• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.18 no.5
• /
• pp.126-141
• /
• 2019

One of the Cooperative Intelligent Transportation System(C-ITS) priority services is collision prevention support service. Several studies have considered V2I2V communication-based collision prevention support services using Artificial Neural Networks(ANN). However, such services still show some issues due to a low penetration of C-ITS devices and large delay, particularly when loading massive traffic data into the server in the C-ITS center. This study proposes the Artificial Neural Network-based Collision Warning Service(ACWS), which allows upstream vehicle to update pre-determined weights involved in the ANN by using real-time sectional traffic information. This research evaluates the proposed service with respect to various penetration rates and delays. The evaluation result shows the performance of the ACWS increases as the penetration rate of the C-ITS devices in the vehicles increases or the delay decreases. Furthermore, it reveals a better performance is observed in more advanced ANN model-based ACWS for any given set of conditions.

• Journal of Internet Computing and Services
• /
• v.23 no.1
• /
• pp.49-68
• /
• 2022

The operation system of a shipping company is still maintaining the mainframe based terminal access environment or the client/server based environment. Nowadays shipping companies that try to migrate it into a web-based environment are increasing. However, in the transition, if the design is processed by the old configuration and knowledge without considering the characteristics of the web-based environment and shipping business, various security vulnerabilities will be revealed at the actual system operation stage, and system maintenance costs to fix them will increase significantly. Therefore, in the transition to a web-based environment, a security design must be carried out from the design stage to ensure system safety and to reduce security-related maintenance costs in the future. This paper examines the characteristics of various threat modeling techniques, selects suitable modeling technique for the operation system of a shipping company, applies data flow diagram and STRIDE threat modeling technique to shipping business, derives possible security threats from each component of the data flow diagram in the attacker's point of view, validates the derived threats by mapping them with attack library items, represents the attack tree having various attack scenarios that attackers can attempt to achieve their final goals, organizes into the checklist that has security check items, associated threats and security requirements, and finally presents 23 security requirements that can respond to threats. Unlike the existing general security requirements, the security requirements presented in this paper reflect the characteristics of shipping business because they are derived by analyzing the actual business of a shipping company and applying threat modeling technique. Therefore, I think that the presented security requirements will be of great help in the security design of shipping companies that are trying to proceed with the transition to a web-based environment in the future.

• Journal of Internet Computing and Services
• /
• v.23 no.3
• /
• pp.21-33
• /
• 2022

This paper is to suggest the secure secret sharing system in order to outstandingly reduce the damage caused by the leakage of the corporate secret. This research system is suggested as efficient P2P distributed system kept from the centrally controlled server scheme. Even the bitcoin circulation system is also based on P2P distribution scheme recenly. This research has designed the secure circulation of the secret shares produced by Threshold Shamir Secret Sharing scheme instead of the shares specified in the torrent file using the simple, highly scalable and fast transferring torrent P2P distribution structure and its protocol. In addition, this research has studied to apply both Shamir Threshold Secret Sharing scheme and the securely strong multiple user authentication based on Collaborative Threshold Autentication scheme. The secure transmission of secret data is protected as using the efficient symmetric encryption with the session secret key which is safely exchanged by the public key encryption. Also it is safer against the leakage because the secret key is effectively alive only for short lifetime like a session. Especially the characteristics of this proposed system is effectively to apply the threshold secret sharing scheme into efficient torrent P2P distributed system without modifying its architecture of the torrent system. In addition, this system guaranttes the confidentiality in distributing the secret file using the efficient symmetric encryption scheme, which the session key is securely exchanged using the public key encryption scheme. In this system, the devices to be taken out can be dynamically registered as an user. This scalability allows to apply the confidentiality and the authentication even to dynamically registerred users.

• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.10
• /
• pp.373-380
• /
• 2022

This paper presents a deep learning based group synchronization that supports networked immersive interactions between remote users. The goal of group synchronization is to enable all participants to synchronously interact with others for increasing user presence Most previous methods focus on NTP-based clock synchronization to enhance time accuracy. Moving average filters are used to control media playout time on the synchronization server. As an example, the exponentially weighted moving average(EWMA) would be able to track and estimate accurate playout time if the changes in input data are not significant. However it needs more time to be stable for any given change over time due to codec and system loads or fluctuations in network status. To tackle this problem, this work proposes the Deep Group Synchronization(DeepGroupSync), a group synchronization based on deep learning that models important features from the data. This model consists of two Gated Recurrent Unit(GRU) layers and one fully-connected layer, which predicts an optimal playout time by utilizing the sequential playout delays. The experiments are conducted with an existing method that uses the EWMA and the proposed method that uses the DeepGroupSync. The results show that the proposed method are more robust against unpredictable or rapid network condition changes than the existing method.

• Smart Media Journal
• /
• v.12 no.2
• /
• pp.66-75
• /
• 2023

Recently, the number of cloud web applications is increasing owing to the accelerated migration of enterprises and public sector information systems to the cloud. Traditional network attacks on cloud web applications are characterized by Denial of Service (DoS) attacks, which consume network resources with a large number of packets. However, HTTP DoS attacks, which consume application resources, are also increasing recently; as such, developing security technologies to prevent them is necessary. In particular, since low-bandwidth HTTP DoS attacks do not consume network resources, they are difficult to identify using traditional security solutions that monitor network metrics. In this paper, we propose a new detection model for detecting HTTP DoS attacks on cloud web applications by collecting the application metrics of web servers and learning them using machine learning. We collected 18 types of application metrics from an Apache web server and used five machine learning and two deep learning models to train the collected data. Further, we confirmed the superiority of the application metrics-based machine learning model by collecting and training 6 additional network metrics and comparing their performance with the proposed models. Among HTTP DoS attacks, we injected the RUDY and HULK attacks, which are low- and high-bandwidth attacks, respectively. As a result of detecting these two attacks using the proposed model, we found out that the F1 scores of the application metrics-based machine learning model were about 0.3 and 0.1 higher than that of the network metrics-based model, respectively.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.7 no.2
• /
• pp.401-408
• /
• 2017

