• Journal of Korea Multimedia Society
• /
• v.25 no.2
• /
• pp.221-236
• /
• 2022

BLE protocol prevents MITM attacks with user interaction through some input/output devices such as keyboard or display. Therefore, If it use a device which has no input/output facility, it can be vulnerable to MITM attack. If messages to be sent to a control device is forged by MITM attack, the device can be abnormally operated by malicious attack from attacker. Therefore, we describes a scenario which has the vulnerabilities of the BLE network in this paper and propose countermeasure method against MITM attacks integrity violations. Its mechanism provides data confidentiality and integrity with MD5 and security key distribution of Diffie Helman's method. In order to verify the effectiveness of the countermeasure method proposed in this paper, we have conducted the experiments. ​As experiments, the message was sent 200 times and all of them successfully detected whether there was MITM attack or not. In addition, it took at most about 4.2ms delay time with proposed countermeasure method between devices even attacking was going on. It is expected that more secure data transmission can be achieved between IoT devices on a BLE network through the method proposed.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.8 no.6
• /
• pp.534-543
• /
• 2015

This paper proposes an Energy Theft Traceback Protocol(ETTP) based on Logging and Marking that can trace Energy Theft back in Smart Grid Environment. The ETTP consists of the following three phases. First, it classifies Energy Theft Type into Measurement Rejection and Data Fabrication by generating an Energy Theft Tree. Second, it detects an Energy Theft by using the Energy Theft Tree. Finally, it trace an Energy Theft back by using the Logging Table of a Router and the Marking Information of a Packet. The result of its simulation shows that the Detection Ratio of Energy Theft is estimated at 92% and the Success Ratio of Energy Theft Traceback at 93%. Therefore, the ETTP not only reduces such risk factors as Forgery and Tampering about Billing information but also provides safe and reliable Smart Grid environment.

• Journal of Internet Computing and Services
• /
• v.20 no.2
• /
• pp.61-68
• /
• 2019

Although the number of smartphone users is continuously increasing due to the advantage of being able to easily use most of the Internet services, the number of counterfeit applications is rapidly increasing and personal information stored in the smartphone is leaked to the outside. Because Android app was developed with Java language, it is relatively easy to create counterfeit apps if attacker performs the de-compilation process to reverse app by abusing the repackaging vulnerability. Although an obfuscation technique can be applied to prevent this, but most mobile apps are not adopted. Therefore, it is fundamentally impossible to block repackaging attacks on Android mobile apps. In addition, personal information stored in the smartphone is leaked outside because it does not provide a forgery self-verification procedure on installing an app in smartphone. In order to solve this problem, blockchain is used to implement a process of certificated application registration and a fake app identification and detection mechanism is proposed on Hyperledger Fabric framework.

• Phonetics and Speech Sciences
• /
• v.14 no.3
• /
• pp.103-112
• /
• 2022

Due to the popularization of smartphones, most of the recorded speech files submitted as evidence of recent crimes are produced by smartphones, and the integrity (forgery) of the submitted speech files based on smartphones is emerging as a major issue in the investigation and trial process. Samsung smartphones with the highest domestic market share are distributed with built-in speech recording applications that can record calls and voice, and can edit recorded speech. Unlike editing through third-party speech (audio) applications, editing by their own builtin speech applications has a high similarity to the original file in metadata structures and attributes, so more precise analysis techniques need to prove integrity. In this study, we constructed a speech file metadata database for speech files (original files) recorded by 34 Samsung smartphones and edited speech files edited by their built-in speech recording applications. We analyzed by comparing the metadata structures and attributes of the original files to their edited ones. As a result, we found significant metadata differences between the original speech files and the edited ones.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.4
• /
• pp.1025-1036
• /
• 2016

The conversion of the international standard web utilization HTML5 technology is being developed for improvement of the internet environment based on nonstandard technology like ActiveX. Hyper Text Markup Language 5 (HTML5) of basic programming language for creating a web page is designed to consider the security more than HTML4. However, the range of attacks increased and a variety of security threats generated from HTML4 environment inherited by new HTML5 API. In this paper, we focus on the script-based attack such as CSRF (Cross-Site Request Forgery), Cookie Sniffing, and HTML5 API such as CORS (Cross-Origin Resource Sharing), Geolocation API related with the infringement of the personal information. We reproduced the infringement cases actually and embodied a detection module of a Plug-in type diagnosed based on client. The scanner allows it to detect and respond to the vulnerability of HTML5 previously, thereby self-diagnosing the reliability of HTML5-based web applications or web pages. In a case of a new vulnerability, it also easy to enlarge by adding another detection module.

