• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.1
• /
• pp.31-40
• /
• 2014

In Korea, the Public Key Infrastructure (PKI) has been introduced. For secure information transmission and identification, the electronic signature authorization system of a certificate-based is built, and then the service provide.The certificate is stored in location what users can easily access and copy. Thus, there is a risk that can be stolen by malware or web account hacking. In addition, private key passwords can be exposed by the logging tool, after keyboard security features are disabled. Each of these security weaknesses is a potential conduit for identity theft, property/asset theft, and theft of the actual certificates. The present study proposes a method to prevent the private key file access illegally. When a certificate is stored, the private key is encrypted by the dependent element of the device, and it is stored securely. If private key leakage occurs, the retrieved key could not be used on other devices.

• Convergence Security Journal
• /
• v.22 no.4
• /
• pp.99-107
• /
• 2022

The use of smart home appliances and Internet of Things (IoT) devices is growing, enabling new interactions and automation in the home. This technology relies heavily on mobile services which leaves it vulnerable to the increasing threat of hacking, identity theft, information leakage, serious infringement of personal privacy, abnormal access, and erroneous operation. Confirming or proving such security breaches have occurred is also currently insufficient. Furthermore, due to the restricted nature of IoT devices, such as their specifications and operating environments, it is difficult to provide the same level of internet security as personal computers. Therefore, to increase the security on smart home IoT devices, attention is needed on (1) preventing hacking and user authority theft; (2) disabling abnormal manipulation; and (3) strengthening audit records for device operation. In response to this, we present a plan to build a cloud security authentication platform which features security authentication management functionality between mobile terminals and IoT devices.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.6
• /
• pp.1115-1126
• /
• 2021

In this paper, we developed a mobile student ID providing a self sovereignty identity (SSI) which replaces the conventional plastic-type student ID that includes private information of a student such as a name, a student number, a facial photo, etc. The implemented mobile student ID solves the problem of exposing student's identity due to a loss or a theft of a plastic-type student ID, and it has a structure and process of FRANCHISE model which is developed by a concept of a decentralized Identity(DID) of a Blockchain, in which specialized for convenience as an electronic student ID through an application on a smart phone device. In addition, it protects student's privacy by controlling personal information on oneself. By using a smartphone, not only it easily identifies the student but also it expands to several services such as participation in school events, online authentication, and a student's exchange program among colleges.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.20 no.5
• /
• pp.610-616
• /
• 2010

This paper describes how to securely bind the identity reference and biometric reference for satisfying security requirements. To overcome the shortcomings of the simple personal authentication method using a password, such as identify theft, a biometric system that utilizes physical and behavioral characteristics of each person has been adopted. In the biometric system, the biometric information itself is personal information, and it can be used as an unique identifier that can identify a particular it vidual when combining with other identity information. As a result, a son, anb it canmethod is required for manipulat canthese information. Consider canthese issues, this paper proposes a biit canmethod uiter son, anand uisecure channels for generating the common identifier and ensuring security of identity reference and biometric reference that are stored in the separated DBs.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.05a
• /
• pp.607-610
• /
• 2008

Phishing is a form of online identity theft that aims to steal sensitive information such as online banking passwords and credit card information from users. Phishing scams have been receiving extensive press coverage because such attacks have been escalating in number and sophistication. According to a study by Gartner, Many Internet users have identified the receipt of e-mail linked to phishing scams and about 2 million of them are estimated to have been tricked into giving away sensitive information. This paper presents a novel browser extension, AntiPhish, that aims to protect users against spoofed web site-based phishing attack.

