• The Journal of the Korea Contents Association
• /
• v.16 no.9
• /
• pp.329-338
• /
• 2016

Internet of Things (IoTs) technology makes every things in physical world being digitalized and communicated with each other. The technology is emerging as a new paradigm and is expected to provide a convenient and effective life. However, for the successful realization of the IoT technologies, IoT security issues are an important prerequisite, and particularly the privacy protection is expected to become more important in view of object communication directively related with human. In this paper we describe for the security and privacy threats in IoT environment and introduce the shodan (a legitimate search engine that finds backdoor routers, switches, webcams, IoT devices connected to the Internet etc.) that can expose the security and privacy problems. Lastly, we compare the privacy threats through real-world case study of network cameras currently in use and finally derive the countermeasures for the threats.

• Atmosphere
• /
• v.28 no.2
• /
• pp.187-200
• /
• 2018

The heavy snowfall phenomenon with thunder and lightning occurred in Yeongdong coastal region on 20 January 2017. Amount of snow on that day was a maximum of 47 cm and was concentrated in a short time (2 hours) at the Yeongdong coastal area. The mechanism of thundersnow was investigated to describe in detail using observational data and numerical simulation (Weather Research and Forecast, WRF) applied lightning option. The results show that a convective cloud occurred at the Yeongdong coastal area. The east wind flow was generated and the pressure gradient force was maximized by the rapidly developed cyclone. The cold and dry air in the upper atmosphere has descended (so called tropopause folding) atmospheric lower layer at precipitation peak time (1200 LST). In addition, latent heat in the lower atmosphere layer and warm sea surface temperature caused thermal instability. The convective cloud caused by the strong thermal instability was developed up to 6 km at that time. And the backdoor cold front was determined by the change characteristics of meteorological elements and shear line in the east sea. Instability indexes such as Total totals Index (TT) and Lightning Potential Index (LPI) are also confirmed as one of good predictability indicates for the explosive precipitation of convective rainfall.

• KIPS Transactions on Computer and Communication Systems
• /
• v.6 no.5
• /
• pp.247-254
• /
• 2017

In a Linux system, a user with malicious intent can acquire administrator privileges through attack types that execute shells, and can leak important user information and install backdoor program. In order to solve this problem, the existing method is to analyze the causes of the elevation of privilege, fix the problems, and then patch the system. Recently, a method of detecting an illegal elevated tasks in which information inconsistency occurs through user credentials in real time has been studied. However, since this credential method uses uid and gid, illegal elevated tasks having the root credentials may not be detected. In this paper, we propose a security module that stores shell commands and paths executed with regular privileges in a table and compares them with every file accesses (open, close, read, write) that are executed to solve the case which cannot detect illegal elevated tasks have same credential.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.24 no.6
• /
• pp.609-614
• /
• 2014

Cerebellar ataxia is a steadily progressive neurodegenerative disease associated with loss of motor control, leaving patients unable to walk, talk, or perform activities of daily living. Direct motor instruction in cerebella ataxia patients has limited effectiveness, presumably because an inappropriate closed-loop cerebellar response to the inevitable observed error confounds motor learning mechanisms. Recent studies have validated the age-old technique of employing motor imagery training (mental rehearsal of a movement) to boost motor performance in athletes, much as a champion downhill skier visualizes the course prior to embarking on a run. Could the use of EEG based BCI provide advanced biofeedback to improve motor imagery and provide a "backdoor" to improving motor performance in ataxia patients? In order to determine the feasibility of using EEG-based BCI control in this population, we compare the ability to modulate mu-band power (8-12 Hz) by performing a cued motor imagery task in an ataxia patient and healthy control.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.9
• /
• pp.12-20
• /
• 2016

With the enhancements in existing major industries, cloud computing-based converging services have been created, as well as value-added industries. A variety of converging services are now provided, from personalized services up to industrial services. In Korea, they have become the driving force behind existing industries throughout the whole economy, but mainly in finance, mobile systems, social computing, and home services, based on cloud services. However, not only denial of service (DOS) and distributed DOS (DDOS) attacks have occurred, but also attack techniques targeting core data in storage servers. Even security threats that are hardly detected, such as multiple attacks on a certain target, APT, and backdoor penetration have also occurred. To supplement defenses against these, in this article, a protocol for authority management is designed to provide users with safe storage services. This protocol was studied in cases of integration between a cloud environment and big data-based technology, security threats, and their requirements. Also studied were amalgamation examples and their requirements in technology-based cloud environments and big data. With the protocol suggested, based on this, security was analyzed for attack techniques that occur in the existing cloud environment, as well as big data-based techniques, in order to find improvements in session key development of approximately 55%.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.5
• /
• pp.919-939
• /
• 2021

As a next-generation communication technology, 5G networks are capable of handling large amounts of traffic based on higher speeds, shorter communication delays, and higher connectivity compared to 4G networks. In this 5G network environment, base stations are installed all over the city at high density due to their characteristics, and are connected to user terminals to provide services. Therefore, if the base station is damaged by a malicious attacker, it is expected to cause great damage to users and society as a whole. So the need for secure communication equipment such as 5G base stations has emerged. Therefore, in this paper, we propose the security functional requirements derived using threat modeling, a systematic methodology for 5G base stations, and the security assurance requirements at the level that can cope with the backdoor issues. The security requirements proposed in this paper can be used for base station design and development to construct a secure network environment as a security evaluation standard for 5G base stations.

• Convergence Security Journal
• /
• v.21 no.2
• /
• pp.11-18
• /
• 2021

To protect tangible and intangible assets, most of the companies are conducting information protection monitoring by using various security equipment in the IT service network. As the security equipment that needs to be protected increases in the process of upgrading and expanding the service network, it is difficult to monitor the possible exposure to the attack for the entire service network. As a countermeasure to this, various studies have been conducted to detect external attacks and illegal communication of equipment, but studies on effective monitoring of the open service ports and construction of illegal communication monitoring system for large-scale service networks are insufficient. In this study, we propose a framework that can monitor information leakage and illegal communication attempts in a wide range of service networks without large-scale investment by analyzing 'Netflow statistical information' of backbone network equipment, which is the gateway to the entire data flow of the IT service network. By using machine learning algorithms to the Netfllow data, we could obtain the high classification accuracy of 94% in identifying whether the Telnet service port of operating equipment is open or not, and we could track the illegal communication of the damaged equipment by using the illegal communication history of the damaged equipment.