• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.42 no.10 s.340
• /
• pp.31-38
• /
• 2005

Ipsec is a security protocol suite that provides encryption and authentication services for IP messages at the network layer of the internet. Internet Key Exchange (IKE) is a protocol that is used to negotiate and provide authenticated keying materials in a protected manner for Security Associations (SAs). In this paper, we propose a dynamic key lifetime change algorithm for performance enhancement of virtual private networks using IPSec. The proposed algorithm changes the key lifetime according to the number of secure tunnels. The proposed algorithm is implemented with Linux 2.4.18 and FreeS/WAN 1.99. The system employing our proposed algorithm performs better than the original version in terms of network performance and security.

• Journal of Korea Multimedia Society
• /
• v.22 no.10
• /
• pp.1199-1207
• /
• 2019

Video surveillance data, which is used for preemptive or post-emptive action against any event or accident, is required for monitoring the location, but is reducing the capacity of the image data by removing intervals for cost reduction and system persistence. Such a video surveillance system is fixed in a certain position and monitors the area only within a limited angle, or monitors only the fixed area without changing the angle. At this time, the video surveillance system that is monitored only within a limited angle shows that the variation object such as the floating population shows different status in the image, and the background of the image maintains a generally constant appearance. The static objects in the image do not need to be stored in all the images, unlike the dynamic objects that must be continuously shot, and occupy a storage space other than the necessary ones. In this paper, we propose a mechanism to analyze the image, store only the small size image for the fixed background, and store it as image data only for variable objects.

• International Journal of Advanced Culture Technology
• /
• v.9 no.4
• /
• pp.288-294
• /
• 2021

There are various ways to be infected with malicious code due to the increase in Internet use, such as the web, affiliate programs, P2P, illegal software, DNS alteration of routers, word processor vulnerabilities, spam mail, and storage media. In addition, malicious codes are produced more easily than before through automatic generation programs due to evasion technology according to the advancement of production technology. In the past, the propagation speed of malicious code was slow, the infection route was limited, and the propagation technology had a simple structure, so there was enough time to study countermeasures. However, current malicious codes have become very intelligent by absorbing technologies such as concealment technology and self-transformation, causing problems such as distributed denial of service attacks (DDoS), spam sending and personal information theft. The existing malware detection technique, which is a signature detection technique, cannot respond when it encounters a malicious code whose attack pattern has been changed or a new type of malicious code. In addition, it is difficult to perform static analysis on malicious code to which code obfuscation, encryption, and packing techniques are applied to make malicious code analysis difficult. Therefore, in this paper, a method to detect malicious code through dynamic analysis and static analysis using Trojan-type Downloader/Dropper malicious code was showed, and suggested to malicious code detection and countermeasures.

• ETRI Journal
• /
• v.27 no.5
• /
• pp.595-607
• /
• 2005

The widespread use of the Internet has led to the problem of intellectual property and copyright infringement. Digital rights management (DRM) technologies have been developed to protect digital content items. Digital content can be classified into static content (for example, text or media files) and dynamic content (for example, VOD or multicast streams). This paper deals with the protection of a multicast stream on set-top boxes connected to an IP network. In this paper, we examine the following design and architectural issues to be considered when applying DRM functions to multicast streaming service environments: transparent streaming service and large-scale user environments. To address the transparency issue, we introduce a 'selective encryption scheme'. To address the second issue, a 'key packet insertion scheme' and 'hierarchical key management scheme' are introduced. Based on the above design and architecture, we developed a prototype of a multicasting DRM system. The analysis of our implementation shows that it supports transparent and scalable DRM multicasting service in a large-scale user environment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.4
• /
• pp.1516-1528
• /
• 2015

We introduce attribute set based signature (ASBS), a new cryptographic primitive which organizes user attributes into a recursive set based structure such that dynamic constraints can be imposed on how those attributes may be combined to satisfy a signing policy. Compared with attribute based signature (ABS), ASBS is more flexible and efficient in managing user attributes and specifying signing policies. We present a practical construction of ASBS and prove its security in the standard model under three subgroup decision related assumptions. Its efficiency is comparable to that of the most efficient ABS scheme.

