• Journal of Internet Computing and Services
• /
• v.19 no.1
• /
• pp.1-10
• /
• 2018

Network threats such as Internet worms and computer viruses have been significantly increasing. In particular, APTs(Advanced Persistent Threats) and ransomwares become clever and complex. IDSes(Intrusion Detection Systems) have performed a key role as information security solutions during last few decades. To use an IDS effectively, IDS rules must be written properly. An IDS rule includes a key signature and is incorporated into an IDS. If so, the network threat containing the signature can be detected by the IDS while it is passing through the IDS. However, it is challenging to find a key signature for a specific network threat. We first need to analyze a network threat rigorously, and write a proper IDS rule based on the analysis result. If we use a signature that is common to benign and/or normal network traffic, we will observe a lot of false alarms. In this paper, we propose a scheme that analyzes a network threat and extracts key signatures corresponding to the threat. Specifically, our proposed scheme quantifies the degree of correspondence between a network threat and a signature using the LDA(Latent Dirichlet Allocation) algorithm. Obviously, a signature that has significant correspondence to the network threat can be utilized as an IDS rule for detection of the threat.

• Journal of Internet Computing and Services
• /
• v.16 no.1
• /
• pp.91-100
• /
• 2015

Recently many companies began to feel the pressures of cost savings due to the global recession, so they have been interested in the Cloud Computing. Cloud Computing is one of using method of IT resources through the network. Users can borrow softwares or hardwares instead of buying them. Many people expect remarkable growth in Cloud Computing industry because of it's effectiveness. But Cloud Computing industry is still at an early stage. Especially, people who in the public sector hesitate to adopt Cloud Computing Services due to security issues and their conservative views. Also, they just have limited understanding, so we need to investigate what they really know and understand. Researches about the Cloud Computing generally focus on technical issues, so we can hardly find researches reference for decision making in considering the services. The study aims to investigate diverse factors for agencies' adoption decisions, such as benefits, costs, and risk in developing the most ideal type of cloud computing service for them, and performs priority analyses by applying ANP (Analytic Network Process). The results identify that features pertaining to the risk properties were considered the most significant factors. According to this research, the usage of private cloud computing services may prove to be appropriate for public environment in Korea. The study will hopefully provide the guideline to many governmental agencies and service providers, and assist the related authorities with cloud computing policy in coming up with the relevant regulations.

• Smart Media Journal
• /
• v.7 no.1
• /
• pp.37-44
• /
• 2018

Utilizing sequence control and numerical computing, embedded devices are used in a variety of automated systems, including those at industrial sites, in accordance with their control program. Since embedded devices are used as a control system in corporate industrial complexes, nuclear power plants and public transport infrastructure nowadays, deliberate attacks on them can cause significant economic and social damages. Most attacks aimed at embedded devices are data-coded, code-modulated, and control-programmed. The control programs for industry-automated embedded devices are designed to represent circuit structures, unlike common programming languages, and most industrial automation control programs are designed with a graphical language, LAD, which is difficult to process static analysis. Because of these characteristics, the vulnerability analysis and security related studies for industry automation control programs have only progressed up to the formal verification, real-time monitoring levels. Furthermore, the static analysis of industrial automation control programs, which can detect vulnerabilities in advance and prepare for attacks, stays poorly researched. Therefore, this study suggests a method to present a discussion on an industry automation control program designed to represent the circuit structure to increase the efficiency of static analysis of embedded industrial automation programs. It also proposes a medium term translation technology exploiting LLVM IR to comprehensively analyze the industrial automation control programs of various manufacturers. By using LLVM IR, it is possible to perform integrated analysis on dynamic analysis. In this study, a prototype program that converts to a logical expression type of medium language was developed with regards to the S company's control program in order to verify our method.

• Journal of the Korean Society of Marine Environment & Safety
• /
• v.14 no.2
• /
• pp.163-168
• /
• 2008

Ship detection from satellite remote sensing is a crucial application for global monitoring for the purpose of protecting the marine environment and ensuring marine security. It permits to monitor sea traffic including fisheries, and to associate ships with oil discharge. An automatic ship detection approach for RADARSAT Fine Synthetic Aperture Radar (SAR) image is described and assessed using in situ ship validation information collected during field experiments conducted on August 6, 2004. Ship detection algorithms developed here consist of five stages: calibration, land masking, prescreening, point positioning, and discrimination. The fine image was acquired of Ulsan Port, located in southeast Korea, and during the acquisition, wind speeds between 0 m/s and 0.4 m/s were reported. The detection approach is applied to anchoring ships in the anchorage area of the port and its results are compared with validation data based on Vessel Traffic Service (VTS) radar. Our analysis for anchoring ships, above 68 m in length (LOA), indicates a 100% ship detection rate for the RADARSAT single beam mode. It is shown that the ship detection performance of SAR for smaller ships like barge could be higher than the land-based radar. The proposed method is also applied to estimate the ship's dimensions of length and breadth from SAR radar cross section(RCS), but those values were comparatively higher than the actual sizes because of layover and shadow effects of SAR.

• The KIPS Transactions:PartD
• /
• v.10D no.6
• /
• pp.1059-1066
• /
• 2003

In this paper, the magnetic sensing system is designed and implemented for the safe security in internet commerce system. When the payment is required inthe internet commerce system, the magnetic sensing system will get the information from a credit card without keyboard input and then encrypt and transmit the information to server. The credit card sensing system, which is proposed in this paper, is safe from keyboard hacking because it encrypts card information immediately in its internal chip and sends the information to host system. For the protection of information, the magnetic sensing system is basically based on a synchronous stream cipher cryptosystem which is related to a group of matrices. The size of matrices and the bits of keys for the best performances are determined for various cases. It is shown that for credit card payments. matrices of size 2 have good performance even at most 128bits keys with the consideration of inverse matrices. For authentication of general-purpose data, the magnetic sensing system needs more than 1.5KB data and in this case, the optimum size of matrices is 2 or 3 at more 256bits keys with consideration of inverse matrices.