• Journal of KIISE:Software and Applications
• /
• v.37 no.11
• /
• pp.859-865
• /
• 2010

In this paper, a new method for finger vein recognition is proposed. Researchers are recently interested in the finger vein recognition since it is a good way to avoid the forgery in finger prints recognition and the inconveniences in obtaining images of the iris for iris recognition. The vein images are processed to obtain the line shaped vein images through the local histogram equalization and a thinning process. This thinned vein images are processed for matching, using a new matching algorithm, named HS(HeeSung) matching algorithm. This algorithm yields an excellent recognition rate when it is applied to the curve-linear images processed through a thinning or an edge detection. In our experiment with the finger vein images, the recognition rate has reached up to 99.20% using this algorithm applied to 650finger vein images(130person ${\times}$ 5images each). It takes only about 60 milliseconds to match one pair of images.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.650-652
• /
• 2013

As VANET(Vehicular Ad-hoc NETwork) improves road safety, efficiency, and comfort, and provides a value-added service such as commerce information or internet access. it is the most important technology in ITS(Intelligent Transportation System). But, In VANETs, better communication efficiency can be achieved by sacrificing security and vice versa. VANETs cannot get started without either of them. Therefore, to solve these problems simultaneously, this paper proposes MAC(Message Authentication Code) based SDAP(Secure Data Aggregation Protocol) which removes redundant data or abnormal data between vehicles and verifies the integrity of message. The MAC based SDAP not only improves the efficiency of data delivery but also enhances the security by detecting malicious attacks such as propagation jamming attack, forgery attack, and disguised attack.

• Journal of Broadcast Engineering
• /
• v.23 no.6
• /
• pp.886-895
• /
• 2018

In this paper, we introduce a technique to detect the video forgery by using the regularity that occurs in the video compression process. The proposed method uses the hierarchical regularity lost by the video double compression and the frame deletion. In order to extract such irregularities, the depth information of CU and TU, which are basic units of HEVC, is used. For improving performance, we make a depth map of CU and TU using local information, and then create input data by grouping them in GoP units. We made a decision whether or not the video is double-compressed and forged by using a general three-dimensional convolutional neural network. Experimental results show that it is more effective to detect whether or not the video is forged compared with the results using the existing machine learning algorithm.

• Analytical Science and Technology
• /
• v.20 no.2
• /
• pp.155-163
• /
• 2007

Porosity paper evidence is encountered in case of forgery, kidnapping, fraud and terrorist activity. The present study was designed to evaluate the effect of three chemical reagents (Ninhydrin, 1,8-diazafluoren-9-one (DFO), Iodine fuming) to the quality of developed latent fingerprints on porosity printing papers and newspaper. In case of printing papers, print quality was better with Iodine fuming method than Ninhydrin and DFO treatment to developing latent fingerprints. Developing latent fingerprint on newspapers was achieved with Iodine fuming processing. The processing of Iodine fuming followed by DFO and by using blue light (orange red filter) exhibited better results with Iodine fuming. Enhancement of latent fingerprint detection image using Digital Imaging System was achieved.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.52 no.6
• /
• pp.79-84
• /
• 2015

In a distribution of digital image, there is a serious problem that is a distribution of the altered image by a forger. For the problem solution, this paper proposes a median filtering (MF) image forensic decision algorithm using a feature vector according to the pixel value's gradients. In the proposed algorithm, AR (Autoregressive) coefficients are computed from pixel value' gradients of original image then 1th~6th order coefficients to be six feature vector. And the reconstructed image is produced by the solution of Poisson's equation with the gradients. From the difference image between original and its reconstructed image, four feature vector (Average value, Max. value and the coordinate i,j of Max. value) is extracted. Subsequently, Two kinds of the feature vector combined to 10 Dim. feature vector that is used in the learning of a SVM (Support Vector Machine) classification for MF (Median Filtering) detector of the altered image. On the proposed algorithm of the median filtering detection, compare to MFR (Median Filter Residual) scheme that had the same 10 Dim. feature vectors, the performance is excellent at Unaltered, Averaging filtering ($3{\times}3$) and JPEG (QF=90) images, and less at Gaussian filtering ($3{\times}3$) image. However, in the measured performances of all items, AUC (Area Under Curve) by the sensitivity and 1-specificity is approached to 1. Thus, it is confirmed that the grade evaluation of the proposed algorithm is 'Excellent (A)'.