• Proceedings of the Korean Information Science Society Conference
• /
• 2006.06a
• /
• pp.343-345
• /
• 2006

위치정보는 최근 모바일 장치 및 그 어플리케이션의 발달에 따라 괴다란 논점이 되고 있다. 위치정보는 매우 개인적인 특성을 갖는 점에서 암호화 과정이 필수적이다. 하지만 이러한 암호화 작업은 일정한 시간을 소요하는 작업이다. 이는 현재 무선 데이터 전송 속도 및 모바일 장치의 프로세스 능력을 감안할 때 시스템에 있어 무시할 수 없는 성능 저하를 가져오게 된다. 따라서 본 논문에서는 이러한 모바일 장치의 성능 저하를 최소화 할 수 있는 동적 암호화 메커니즘을 설계하였다. 이를 통해 시스템의 성능과 보안 수준간의 적절한 균형을 유지하여 시스템 최적화에 기여한다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2005.11b
• /
• pp.10-12
• /
• 2005

XML이 데이터 표현과 문서 교환의 표준으로 떠오름에 따라 XML문서에 대한 보안이 중요하게 되었다. 이 논문에서는 XML 보안을 위하여 W3C의 암호화 방법에 접근 제어 기법을 적용시킨 XML Pool Encryption 방법을 기반으로 XML 문서의 구조 정보를 빠르고 쉽게 파악할 수 있는 새로운 레이블링 기법을 제안한다. 제안하는 기법은 계층 구조의 특성을 갖는 XML 문서에서 하위 정보의 위치에 상위 정보의 위치를 포함시킴으로써 문서 일부에 대해서도 구조 정보의 유추가 가능하다. 또한 XML문서의 변화(문서의 갱신, 수정. 삭제) 시에도 문서 전체의 레이블링을 변화시키지 않고, 변화하는 부분에 대해서만 새로운 레이블을 부여한다는 장점이 있다. 실험 결과에서는 제안된 기법이 XML 문서상에서의 위치 정보를 찾는 데에 효율적임을 보여준다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2005.07a
• /
• pp.163-165
• /
• 2005

유비쿼터스 환경이 도래하면서 언제, 어느 곳에서든 네트?을 사용하여 정당한 사용자임을 확인하고자 하는 요구가 증대하고 있다. 기존의 사용자 인증 방식은 인증기관으로부터 받은 인증서와 비밀키를 하드웨어 장치나 스마트카드 등의 보조 기억장치에 저장하여 휴대하고 다녀야 하는 번거로움이 있다. 또한 사용자의 비밀키를 키위탁 센터에 위탁하여 필요할 때 사용할 수 있도록 하고 있으나 여러 가지 위협으로부터 안전할 수 없는 상황이다. 본 논문에서는 이러한 휴대의 불편함과 여러 가지 위협으로부터 보호하고, 사용자가 언제 어디서든 인증을 제공받을 수 있는 동적 키생성 및 키복구 모듈을 제안한다.

• Journal of KIISE:Computing Practices and Letters
• /
• v.9 no.4
• /
• pp.470-485
• /
• 2003

The steganography is one of methods that users can hide data. Some steganography softwares use audio data among multimedia data. However, these commercialized audio steganography softwares have disadvantages that the existence of hidden messages can or easily recognized visually and only certain-sized data can be hidden. To solve these problems, this study suggested, designed and implemented Dynamic Message Embedding (DME) algorithm. Also, to improve the security level of the secret message, the file encryption algorithm has been applied. Through these, StegoWaveK system that performs audio steganography was designed and implemented. Then, the suggested system and the commercialized audio steganography system were compared and analyzed on criteria of the Human Visilable System (HVS), Human Auditory System (HAS), Statistical Analysis (SA), and Audio Measurement (AM).

• Convergence Security Journal
• /
• v.15 no.5
• /
• pp.3-8
• /
• 2015

Most mobile cloud computing system use public key cryptography to provide data security and mutual authentication. A variant of traditional public key technologies called Identity-Based Cryptography(IBC) has recently received considerable attention. The certificate-free approach of IBC may well match the dynamic qualities of cloud environment. But, there is a need for a lightweight secure framework that provides security with minimum processing overhead on mobile devices. In this paper, we propose to use hierarchical ID-Based Encryption in mobile cloud computing. It is suitable for a mobile network since it can reduce the workload of root Public Key Generators by delegating the privilege of user authentication and private key generation. The Identity-Based Encryption and Identity-Based Signature are also proposed and an ID-Based Authentication scheme is presented to secure data processing. The proposed scheme is designed by one-way hash functions and XOR operations, thus has low computation costs for mobile users.