• The Journal of Korean Association of Computer Education
• /
• v.8 no.1
• /
• pp.65-72
• /
• 2005

In this study, we suggest a new mechanism on the design and implementation of IP Traceback system against DDos/DRDoS by Zombie and Reflector attack based on spoofed IP packets. After analysis and comparing on the state-of-arts of several IP traceback mechanisms, we can find their own pros and cons primitives. And then we performed simulations on reflector based DRDoS network packets. In first, we suggest a NS-2 based IP traceback module and implement it for finding its real DRDoS attacker. As a results, we can find advanced new IP traceback scheme for providing enhanced proactive functionality against DRDoS attack.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.8
• /
• pp.4076-4092
• /
• 2019

Nowadays, most users access internet through mobile applications. The common way to authenticate users through websites forms is using passwords; while they are efficient procedures, they are subject to guessed or forgotten and many other problems. Additional multi modal authentication procedures are needed to improve the security. Behavioral authentication is a way to authenticate people based on their typing behavior. It is used as a second factor authentication technique beside the passwords that will strength the authentication effectively. Keystroke dynamic rhythm is one of these behavioral authentication methods. Keystroke dynamics relies on a combination of features that are extracted and processed from typing behavior of users on the touched screen and smart mobile users. This Research presents a novel analysis in the keystroke dynamic authentication field using two features categories: timing and no timing combined features. The proposed model achieved lower error rate of false acceptance rate with 0.1%, false rejection rate with 0.8%, and equal error rate with 0.45%. A comparison in the performance measures is also given for multiple datasets collected in purpose to this research.

• International Journal of Computer Science & Network Security
• /
• v.21 no.2
• /
• pp.77-87
• /
• 2021

In this study, a novel improved second order Radial Basis Function Neural Network based method with excellent scheduling capabilities is used for the dynamic prediction of short and long-term energy required applications. The effectiveness and the reliability of the algorithm are evaluated using training operations with New England-ISO database. The dynamic prediction algorithm is implemented in Matlab and the computation of mean absolute error and mean absolute percent error, and training time for the forecasted load, are determined. The results show the impact of temperature and other input parameters on the accuracy of solar Photovoltaic load forecasting. The mean absolute percent error is found to be between 1% to 3% and the training time is evaluated from 3s to 10s. The results are also compared with the previous studies, which show that this new method predicts short and long-term load better than sigmoidal neural network and bagged regression trees. The forecasted energy is found to be the nearest to the correct values as given by England ISO database, which shows that the method can be used reliably for short and long-term load forecasting of any electrical system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.417-437
• /
• 2022

The quality of the fuzzing seed file is one of the important factors to discover vulnerabilities faster. Although the prior seed generation paradigm, using dynamic taint analysis and symbolic execution techniques, enhanced fuzzing efficiency, the yare not extensively applied owing to their high complexity and need for expertise. This study proposed the DDRFuzz system, which creates seed files based on sequence-to-sequence models. We evaluated DDRFuzz on five open-source applications that used multimedia input files. Following experimental results, DDRFuzz showed the best performance compared with the state-of-the-art studies in terms of fuzzing efficiency.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.1
• /
• pp.99-106
• /
• 2011

The emerging of ubiquitous computing and healthcare technologies provides us a strong platform to build sustainable healthcare applications especially those that require real-time information related to personal healthcare regardless of place. We realize that system stability, reliability and data protection are also important requirements for u-healthcare services. Therefore, in this paper, we designed a u-healthcare system which can be attached to the patient's body to measure vital signals, enhanced with USN secure sensor module. Our proposed u-healthcare system is using wireless sensor modules embedded with NLM-128 algorithm. In addition, PS-LFSR technique is applied to the NLM-128 algorithm to enable faster and more efficient computation. We included some performance statistical results in term of CPU cycles spent on NLM-128 algorithm with and without the PS-LFSR optimization for performance evaluation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.4
• /
• pp.987-997
• /
• 2018