GNSS(Global Navigation Satellite System) is positioning and navigation system using satellites. Accurate positioning is possible in all regions of the world using satellite signals. In Korea, GPS was introduced in the late 1980s. GPS is used in research and work in various fields such as navigation, surveying, and GIS. Since 1995, NGII(National Geographic Information Institute) has installed and operated CORS(Continuously Operating Reference Station) for the practical use of GNSS surveying, RINEX download and VRS(Virtual Reference Station) service was provided for precise positioning. Demand for these services is explosively increasing in the field of surveying. Therefore, there is a need for research to provide good service. In this study, status of national surveying infra structure was researched focused on CORS and its services. As a results, current status of CORS and service were presented. Users of VRS service has increased greatly. In order to provide stable service and advanced surveying, it is necessary to continuously upgrade services such as providing services for various GNSS satellites and securing stability through server redundancy in the data center.

• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.6
• /
• pp.193-204
• /
• 2022

In a smart factory environment in a small and medium-sized enterprise (SME) environment, sensors and actuators operating on actual manufacturing lines, programmable logic controllers (PLCs) to manage them, human-machine interface (HMI) to control and manage such PLCs, and consists of operational technology server to manage PLCs and HMI again. PLC and HMI, which are in charge of control automation, perform direct connection with OT servers, application systems for factory operation, robots for on-site automation, and production facilities, so the development of security technology in a smart factory environment is demanded. However, smart factories in the SME environment are often composed of systems that used to operate in closed environments in the past, so there exist a vulnerable part to security in the current environment where they operate in conjunction with the outside through the Internet. In order to achieve the internalization of smart factory security in this SME environment, it is necessary to establish a process according to the IEC 62443-4-1 Secure Product Development Life cycle at the stage of smart factory SW and HW development. In addition, it is necessary to introduce a suitable development methodology that considers IEC 62443-4-2 Component security requirements and IEC 62443-3 System security requirements. Therefore, this paper proposes an application plan for the IEC 62443 based development security process to provide security internalization to smart factories in an SME environment.

• KIPS Transactions on Computer and Communication Systems
• /
• v.12 no.9
• /
• pp.263-272
• /
• 2023

Industrial Internet of Things (IIoT) is an important factor in increasing production efficiency in industrial sectors, along with data collection, exchange and analysis through large-scale connectivity. However, as traffic increases explosively due to the recent spread of IIoT, an allocation method that can efficiently process traffic is required. In this thesis, I propose a two-stage task offloading decision method to increase successful task throughput in an IIoT environment. In addition, I consider a hybrid offloading system that can offload compute-intensive tasks to a mobile edge computing server via a cellular link or to a nearby IIoT device via a Device to Device (D2D) link. The first stage is to design an incentive mechanism to prevent devices participating in task offloading from acting selfishly and giving difficulties in improving task throughput. Among the mechanism design, McAfee's mechanism is used to control the selfish behavior of the devices that process the task and to increase the overall system throughput. After that, in stage 2, I propose a multi-armed bandit (MAB)-based task offloading decision method in a non-stationary environment by considering the irregular movement of the IIoT device. Experimental results show that the proposed method can obtain better performance in terms of overall system throughput, communication failure rate and regret compared to other existing methods.

• Journal of Industrial Convergence
• /
• v.22 no.4
• /
• pp.1-9
• /
• 2024

Smart factories represent production facilities where cutting-edge information and communication technologies are fused with manufacturing processes, reflecting rapid advancements and changes in the global manufacturing sector. They capitalize on the integration of robotics and automation, the Internet of Things (IoT), and the convergence of artificial intelligence technologies to maximize production efficiency in various manufacturing environments. However, the smart factory environment is prone to security threats and vulnerabilities due to various attack techniques. When security threats occur in smart factories, they can lead to financial losses, damage to corporate reputation, and even human casualties, necessitating an appropriate security response. Therefore, this paper proposes a security authentication mechanism for safe communication in the smart factory environment. The components of the proposed authentication mechanism include smart devices, an internal operation management system, an authentication system, and a cloud storage server. The smart device registration process, authentication procedure, and the detailed design of anomaly detection and update procedures were meticulously developed. And the safety of the proposed authentication mechanism was analyzed, and through performance analysis with existing authentication mechanisms, we confirmed an efficiency improvement of approximately 8%. Additionally, this paper presents directions for future research on lightweight protocols and security strategies for the application of the proposed technology, aiming to enhance security.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2004.05b
• /
• pp.217-220
• /
• 2004

According as utilization for web increases rapidly, it is demanded that model about support interaction between web-based applications systematically and solutions can integrate new distributed platforms and existing environment effectively, accordingly, Web Services appeared by solution in reply. These days, a lot of software and hardware companies try to adoption of Web Services to their market, attenpt to construct their applications associationing components from various Web Services providers. However, to execute Web Services completely. it must have interoperability and need the standardization work that avoid thing which is subject to platform, application as well as service and programming language from other companies. WS-I (Web Services Interoperability organization) have established Basic Profile 1.0 based on XML, UDDI, WSDL and SOAP for web services interoperability and developed usage scenario Profile to apply Web Services in practice. In this paper, to verify suitability Web Services interoperability between heterogeneous two applications, have design and implements the Book Information Web Services that based on the Web Services Client of J2SE platform and the Web Services Server of .NET platform, so that analysis and verify the service by adaptation of WS-I Basic Profile.