineering attacks such as phishing/pharming, requires application of new security technologies became. In this paper, we propose a concept of smart secure-pad, and utilize it safely formed a trust relationship between user and service provider, a model has been proposed to ensure safety of data transmission. Proposed model's security evaluation results show security against to MITB attack and phishing/pharming that can't be prevent attack using existing security technology. In addition, service provider can easily apply the model in safe environment can provide Internet service using provided representative services applying the proposed model.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.7
• /
• pp.3386-3411
• /
• 2019

Secured and reliable routing is a crucial factor for improving the performance of Wireless Mesh Networks (WMN) since these networks are susceptible to many types of attacks. The existing assumption about the internal nodes in wireless mesh networks is that they cooperate well during the forwarding of packets all the time. However, it is not always true due to the presence of malicious and mistrustful nodes. Hence, it is essential to establish a secure, reliable and stable route between a source node and a destination node in WMN. In this paper, a trust based secure routing algorithm is proposed for enhancing security and reliability of WMN, which contains cross layer and subject logic based reliable reputation scheme with security tag model for providing effective secured routing. This model uses only the trusted nodes with the forwarding reliability of data transmission and it isolates the malicious nodes from the providing path. Moreover, every node in this model is assigned with a security tag that is used for efficient authentication. Thus, by combining authentication, trust and subject logic, the proposed approach is capable of choosing the trusted nodes effectively to participate in forwarding the packets of trustful peer nodes successfully. The simulation results obtained from this work show that the proposed routing protocol provides optimal network performance in terms of security and packet delivery ratio.

• Journal of Multimedia Information System
• /
• v.8 no.4
• /
• pp.259-266
• /
• 2021

Security vulnerabilities have been reported in major design software systems such as Adobe Photoshop and Illustrator, which are recognized as de facto standard design tools in most of the design industries. Companies need to evaluate and manage their risk levels posed by those vulnerabilities, so that they could mitigate the potential security bridges in advance. In general, security vulnerabilities are discovered throughout their life cycles repeatedly if software systems are continually used. Hence, in this study, we empirically analyze risk levels for the three major graphical design software systems, namely Photoshop, Illustrator and GIMP with respect to a software vulnerability discovery model. The analysis reveals that the Alhazmi-Malaiya Logistic model tends to describe the vulnerability discovery patterns significantly. This indicates that the vulnerability discovery model makes it possible to predict vulnerability discovery in advance for the software systems. Also, we found that none of the examined vulnerabilities requires even a single authentication step for successful attacks, which suggests that adding an authentication process in software systems dramatically reduce the probability of exploitations. The analysis also discloses that, for all the three software systems, the predictions with evenly distributed and daily based datasets perform better than the estimations with the datasets of vulnerability reporting dates only. The observed outcome from the analysis allows software development managers to prepare proactively for a hostile environment by deploying necessary resources before the expected time of vulnerability discovery. In addition, it can periodically remind designers who use the software systems to be aware of security risk, related to their digital work environments.

• Journal of KIISE:Information Networking
• /
• v.31 no.6
• /
• pp.566-572
• /
• 2004

In this paper, we define the secure authentication model to provide a mobile node with global roaming service and integrate the Fast Handoff scheme with our approach to minimize the service latency. By starting the AAA(Authentication, Authorization and Account) procedure with Fast Handoff simultaneously when a roaming occurs, authentication latency is reduced significantly and provision of fast and seamless service is possible. The previous works such as IPsec(Internet Protocol Security), RR (Return Routability) and AAA define the procedures performed after the completion of Layer2 Handoff which leads us to study a way of providing the real time and QoS guaranteed service during this period. The proposed scheme is for this goal and when appling it to roaming environment it shows the cost reduction up to 55% and 17% for the case of the MN receiving the FBACK and not respectively before L2 Handoff occurs.

• Journal of KIISE:Computer Systems and Theory
• /
• v.29 no.11
• /
• pp.622-633
• /
• 2002

Authentication and Key Agreement using password provide convenience and amenity, but what human can remember has extremely low entropy. To overcome its defects, AMP(Authentiration and key agreement via Memorable Password) which performs authentication and key agreement securely via low entropy password are presented. AMP uses Diffie-Hellman problem that depends on discrete logarithm problem. Otherwise, this thesis applies elliptic curve cryptosystem to AMP for further efficiency That is, this thesis presents EC-AMP(Elliptic Curve-AMP) protocol based on elliptic curve discrete logarithm problem instead of discrete logarithm problem, and shows its high performance through the implementation. EC-AMP secures against various attacks in the random oracle model just as AMP Thus, we nay supply EC-AMP to the network environment that requires authentication and key agreement to get both convenience and security from elliptic curve discrete logarithm problem.

• Journal of the Institute of Convergence Signal Processing
• /
• v.15 no.2
• /
• pp.30-36
• /
• 2014

Quality and resolution of camera in mobile device is improved significantly. In this paper, we propose block-based information hide techniques without image distortion for mobile device to solve image degradation in conventional watermarking methods. Information of image is composed with text such as camera maker, model, date, time, etc. Each text is converted to $8{\times}8$ pixel blocks and is added to the bottom of image. Generally image including block based information for image authentication are compressed using JPEG in mobile device. The vertical line value in JPEG header is modified by original size of image sensor. This technique can hide the block based authentication information using general decoder. In the experimental results, JPEG file size is slightly increased within 0.1% for the proposed block based authentication information encoding. Finally proposed methods can be adopted for various embedded systems using medical image, smart phone and DSLR camera.

• Journal of KIISE:Information Networking
• /
• v.32 no.3
• /
• pp.291-300
• /
• 2005

The Ubiquitous computer environment is thing which invisible computer that is not shown linked mutually through network so that user may use computer always is been pervasive. Intend computing environment that can use easily as user wants and it is the smart environment that user provides context awareness that is wanting computing environment. This Ubiquitous computing contains much specially weak side in security. Masquerade attack of that crawl that is quoted to user or server among device that is around user by that discrete various computing devices exist everywhere among them become possible. Hereupon, in this paper, proposed method that have following characteristic. Present authentication model through transfer or device. Suggest two method that realize authentication through device in case of moved to method(MD: Multi Domain) and user ownself space(SD: Single Domain) that realize authentication through device in case of moved user's direct path who device differs.