• Proceedings of the Korea Information Processing Society Conference
• /
• 2018.10a
• /
• pp.174-177
• /
• 2018

스마트폰 키 애플리케이션이 널리 사용되면서, 이에 대한 중계 공격의 위협도 증가하고 있다. 중계공격은 공격자가 차량과 키 애플리케이션 사이에서 오고가는 신호를 중계하여 허용 범위 밖의 통신을 시스템이 유요한 것으로 판단하게 하는 공격이다. 본 논문에서는 중계 공격을 막기 위해, 추가 지연시간을 탐지하여, 임계 지연 시간을 넘었을 경우 차량과 스마트키가 충분히 근접하지 않았다고 판단하여 차량 문 개폐 요청을 거부하는 시스템을 제안하였다. 또한 실제 환경에서의 유동성을 고려하여 임계 지연 시간을 지속적으로 업데이트하는 적응 임계 지연 시간(Adaptive Delay Threshold) 기술을 제시하였다. 그리고 실제 임베디드 기기를 이용해 시스템을 구현하여 시스템의 실효성을 검증하였다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2019.10a
• /
• pp.256-259
• /
• 2019

IoT 환경에서 디지털 도어락에 대한 관심과 사용이 증대되고 있다. 이러한 디지털 도어락의 사용 증가와 해킹 공격으로 인한 정보 유출이 지속적으로 발생하고 있는 현실 상황에서 보안 문제도 중요하게 대두되고 있다. 본 논문에서는 보안 문제를 해결하기 위한 디지털 도어락을 설계하고 구현하였다. 제안된 시스템을 통하여 보안 취약점을 보완하고 편의성을 제공 가능할 것으로 기대된다.

• International Journal of Internet, Broadcasting and Communication
• /
• v.13 no.3
• /
• pp.1-11
• /
• 2021

Development of ICT technologies leads exponential growth of various sharing economy over the last couple of years. The intuitive advantage of the sharing economy is efficient utilization of idle goods and services, but there are safety and security concerns. In this paper, we propose a onetime password based access control system to support secure accommodation sharing service and show the implementation results. To provide a secure service to both the provider and the user, the proposed system issues a onetime access password that is valid only during the sharing period reserved by the user, thereafter access returns to the accommodation owner. Especially, our system provides secure user access by merging the two elements of speaker recognition using voice and a one-time password to open and close the door lock. In this paper, we propose a secure system for accommodation sharing services as a use-case, but the proposed system can be applicable to various sharing services utilizing security-sensitive facilities.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.05a
• /
• pp.734-736
• /
• 2016

Doors are in various buildings, such as large retail stores, hospitals, restaurants, government offices and is used as a door to provide convenience for customers, the convenience of security to control doors and exterior access Castle, etc. In the case of housing door facilities It has been used widely. However, the conventional automatic door controller Although the primary use of the PID control, the contact size and weight depending on the location to cause an instability in the system controller or the like, and disturbance of parameter variation and uncertain dynamics because of the wide variations. In this paper, we design a robust controller to compensate for uncertainties and to compensate for the disturbance.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.1
• /
• pp.98-106
• /
• 2012

CSD(Container Security Device) is a security device with sensors that can detect the abnormal behavior such as illegal opening of a container door. Since the CSD provides security and safety of the container, CSD should not only provide security services such as confidentiality and integrity but also cloning detection. If we can not detect the cloned CSD, an adversary can use the cloned CSD for many illegal purposes. In this paper, we propose a policy based cloned CSD detection mechanism. To evaluate proposed clone detection mechanism, we have implemented the proposed scheme and evaluated the results.

• International Journal of Computer Science & Network Security
• /
• v.21 no.4
• /
• pp.264-271
• /
• 2021

From an information security perspective, protecting sensitive data requires utilizing algorithms which resist theoretical attacks. However, treating an algorithm in a purely mathematical fashion or in other words abstracting away from its physical (hardware or software) implementation opens the door to various real-world security threats. In the modern age of electronics, cryptanalysis attempts to reveal secret information based on cryptosystem physical properties, rather than exploiting the theoretical weaknesses in the implemented cryptographic algorithm. The correlation power attack (CPA) is a Side-Channel Analysis attack used to reveal sensitive information based on the power leakages of a device. In this paper, we present a power Hacking technique to demonstrate how a power analysis can be exploited to reveal the secret information in AES crypto-core. In the proposed case study, we explain the main techniques that can break the security of the considered crypto-core by using CPA attack. Using two cryptographic devices, FPGA and 8051 microcontrollers, the experimental attack procedure shows that the AES hardware implementation has better resistance against power attack compared to the software one. On the other hand, we remark that the efficiency of CPA attack depends statistically on the implementation and the power model used for the power prediction.

• Journal of KIISE:Computing Practices and Letters
• /
• v.9 no.3
• /
• pp.311-321
• /
• 2003

A current firewall or IDS (intrusion detection system) of the network level suffers from many vulnerabilities in internal computing servers. For a secure Linux implementation using system call hooking, this paper defines two requirements such as the multi-level security function of TCSEC B1 and a prevention of hacking attacks. This paper evaluates the secure Linux implemented in terms of the mandatory access control, anti-hacking and performance overhead, and thus shows the security, stability and availability of the multi-level secure Linux. At the kernel level this system protects various hacking attacks such as using Setuid programs, inserting back-door and via-attacks. The performance degradation is an average 1.18% less than other secure OS product.

• Convergence Security Journal
• /
• v.10 no.4
• /
• pp.31-37
• /
• 2010

The risks and threats in IT security systems to protect, prevent damage and Risk should be minimized. Context of information security products such as information processing, storage, delivery, and in the process of information system security standards, That is the basic confidentiality, availability, integrity and secondary clarity, potential evidence, detection, warning and defense capabilities, to ensure sufficient and should be. Web services are the most important elements in the security, the web nature of port 80 for the service to keep the door open as a structure, Web applications, web sources and servers, networks, and to hold all the elements are fundamental weaknesses. Accordingly, these elements through a set of Web application development errors and set-up errors and vulnerabilities in Web applications using their own home pages and web servers to prevent hacking and to improve the efficiency of Web services is proposed methodology performs security BMT.

• The Journal of Korea Robotics Society
• /
• v.4 no.2
• /
• pp.130-138
• /
• 2009

Recently, people tracking technology is being required to various area including security application. This paper suggests a method to track people with multiple laser scanners to detect the waist part of human. Multi-target model and Kalman filter based estimation are employed to track the human movement. The proposed method is applied to a novel system to monitor the entrance area and to filter out the trespasser to pass through the door without identification. Experiments for various cases are performed to verify the usefulness of the developed system.

• Convergence Security Journal
• /
• v.12 no.1
• /
• pp.49-54
• /
• 2012

Special applications designed for smart phone, so called "Apps" are rapidly emerging as unique and effective sources of environmental monitoring tools. Using the advantages of Information and Communication Technology (ICT), this paper propose an application that provides Indoor Gas Monitoring System. In this paper, use four wireless gas sensor modules to acquire sensors data wirelessly coupled with the advantages of existing portable smart device based on Android platform to display the real-time data from the sensor modules. Additionally, this paper adapts a simple gas classification algorithm to inform in-door Gas for users real-time based.