• Journal of Convergence for Information Technology
• /
• v.10 no.7
• /
• pp.20-32
• /
• 2020

This study is to develop and provide a personal information protection framework that enables IoT service providers to safely and systematically operate personal information of IoT service subjects in the overall process of providing IoT devices and services. To this end, a framework for personal information framework was derived through literature survey, and FGI with experts, it was divided into three stages, each of three stages: IoT service provision process and IoT personal information processing process. The study conducted an e-mail survey of related experts using AHP techniques to determine the importance of the components of the selected personal information protection framework. As a result, in the IoT service provision process, the IoT product and service design and development stage (0.5413) is the most important, and in the IoT personal information processing process, personal information protection in the collection and retention of personal information (0.5098) is the most important. Therefore, based on this research, as the IoT service is spreading, it is expected that a safe personal information protection framework will be realized by preventing security threats and personal information infringement accidents.

• Journal of Digital Convergence
• /
• v.14 no.12
• /
• pp.405-411
• /
• 2016

Seoul city is publishing new plans to increase modal share rate of bicycle every year, such as, maintaining bicycle related facilities. But bicycle's modal share rate in Seoul stayed same for the last decade and people are still facing difficulties using bicycle related facilities. These problems are causing bicycle usage as connecting transportation of public transit to decrease. This study looked at the high bicycle modal countries, such as, Netherlands, Germany and Japan to find applicable solutions by analyzing cases and comparing them with cases of highly populated subway station of Sindorim in Seoul. For example, in Germany and Netherlands there is bicycle-parking system to help bikers to access subway easier, in Japan there is underground bicycle parking tower to safely keep high volume of bicycles with in small space. For Seoul city to increase its modal share rate, they should look at problems from users' prospective and solve it by fixing it and improving the services, not by making more facilities.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2018.10a
• /
• pp.278-281
• /
• 2018

The early Web technology was to show text information through a browser. However, as web technology advances, it is possible to show large amounts of multimedia data through browsers. Web technologies are being applied in a variety of fields such as sensor network, hardware control, and data collection and analysis for big data and AI services. As a result, the standard has been prepared for the Internet of Things, which typically controls a sensor via HTTP communication and provides information to users, by installing a web browser on the interface of the Internet of Things. In addition, the recent development of web-assembly enabled 3D objects, virtual/enhancing real-world content that could not be run in web browsers through a native language of C-class. Factors that evaluate the performance of existing Web applications include performance, network resources, and security. However, since there are many areas in which web applications are applied, it is time to revisit and review these factors. In this thesis, we will conduct an analysis of the factors that assess the performance of a web application. We intend to establish an indicator of the development of web-based applications by reviewing the analysis of each element, its main points, and its needs to be supplemented.

• Journal of Korea Society of Industrial Information Systems
• /
• v.19 no.5
• /
• pp.15-24
• /
• 2014

In 2005, there was a partial revision of the Act on the Promotion of Education for the Handicapped people, so that students with health impairments would be able to receive special education support. Since the amendment of the bill, to support them classified into weak people in education, education support systems have been proposed and settled so that they may receive the support for free. According to the pre-study, after the amendment of this bill, there has been many studies on the form of educational service to support them, and recently, there have been a lot of researches to investigate their satisfaction with the current services and draw its problems. And yet these studies have been carried out by the preceeding researchers at the drawing of problems, but have a limitation to present fundamental countermeasures to the problems. Therefore, this study attempted to understand the meaning of health impairment through the pre-study and investigate the forms of the services currently supporting them and analyze the problem of each service. In addition, to solve the identified problems, a new support system was proposed. In order to confirm the performance of the system, we design the user satisfaction survey composed of a Likert 5-point scale per each question, and to make the task, comparing stories and clapping for increasing quality of their subjective evaluation about the image and voice transmission when the user uses it. As a result, in the overall evaluation of the robot system, the average score of each question was recorded to 4.31 points, and through the two tasks, it was found that there were effective data transmission of image and voice.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.6
• /
• pp.1147-1157
• /
• 2014

Intelligent transportation system (ITS) is realized through a highly ephemeral network, i.e. vehicular ad hoc network (VANET) which is on its way towards the deployment stage, thanks to the advancements in the automobile and communication technologies. However, it has not been successful, at least to date, to install the technology in the mass of vehicles due to security and privacy challenges. Besides, the users of such technology do not want to put their privacy at stake as a result of communication with peer vehicles or with the infrastructure. Therefore serious privacy measures should be taken before bringing this technology to the roads. To date, privacy issues in ephemeral networks in general and in VANET in particular, have been dealt with through various approaches. So far, multiple pseudonymous approach is the most prominent approach. However, recently it has been found out that even multiple pseudonyms cannot protect the privacy of the user and profilation is still possible even if different pseudonym is used with every message. Therefore, another privacy-aware mechanism is essential in vehicular networks. In this paper, we propose a novel identity exchange mechanism to preserve conditional privacy of the users in VANET. Users exchange their pseudonyms with neighbors and then use neighbors' pseudonyms in their own messages. To this end, our proposed scheme conditionally preserves the privacy where the senders of the message can be revoked by the authorities in case of any dispute.