Blockchain has tamper-free, so many applications are developing to leverage tamper-free features of blockchain. MIT Media Labs proposed BlockCerts, educational certificate blockchain System, to solve problems of legacy certificate verifications. Existing educational certificate blockchain Systems are based on public blockchain such as bitcoin, Ethereum, so any entity can participate educational institute in principal. Moreover, the exisitng educational certricate blockchain system utilizes the integrity of blockchain, but the confidentiality of the educational certificate is not provided. This paper propose a digital certificate system based on private blockchain, name HyperCerts. Therefore, only trusted entity can participate in the private blockchain network, Hyperledger, as the issuer of digital certificate. Furthermore, the practical byzantine fault tolerance is used as consensus algorithm, HyperCerts reduce dramatically the latency of issuing digital certificate and required computing power. HyperCerts stores the hash value of digital certificate into the ledger, so breach of personal information by malicious entity in the private blockchain is protected.

• Journal of the Korea Society for Simulation
• /
• v.32 no.4
• /
• pp.59-67
• /
• 2023

Private blockchains can apply enhanced security policies that allow only authorized users to participate in the blockchain network. In addition, when used in a career management system where the validity of an individual's career is important, it has the suitable characteristics in terms of information integrity. However, due to the excessive performance requirements of blockchain technology, identifying performance characteristics through simulation can be helpful in stable operation of the system. This paper presents research results that utilized performance evaluation results while constructing a career management system based on the Ethereum blockchain. The service not only serves as a portfolio that records personal career development activities, certification acquisition, and award results, but also provides a community function for career planning to strengthen employment competitiveness. In addition, we present how a compensation policy can be executed to encourage users to participate in career development through community activities. In particular, an appropriate compensation policy was derived by reviewing changes in performance characteristics in accordance with the transaction volume on Geth nodes.

• Journal of KIISE:Computing Practices and Letters
• /
• v.10 no.2
• /
• pp.146-155
• /
• 2004

Currently most of commercial operating systems contain a high-level audit feature to increase their own security level. Linux does not fall behind the other commercial operating systems in performance and stability, but Linux does not have a good audit feature. Linux is required to support a higher security feature than C2 level of the TCSEC in order to be used as a server operating system, which requires the kernel-level audit feature that provides the system call auditing feature and audit event. In this paper, we present LxBSM, which is a kernel module to provide the kernel-level audit features. The audit record format of LxBSM is compatible with that of Sunshield BSM. The LxBSM is implemented as a loadable kernel module, so it has the enhanced usability. It provides the rich audit records including the user-level audit events such as login/logout. It supports both the pipe and file interface for increasing the connectivity between LxBSM and intrusion detection systems (IDS). The performance of LxBSM is compared and evaluated with that of Linux kernel without the audit features. The response time was increased when the system calls were called to create the audit data, such as fork, execve, open, and close. However any other performance degradation was not observed.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.4B
• /
• pp.435-441
• /
• 2009

The one-time password system solves the problem concerning password reuse caused by the repeated utilization of an identical password. The password reuse problem occurs due to the cyclic repetition at the time of password creation, and authentication failure can occur due to time deviation or non-synchronization of the number of authentication. In this study, the password is created asynchronously and exchanged with the user, who then signs using a digital signature in exchange for the password and a valid verification is requested along with the certificate to ensure non-repudiation. Besides this, a verification system for one-time password is proposed and designed to improve security by utilizing the validity verification that is divided into certificate verification and password verification. Comparative analysis shows that the mechanism proposed in this study is better than the existing methods in terms of replay attack, non-repudiation and synchronization failure.

• Journal of the Society of Disaster Information
• /
• v.14 no.3
• /
• pp.280-287
• /
• 2018

Purpose: The study is based on comparative review of the actual inspection of apartments and aims at proposing easy accessible and useful safety control which is enhanced from pre-existing safety apparatus. Method: On the basis of preceding research data of apartment buildings, the study presents reported problems and real condition of apartment buildings based on Housing Related Legislation and Housing Act. Results: Safety management plans and safety inspection for buildings are needed. When conducting a safety check, traceability management system for internal/exterior facilities should be available. Most important of all, 24 hour a day of self-management system for elevators, fire protection, and security cameras is necessary. Conclusion: Through the study, there should be a process of confirming problems of building security management; such as checking the management condition through apartments' resident representatives, and seeking improvement measures.