• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.13 no.2
• /
• pp.755-759
• /
• 2012

In this paper, it is about random number generator, which is based on hardware is utilized in medical science and game area. The Intel presents guideline of security level about hardware based true random number generator. At hardware based random number generator, the various test items, that are included in test suits as NIST statistical test, FIPS140-1, is applied. In this paper, it experiments about degree extent of randomness variation from filter scheme effects, which is applied in output stream of hardware noise source.

• Journal of National Security and Military Science
• /
• s.3
• /
• pp.243-263
• /
• 2005

The purpose of present study is to applied center assess method to Military General's Promotion System. This study aim to examine assessment center method based on core competency model will be applied to Military General's Promotion System and Human Resource Management. This study propose that Military General's core competency model based on job analysis to identify competency of Army, Navy, Air Force's Generals and to identify the consequences and performances of assess center method. This study propose that assess center method applied to Military General's Promotion System have many kinds. Facilitated Simulation methods were Planning and Analysis /Oral Presentation, Presentation management Coaching, customer /Peer lnteraction. Non-facilitated Simulation methods were In-Basket game, Leaderless Group Discussion, role playing. And this study propose that Military General's assessment center method based on core competency model will be effective in Military field.

• International Journal of Computer Science & Network Security
• /
• v.21 no.6
• /
• pp.54-60
• /
• 2021

Monte-Carlo GO is a computer GO program that is sufficiently competent without using knowledge expressions of IGO. Although it is computationally intensive, the computational complexity can be reduced by properly pruning the IGO game tree. Here, I achieve this by using a potential model based on the knowledge expressions of IGO. The potential model treats GO stones as potentials. A specific potential distribution on the GO board results from a unique arrangement of stones on the board. Pruning using the potential model categorizes legal moves into effective and ineffective moves in accordance with the potential threshold. Here, certain pruning strategies based on potentials and potential gradients are experimentally evaluated. For different-sized boards, including an official-sized board, the effects of pruning strategies are evaluated in terms of their robustness. I successfully demonstrate pruning using a potential model to reduce the computational complexity of GO as well as the robustness of this effect across different-sized boards.

• International Journal of Computer Science & Network Security
• /
• v.21 no.5
• /
• pp.43-47
• /
• 2021

In the course of this article, the concept of "innovation" was considered and analyzed, which is considered not only as a subject, something new, but also as a process. The process of introducing something new into life, and in our case, into the educational process. Innovative educational technologies are varied and plentiful. In this article, the most commonly used. Among them: the use of ICT, game techniques, the portfolio method, personality-oriented, information support of the learning process, educational and health-saving technologies, and others.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2020.07a
• /
• pp.445-446
• /
• 2020

최근 사물인터넷의 발전에 따른 많은 기기들이 디지털화 되면서 네트워크의 새로운 주요 장비로 등장하고 있으며 이 중 CCTV의 경우 대부분 IP를 갖는 독립적인 네트워크 디바이스가 되고 있다. 하지만 이러한 CCTV의 네트워크 접근에 따른 해킹 가능성이 끊임없이 제공되면서 CCTV를 통한 내부망의 침투가 현실적으로 가능한 상황이다. 현재 대부분의 영상 화면이 암호화되어 운영되고는 있지만 CCTV를 통제하는 제어 데이터는 어떠한 보안조치도 이루어지지 않은 것이 현실이다. 이러한 점을 보완하기 위해 면에서 본 논문에서는 CCTV 통제를 위한 제어 데이터도 인증 및 암호화를 통해 일반적인 접근을 완전히 차단할 수 있는 방안을 제시하고 이를 통한 사물인터넷의 안정성을 검증하는 방안을 제안하고자 한다.

