• KIPS Transactions on Software and Data Engineering
• /
• v.11 no.6
• /
• pp.267-272
• /
• 2022

Online exams are not limited by time and space. It has the advantage that it does not require a separate exam site for examinees, and there is no time and cost required to move to the exam site. However, the online exam has the disadvantage that various cheating is possible because the exam is conducted in an individual environment. In addition, there is a difficulty in detecting cheating due to the lack of exam supervision methods. In addition, since the exam process and result data exist only as digital data, it is inconvenient to check directly on the server where the exam result is stored in order to check whether the exam result is forged or not. If the data related to the exam is maliciously changed, the authenticity cannot be verified. In this study, we tried to increase the reliability of the online exam by developing a blockchain-based online exam cheating detection system that stores exam progress-related data in the blockchain to detect cheating. Through the experiment, it was confirmed that forgery and falsification are detected as a result of the exam.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.2
• /
• pp.479-487
• /
• 2015

According to IT development, smart home services is providing remote service, monitoring service and other various services through smart home devices based on network. But, smart home environment exists security threats such as data falsification, illegal authentication and invasion of privacy through a malicious device. Smart home is studying to prevent these security threats, but the studies of smart home environment security are still in early stage of development and the studies of group key management method is lacking in smart home. In this paper, we propose the group key management method for secure device in smart home.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.13 no.2
• /
• pp.296-303
• /
• 2010

The term "spoofing" refers to the transmission of counterfeit signals to provide undetectable falsification of GPS service. A spoofing can be accomplished using information from open literature which defines the signal format and the data structure. Spoofing is intended either to produce erroneous navigation solutions or saturate the processor of the victim receiver. The GPS receiver has no way to get rid of the effect of a spoofing because GPS receivers for civil service do not have an anti-spoofing scheme. This paper analyzes the spoofing characteristics, spoofing methods and environment conditions. And the spoofing effects on GPS receiver are analyzed in detail using the designed software-based spoofer and the Nordnav receiver.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.7
• /
• pp.3414-3434
• /
• 2016

Classical key generation is complicated to update and key distribution generally requires fixed infrastructures. In order to eliminate these restrictions researchers have focused much attention on physical-layer (PHY-layer) based key generation methods. In this paper, we present a PHY-layer fingerprints based fuzzy key generation scheme, which works to prevent primary user emulation (PUE) attacks and spectrum sensing data falsification (SSDF) attacks, with multi-node collaborative defense strategies. We also propose two algorithms, the EA algorithm and the TA algorithm, to defend against eavesdropping attacks and tampering attacks in mobile cognitive radio networks (CRNs). We give security analyses of these algorithms in both the spatial and temporal domains, and prove the upper bound of the entropy loss in theory. We present a simulation result based on a MIMO-OFDM communication system which shows that the channel response characteristics received by legitimates tend to be consistent and phase characteristics are much more robust for key generation in mobile CRNs. In addition, NIST statistical tests show that the generated key in our proposed approach is secure and reliable.

• Design & Manufacturing
• /
• v.16 no.1
• /
• pp.55-61
• /
• 2022

As meters become digital and smart, energy data such as electricity, gas, heat, and water can be accurately and efficiently measured with a smart meter, providing consumers with data on energy used, so that real-time demand response and energy management services can be utilized. Although it is developing from a simple metering system to a smart metering industry to create a high value-added industry fused with ICT, illegal counterfeiting of electronic meters is causing problems in intelligent crimes such as manipulation and hacking of SW. The meter not only allows forgery of the meter data through arbitrary manipulation of the SW, but also leaves a fatal error in the metering performance, so that the OIML requires the validation of the SW from the authorized institution. In order to solve this problem, a quantitative confirmation device was developed in order to eradicate the act of cheating the fuel oil quantity through encoder pulse operation and program modulation, etc. In order to prevent the act of deceiving the lubricator, a device capable of checking pulse forgery was developed, manufactured, and verified. In addition, the performance of the device was verified by conducting an experiment on the meter being used in the actual field. It is judged that the developed quantitative confirmation device can be applied to other flow meters other than lubricators, and in this case, accurate measurement can be induced.

• The Korean Society of Law and Medicine
• /
• v.13 no.1
• /
• pp.359-395
• /
• 2012

In a broad term, health and medical data means all patient information that has been generated or circulated in government health and medical policies, such as medical research and public health, and all sorts of health and medical fields as well as patients' personal data, referred as medical data (filled out as medical record forms) by medical institutions. The kinds of health and medical data in medical records are prescribed by Articles on required medical data and the terms of recordkeeping in the Enforcement Decree of the Medical Service Act. As EMR, OCS, LIS, telemedicine and u-health emerges, sharing and protecting digital health and medical data is at issue in these days. At medical institutions, health and medical data, such as medical records, is classified as "sensitive information" and thus is protected strictly. However, due to the circulative property of information, health and medical data can be public as well as being private. The legal grounds of health and medical data as such are based on the right to informational self-determination, which is one of the fundamental rights derived from the Constitution. In there, patients' rights to refuse the collection of information, to control recordkeeping (to demand access, correction or deletion) and to control using and sharing of information are rooted. In any processing of health and medical data, such as generating, recording, storing, using or disposing, privacy can be violated in many ways, including the leakage, forgery, falsification or abuse of information. That is why laws, such as the Medical Service Act and the Personal Data Protection Law, and the Guideline for Protection of Personal Data at Medical Institutions (by the Ministry of Health and Welfare) provide for technical, physical, administrative and legal safeguards on those who handle personal data (health and medical information-processing personnel and medical institutions). The Personal Data Protection Law provides for the collection, use and sharing of personal data, and the regulation thereon, the disposal of information, the means of receiving consent, and the regulation of processing of personal data. On the contrary, health and medical data can be inspected or delivered of the copies, based on the principle of restriction on fundamental rights prescribed by the Constitution. For instance, Article 21(Access to Record) of the Medical Service Act, and the Personal Data Protection Law prescribe self-disclosure, the release of information by family members or by laws, the exchange of medical data due to patient transfer, the secondary use of medical data, such as medical research, and the release of information and the release of information required by the Personal Data Protection Law.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.10
• /
• pp.4661-4680
• /
• 2016

