• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.919-943
• /
• 2019

Distributed ledger technology, which is attracting attention as an emerging technology related to the 4th Industrial Revolution, is implemented as an open source based distributed ledger technology system and widely used for development with various applications (or services), but the security functions provided by the distributed general ledger system are very insufficient. This paper proposes security enhancements for distributed ledger technology systems based on open source. To do so, potential security threats that may occur under running an open source based distributed ledger technology systems are identified and security functional requirements against the security threats identified are provided by analyzing legislation and security certification criteria (ISMS-P). In addition, it proposes a method to implement the security functions required for an open source based distributed ledger technology systems through analysis of security functional components of Common Criteria (CC), an international standard.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.5
• /
• pp.1201-1216
• /
• 2017

Recently, many countries around the world including Korea (Rep. of) have actively introduced online voting using distributed ledger technology (e.g. blockchain). However, online voting using distributed ledger technology based on the widely deployed telecommunication/ICT infrastructure. There is insufficient analysis of potential security threats. In this paper, we suggest a model for online voting system using distributed ledger technology and propose countermeasures by analyzing the security threats that may occur in online voting process in terms of information security.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.12C
• /
• pp.1707-1721
• /
• 2004

In this paper, we propose a distributed communication model of intrusion detection system(IDS) in which integrated security management at networks level is possible, model it at a security node and distributed system levels, design and implement a simulator. At the node level, we evaluate the transfer capability of alert message based on the analysis of giga-bit security node architecture which performs hardware-based intrusion detection. At the distributed system level, we perform the evaluation of transfer capability of detection and alert informations between components of distributed IDS. In the proposed model, we carry out the performance evaluation considering decision factors of communication mechanism and present the results in order to gain some quantitative understanding of the system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.4
• /
• pp.63-73
• /
• 2010

Malicious bot programs, the source of distributed denial of service attack, are widespread and the number of PCs which were infected by malicious bot program are increasing geometrically thesedays. The continuous distributed denial of service attacks are happened constantly through these bot PCs and some financial incident cases have found lately. Therefore researches to response distributed denial of service attack are necessary so we propose an effective feature generation method for distributed denial of service attack detection using entropy. In this paper, we apply our method to both the DARPA 2000 datasets and also the distributed denial of service attack datasets that we composed and generated ourself in general university. And then we evaluate how the proposed method is useful through classification using bayesian network classifier.

• Journal of Internet Computing and Services
• /
• v.8 no.6
• /
• pp.29-42
• /
• 2007

This paper describes a security object designed to support a dynamic security service for application services in u-healthcare computing environments in which domains are used to object groups for specifying security policies, In particular, we focus on security object for distributed framework support for u-healthcare including policy, role for security and operations use to access control. And then, by using the DPD-Tool. we showed the access right grant procedure of objects which are server programs, the developing process of client program. Also, we verified the executablility of security service supporting by distributed framework support for u-healthcare use to the mobile monitoring application developing procedure implemented through DPD-Tools.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.4
• /
• pp.169-176
• /
• 2003

Distributed signcryption was specially designed for distributing a signcrypted message to a designated group. Since a verifier of this signcryption should how the signer's public key in advance, it cannot provide the signer's anonymity. This study adds anonymity and non-repudiation by trusted party to the distributed signcryption with almost the same computational load. We also analyze security and computational loads of the proposed scheme. In addition, we extend our scheme to an efficient group signcryption.

• Proceedings of the KIEE Conference
• /
• 1998.07c
• /
• pp.997-999
• /
• 1998

An operationally secure power system is one low probability of blackout or equipment damage. The power system is needed to maintain a designated security level at minimum operating cost. The inclusions of security make power system problem complex. But, because security and optimality are normally conflicting requirement, the separate treatments of both are inappropriate. So, a unified hierarchical formulation is needed. In this paper, the overview of security constrained optimal power flow (SCOPF) is presented and an introduction of parallel distributed formulation to SCOPF is also presented.

• 한국정보통신설비학회:학술대회논문집
• /
• 2009.08a
• /
• pp.131-135
• /
• 2009

This paper is the introduction of our work on distributed load scheduling in single-level tree network. In this paper, we derive a new calculation model in single-level tree network and show a closed-form formulation of the time for computation system. There are so many examples of the application of this technology such as distributed database, biology computation on genus, grid computing, numerical computing, video and audio signal processing, etc.

• The Transactions of the Korean Institute of Electrical Engineers A
• /
• v.49 no.6
• /
• pp.298-304
• /
• 2000

In this paper, we propose that the SCOPF be solved in a decentralized framework, consisting of regions, using a price-based mechanism. We first solve the distributed OPF problem to determine the maximum secure simultaneous transfer capability of each tie-line between adjacent regions by taking only the security constraints imposed on the tie-lines into account. And then, the regional SCOPF is performed using the conventional LP approach. A description on the inclusion of security constraints with distributed OPF algorithm will be given, folowed by a case study for Korea power system.

• International Journal of Computer Science & Network Security
• /
• v.23 no.9
• /
• pp.134-140
• /
• 2023

The distributed system is playing a vital role in storing and processing big data and data generation is speedily increasing from various sources every second. Hadoop has a scalable, and efficient distributed system supporting commodity hardware by combining different networks in the topographical locality. Node support in the Hadoop cluster is rapidly increasing in different versions which are facing difficulty to manage clusters. Hadoop does not provide Node management, adding and deletion node futures. Node identification in a cluster completely depends on DHCP servers which managing IP addresses, hostname based on the physical address (MAC) address of each Node. There is a scope to the hacker to theft the data using IP or Hostname and creating a disturbance in a distributed system by adding a malicious node, assigning duplicate IP. This paper proposing novel node management for the distributed system using DNA hiding and generating a unique key using a unique physical address (MAC) of each node and hostname. The proposed mechanism is providing better node management for the Hadoop cluster providing adding and deletion node mechanism by using limited computations and providing better node security from hackers. The main target of this paper is to propose an algorithm to implement Node information hiding in DNA sequences to increase and provide security to the node from hackers.