• Journal of Korea Society of Digital Industry and Information Management
• /
• v.15 no.1
• /
• pp.53-59
• /
• 2019

As the number of harmful sites increases, many social problems are occurring. Therefore, in order to solve this problem, the government is carrying out activities to block access to web sites to harmful sites based on the law. However, due to the change from HTTP to HTTPS protocol, it has become difficult to block the harmful sites in the existing method. In the existing HTTP protocol, a method of blocking the site corresponding to the harmful site domain list by utilizing the DNS information was used. However, due to the generalization of HTTPS, it is difficult to block the harmful sites in the existing method. Therefore, the ISP uses the method of blocking the website using the SNI field in the TLS (Transport Layer Security) Handshake protocol used for HTTPS. However, since the method using SNI field raises the concern of monitoring Internet users or exposing information about connected sites, in this paper, we proposed method which can support anonymity to Internet users while blocking harmful sites. The suggested method also can support integrity and source authentication to the transmitted data.

• International journal of advanced smart convergence
• /
• v.12 no.1
• /
• pp.9-17
• /
• 2023

Recently, IoT technology has been widely used in many industries. Also research on integrating IoT technology with IoT sensors is actively underway. One of the important challenges in IoT is to support low-latency communication. With the development of communication networks and protocols, a variety of protocols are being used, and their performance is improving. In this paper, we compare the performance and analyze the characteristics of some of the major communication protocols in IoT application, namely MQTT, HTTP, and HTTPS. IoT sensors acquired data by connecting an Arduino equipped with ESP8266 and a temperature and humidity sensor (DHT11). The server measured the performance by building servers for each protocol using AWS EC2. We analyzed the packets transmitted between the Arduino and the server during the data transmission. We measured the amount of data and transfer time. The measurement results showed that MQTT had the lowest data transmission time and data amount among the three protocols.

• Journal of Korea Multimedia Society
• /
• v.23 no.3
• /
• pp.430-439
• /
• 2020

The government of the Republic of Korea has introduced SNI blocking method since February 2019 to block illegal sites. Currently, this policy has been considered as a controversial policy in South Korea therefore, about 270,000 South Koreans have been calmed down by and the presidential office petition because people believe that blocking https by SNI would invasion of privacy and freedom of use of the Internet. As soon as the SNI blocking method was used, the bypass method was opened to the Internet, causing side effects. In this study, identifies the development of Internet blocking technology and the development of new technology that bypasses the technology. It also examines Internet censorship in other countries and identifies problems in blocking technology. Through this study would present policy suggestions and technical methodologies for sound Internet use.

• Journal of Korea Artificial Intelligence Association
• /
• v.1 no.2
• /
• pp.1-6
• /
• 2023

In this paper, we present a new method for classifying malicious URLs to reduce cases of learning difficulties due to unfamiliar and difficult terms related to information protection. This study plans to extract only visually distinguishable features within the URL structure and compare them through map learning algorithms, and to compare the contribution values of the best map learning algorithm methods to extract features that have the most impact on classifying malicious URLs. As research data, Kaggle used data that classified 7,046 malicious URLs and 7.046 normal URLs. As a result of the study, among the three supervised learning algorithms used (Decision Tree, Support Vector Machine, and Logistic Regression), the Decision Tree algorithm showed the best performance with 83% accuracy, 83.1% F1-score and 83.6% Recall values. It was confirmed that the contribution value of https is the highest among whether to use https, sub domain, and prefix and suffix, which can be visually distinguished through the feature contribution of Decision Tree. Although it has been difficult to learn unfamiliar and difficult terms so far, this study will be able to provide an intuitive judgment method without explanation of the terms and prove its usefulness in the field of malicious URL detection.

• CELLMED
• /
• v.12 no.2
• /
• pp.8.1-8.2
• /
• 2022

The Yangbanchum was reconstructed based on mask play that had been handed down in Goseong, Gyeongsangnam-do, Korea. Talnori, called Goseong Ogwangdae, is a Korean folk cultural heritage designated as National Important Intangible Cultural Property No. 57. This mask play provides catharsis to the audience by unraveling the hypocrisy and lies of the aristocrats through satire and humor. Our performance team, the ensemble Better Than Medicine (eBTM) used a large fan (Boochae)to create a performance that blew away anxiety and pain. Watching this performance, the performer and the audience feel the consensus of sharing emotions and send strong bonds and support to each other. This study provides that Yangbanchum dance promotes the mental health by feeling emotional sharing through vicarious satisfaction and mirror effect.