• Proceedings of the Korea Technology Innovation Society Conference
• /
• 2004.11a
• /
• pp.239-244
• /
• 2004

피싱(Phishing)이란 '위장 홈페이지를 만들어 불특정 다수의 이메일 사용자에게 메일을 보내는 수법으로 수신자의 개인정보를 빼내 금융범죄에 악용하는 행위'를 말한다. 기존의 스팸메일 둥과 달리 피싱은 이메일 사용자에게 금융, 신용 피해를 줄 수 있어 개인에게 미치는 피해가 심각한 경우가 발생할 수 있다. 이에 대응하여, 미국에서는 'SB California SB 1386' 등의 법안을 제정하고, 'Coalition on Online Identity Theft' 등의 조직을 결성하는 등 피싱으로 인한 피해 예방 및 대처를 위해 적극적으로 노력하고 있다. 국내에서도 금융기관과 기업에서의 주의 메일 발송, 홈페이지에의 피싱 주의 안내문 게시 둥의 방법으로 대응하고 있으나, 피싱으로 인한 피해를 예방하기에는 미진한 것으로 여겨진다. 이에 본 고에서는 미국을 중심으로 한 피싱에 대한 피해.대응현황과 국내 대응방안에 대해 살펴본다.

• International journal of advanced smart convergence
• /
• v.5 no.3
• /
• pp.40-46
• /
• 2016

The internet allows the information to flow at anywhere in anytime easily. Unfortunately, the network also becomes a great tool for the criminals to operate cybercrimes such as identity theft. To prevent the issue, using a very complex password is not a very encouraging method. Alternatively, keystroke dynamics helps the user to solve the problem. Keystroke dynamics is the information of timing details when a user presses a key or releases a key. A machine can learn a user typing behavior from the information integrate with a proper machine learning algorithm. In this paper, we have proposed mini-batch ensemble (MIBE) method which does the preprocessing on the original dataset and then produces multiple mini batches in the end. The mini batches are then trained by a machine learning algorithm. From the experimental result, we have shown the improvement of the performance for each base algorithm.

• Journal of the Korea Society of Computer and Information
• /
• v.23 no.1
• /
• pp.111-116
• /
• 2018

Recently, IoT and Big Data dealing with voluminous and complex sensitive information is one of the key issues in the era of the 4th industrial revolution. There have been a lot of studies to store the collected and processed sensitive information safely in storage data. Especially biometric information, if it is leaked and becomes identity theft, is hard to be corrected and results in serious event. To fix the problem, methods such as FIDO or KFTC have been proposed. In this paper, we propose a modified method of TTAK.KO-12.0098 according to the environment of this paper and propose a method of safely storing the generated disposable template in a block chain. We show that our method is better by comparing the existing method and the security analysis.

• International Journal of Computer Science & Network Security
• /
• v.22 no.9
• /
• pp.358-368
• /
• 2022

Social media is a window for everyone, individuals, communities, and companies to spread ideas and promote trends and products. With these opportunities, challenges and problems related to security, privacy and rights arose. Also, the data accumulated from social media has become a fertile source for many analytics, inference, and experimentation with new technologies in the field of data science. In this chapter, emphasis will be given to methods of trend analysis, especially ensemble learning methods. Ensemble learning methods embrace the concept of cooperation between different learning methods rather than competition between them. Therefore, in this chapter, we will discuss the most important trends in ensemble learning and their applications in analysing social media data and anticipating the most important future trends.

• International Journal of Computer Science & Network Security
• /
• v.23 no.6
• /
• pp.99-106
• /
• 2023

Now a days, large volumes of data is accumulating in every field due to increase in capacity of storage devices. These large volumes of data can be applied with data mining for finding useful patterns which can be used for business growth, improving services, improving health conditions etc. Data from different sources can be combined before applying data mining. The data thus gathered can be misused for identity theft, fake credit/debit card transactions, etc. To overcome this, data mining techniques which provide privacy are required. There are several privacy preserving data mining techniques available in literature like randomization, perturbation, anonymization etc. This paper proposes an Enhanced Hybrid Privacy Preserving Data Mining(EHPPDM) technique. The proposed technique provides more privacy of data than existing techniques while providing better classification accuracy. The experimental results show that classification accuracies have increased using EHPPDM technique.