Cognitive radio (CR) technology is an effective solution to the spectrum scarcity issue. Collaborative spectrum sensing is known as a promising technique to improve the performance of spectrum sensing in cognitive radio networks (CRNs). However, collaborative spectrum sensing is vulnerable to spectrum data falsification (SSDF) attack, where malicious users (MUs) may send false sensing data to mislead other secondary users (SUs) to make an incorrect decision about primary user (PUs) activity, which is one of the key adversaries to the performance of CRNs. In this paper, we propose a coalition based malicious users detection (CMD) algorithm to detect the malicious user in CRNs. The proposed CMD algorithm can efficiently detect MUs base on the Geary'C theory and be modeled as a coalition formation game. Specifically, SSDF attack is one of the key issues to affect the resource allocation process. Focusing on the security issues, in this paper, we analyze the power allocation problem with MUs, and propose MUs detection based power allocation (MPA) algorithm. The MPA algorithm is divided into two steps: the MUs detection step and the optimal power allocation step. Firstly, in the MUs detection step, by the CMD algorithm we can obtain the MUs detection probability and the energy consumption of MUs detection. Secondly, in the optimal power allocation step, we use the Lagrange dual decomposition method to obtain the optimal transmission power of each SU and achieve the maximum utility of the whole CRN. Numerical simulation results show that the proposed CMD and MPA scheme can achieve a considerable performance improvement in MUs detection and power allocation.

• Journal of Industrial Convergence
• /
• v.21 no.5
• /
• pp.133-142
• /
• 2023

In recent years, the problem of academic credential falsification is not simply the manipulation of certificates generated by educational institutions, but also the difficulty of trusting automated relationship verification and verification itself, such as falsely recording completion as graduation while still in school. This is due to the lack of sharing of educational background databases among university institutions and the establishment/operation of independent systems that make it difficult to track educational backgrounds. This study designs and implements an E-AV model for academic credential verification centered on university institutions. It summarizes and stores the linked information on the existing academic background in an encrypted database and implements it with web standard technology considering the compatibility and scalability of the existing system. The results of sample data verification show that it improves safety against forgery and complies with storage space and execution performance. This study aims to contribute to the improvement of online verification services such as academic records management in domestic universities.

• Journal of Internet Computing and Services
• /
• v.21 no.2
• /
• pp.81-90
• /
• 2020

The purpose of this study is to study how to apply block-chain technology to prevent data forgery and alteration in the defense sector of AI(Artificial intelligence). AI is a technology for predicting big data by clustering or classifying it by applying various machine learning methodologies, and military powers including the U.S. have reached the completion stage of technology. If data-based AI's data forgery and modulation occurs, the processing process of the data, even if it is perfect, could be the biggest enemy risk factor, and the falsification and modification of the data can be too easy in the form of hacking. Unexpected attacks could occur if data used by weaponized AI is hacked and manipulated by North Korea. Therefore, a technology that prevents data from being falsified and altered is essential for the use of AI. It is expected that data forgery prevention will solve the problem by applying block-chain, a technology that does not damage data, unless more than half of the connected computers agree, even if a single computer is hacked by a distributed storage of encrypted data as a function of seawater.

• Journal of Convergence for Information Technology
• /
• v.11 no.8
• /
• pp.36-41
• /
• 2021

Although the technology for prediction or analysis using artificial intelligence is constantly developing, a black-box problem does not interpret the decision-making process. Therefore, the decision process of the AI model can not be interpreted from the user's point of view, which leads to unreliable results. We investigated the problems of artificial intelligence and explainable artificial intelligence using Blockchain to solve them. Data from the decision-making process of artificial intelligence models, which can be explained with Blockchain, are stored in Blockchain with time stamps, among other things. Blockchain provides anti-counterfeiting of the stored data, and due to the nature of Blockchain, it allows free access to data such as decision processes stored in blocks. The difficulty of creating explainable artificial intelligence models is a large part of the complexity of existing models. Therefore, using the point cloud to increase the efficiency of 3D data processing and the processing procedures will shorten the decision-making process to facilitate an explainable artificial intelligence model. To solve the oracle problem, which may lead to data falsification or corruption when storing data in the Blockchain, a blockchain artificial intelligence problem was solved by proposing a blockchain-based explainable artificial intelligence model that passes through an intermediary in the storage process.