• CELLMED
• /
• v.12 no.3
• /
• pp.13.1-13.3
• /
• 2022

The aim of this study was to evaluate the synergistic effect of Samulnori and Ajaeng combination in music therapy. Samulnori is the Korea's most successful traditional music. The Ajaeng, Korean traditional string instrument, generally plays the bass part in ensemble music. However, we have tried a new kind of musical style. (As you can see in the Youtube, https://youtu.be/QHIciJTTY0w). Samulnori and Ajaeng combination of our style have not been tried by any other musicians in Korea. Results from this study showed that Samulnori-induced excitation and Ajaeng-induced dynamics probably contributed to the synergistic effect of Samulnori and Ajaeng.

• Journal of Internet Computing and Services
• /
• v.7 no.6
• /
• pp.157-174
• /
• 2006

Ajax interaction model changes the posture of web application to become a stateful over HTTP. Ajax applications are long-lived inthe browser. XMLHTTPRequest (XHR) is used to facilitate the data exchange. Using HTTPS over this interaction is not viable because of the frequency of data exchange. Moreover, switching of protocols form HTTP to HTTPS for sensitive information is prohibited because of server-of-origin policy. The longevity, constraint, and asynchronous features of Ajax application need to hove a different authentication and session fondling mechanism that invoke re-authentication. This paper presents an authentication and session management scheme using Ajax. The scheme is design lo invoke periodic and event based re-authentication in the background using digest authentication with auto-generated password similar to OTP (One Time Password). The authentication and session management are wrapped into a framework called AWASec (Ajax Web Application Security) for coupling to avoid broken authentication and session management.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.6
• /
• pp.1343-1354
• /
• 2018

OAuth 2.0 bearer token and JWT(JSON web token), current standard technologies for authentication and authorization, use the approach of sending fixed token repeatedly to server for authentication that they are subject to eavesdropping attack, thus they should be used in secure communication environment such as HTTPS. In OAuth 2.0 MAC token which was devised as an authentication scheme that can be used in non-secure communication environment, server issues shared secret key to authenticated client and the client uses it to compute MAC to prove the authenticity of request, but in this case server has to store and use the shared secret key to verify user's request. Therefore, it's hard to provide stateless authentication service. In this paper we present a randomized token authentication scheme which can provide stateless MAC token authentication without storing shared secret key in server side. To remove the use of HTTPS, we utilize secure communication using server certificate and simple signature-based login using client certificate together with the proposed randomized token authentication to achieve the fully stateless authentication service and we provide an implementation example.

• Journal of Internet Technology
• /
• v.22 no.5
• /
• pp.1069-1082
• /
• 2021

The Internet of Things (IoT) is vulnerable to a wide range of security risks, which can be effectively mitigated by applying Cyber Threat Intelligence (CTI) sharing as a proactive mitigation approach. In realizing CTI sharing, it is of paramount importance to guarantee end-to-end protection of the shared information as unauthorized disclosure of CTI is disastrous for organizations using IoT. Furthermore, resource-constrained devices should be supported through lightweight operations. Unfortunately, the aforementioned are not satisfied by the Hypertext Transfer Protocol Secure (HTTPS), which state-of-the-art CTI sharing systems mainly depends on. As a promising alternative to HTTPS, Ephemeral Diffie-Hellman over COSE (EDHOC) can be considered because it meets the above requirements. However, EDHOC in its current version contains several security flaws, most notably due to the unprotected initial message. Consequently, we propose a lightweight end-to-end privacy-preserving security protocol that improves the existing draft EDHOC protocol by utilizing previously shared keys and keying materials while providing ticket-based optimized reauthentication. The proposed protocol is not only formally validated through BAN-logic and AVISPA, but also proved to fulfill essential security properties such as mutual authentication, secure key exchange, perfect forward secrecy, anonymity, confidentiality, and integrity. Also, comparing the protocol's performance to that of the EDHOC protocol reveals a substantial improvement with a single roundtrip to allow frequent CTI sharing.

• Proceeding of EDISON Challenge
• /
• 2015.03a
• /
• pp.308-311
• /
• 2015

https://nano.edison.re.kr/에서 제공하는 Linear Combination of Atomic Orbitals 기반 Density Functional Theory 전자구조계산 SW을 이용하여 정렬된 FCC 결정구조의 PtFe와 원자의 배열이 무질서한 PtFe의 산소 발생 반응의 과전압을 알아보았다. 화학 반응에 참여하는 정렬된 FCC PtFe의 표면 방위는 표면 에너지 계산을 통해 (111) 면으로 설정하였다. 과전압 값은 산소 발생 반응의 각 단계의 자유 에너지 변화를 계산하여 양의 반응 에너지이다. 과전압 측정 결과 정렬된 FCC 결정구조의 PtFe와 원자의 배열이 무질서한 PtFe의 과전압은 각 각 0.623875eV, 0.603118eV 이다.