• Convergence Security Journal
• /
• v.13 no.2
• /
• pp.33-43
• /
• 2013

The Private Security Industry of Korea began after served security service for the United States army of 8 division. The industry grew up after establish private security regulation on December 31th of 1976. Early 1980's the industry was accelerated from bringing technical knowledge of developed nations rapidly. Also, private security was gotten into the spotlight by one of futurity industry instead public security after companies performed 86 Asian game and 88 Seoul Olympic successfully. Therefore, the industry became to increase qualitatively and quantitatively. From late 1990's the private security regulations were revised fifteen times and created about education system, bodyguard, and leader of security. 3,836 private companies and 150,030 private guards had operated until 2012. However, some of companies received administrative measure, because of the companies ran immorally. The minor companies are continuously closed down from the leader's inefficient operation. Approval standard of establishment has imperfect law. Solutions of problems are to provide high quality service, to expand company affairs, to attract specific customers through efficiency expert, to change standard of leader of security guards, to establish security education institution through the government and to intensify requirements to establish the company.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.5
• /
• pp.377-384
• /
• 2013

In order to improve the security strength in the password based user authentication, in which the security vulnerability is increased while the same password is repeatedly used, the OTP(One-Time Password) system has been introduced. In the OTP systems, however, the user account information and OTP value may be hacked if the user PC is infected by the malicious codes, because the user types the OTP value, which is generated by the mobile device synchronized with the server, directly onto the user PC. In this paper, we propose a new method, called DTOTP(Dual Transmission OTP), to solve this security problem. The DTOTP system is an improved two-factor authentication method by using the dual transmission, in which the user performs the server authentication by typing the user account and password information onto the PC, and then for the OTP authentication the mobile device scans the QR code displayed on the PC and the OTP value is sent to the server directly. The proposed system provides more improved security strength than that of the existing OTP system, and also can adopt the existing OTP algorithm without any modification. As a result, the proposed system can be safely applied to various security services such like banking, portal, and game services.

• Journal of Digital Convergence
• /
• v.12 no.10
• /
• pp.299-308
• /
• 2014

Today, a number of users using smartphone is very rapidly increasing by development of smartphone performance and providing various services. Also, they are using it for enjoying various services(cloud service, game, banking service, mobile office, etc.). today's mobile security solution is simply to detect malicious code or stay on the level of mobile device management. In particular, the services which use sensitive information, such as certificate, corporation document, personal credit card number, need the technology which are prevented from hacking and leaking it. Recently, interest of these mobile security problems are increasing, as the damage cases been occurred. To solve the problem, there is various security research such as mobile virtualization, ARM trustzone, GlobalPlatform for mobile device. Therefore, in this paper, I suggested efficient method that uses the mobile virtualization techniques of certification, security policy and access control, password/key management, safe storage, etc. and Trustzone of ARM for preventing information leakage and hacking.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.283-293
• /
• 2012

A new type of malware that extracts personal and account data over an extended period of time and that apparently is resistant to detection by vaccines has been identified. Generally, a malware is installed on a computer through network-to-network connections by utilizing Web vulnerabilities that contain injection, XSS, broken authentication and session management, or insecure direct-object references, among others. After the malware executes registration of an arbitrary service and an arbitrary process on a computer, it then periodically communicates the collected confidential information to a hacker. This paper is a systematic approach to analyzing a new type of malware called "winweng," a kind of worm that frequently made appearances during the first half of 2011. The research describes how the malware came to be in circulation, how it infects computers, how its operations expose its existence and suggests improvements in responses and countermeasures. Keywords: Malware, Worm, Winweng, SNORT.

• Journal of Internet of Things and Convergence
• /
• v.10 no.2
• /
• pp.77-84
• /
• 2024

Over the past few years, IoT edges have begun to emerge based on new low-latency communication protocols such as 5G. However, IoT edges, despite their enormous advantages, pose new complementary threats, requiring new security solutions to address them. In this paper, we propose a cloud environment-based IoT edge architecture model that complements IoT systems. The proposed model acts on machine learning to prevent security threats in advance with network traffic data extracted from IoT edge devices. In addition, the proposed model ensures load and security in the access network (edge) by allocating some of the security data at the local node. The proposed model further reduces the load on the access network (edge) and secures the vulnerable part by allocating some functions of data processing and management to the local node among IoT edge environments. The proposed model virtualizes various IoT functions as a name service, and deploys hardware functions and sufficient computational resources to local nodes as needed.