• Proceedings of the Korea Information Processing Society Conference
• /
• 2014.11a
• /
• pp.550-552
• /
• 2014

차량 내부 네트워크는 LIN, CAN, FlexRay와 같은 제어 네트워크와 MOST와 같은 멀티미디어 네트워크가 있으며 이 내부 네트워크와 연결해 서비스를 사용하는 RF 통신으로는 대표적으로 블루투스, GSM, NFC가 있다. 그러나 능동 안전 시스템과 같은 지능형 기술의 지속적인 도입과 기계, 유압식 기기의 전자화에 따른 네트워크상의 통신량이 급격히 증가하면서 네트워크의 규모 및 통신 복잡도 등이 증가하고 있다. 따라서 차량 내/외부 네트워크의 최적화, 최소화 문제가 반드시 해결되어야하는 문제로 떠오르고 있다. 또한 이러한 통신환경이 갖추어진 이후에도 무선통신 기술의 성능향상 및 통신기술과 응용 서비스 분야와의 연계, 그리고 통신서비스를 위한 사업 모델 개발이 요구되는 등 앞으로 해결 해야하는 문제는 여전히 많이 남아 있다고 할 수 있다. 본 논문에서는 지능형 자동차의 RF 통신서비스에서 발생할 수 있는 지능형자동차의 보안위협 요소를 분석하고자 한다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.10
• /
• pp.1353-1358
• /
• 2021

IoT (Internet of Things) emerges from various technologies such as communications, micro processors and embedded system and so on. The IoT has also been used to UAV (Unmanned Aerial Vehicle) system. In manned aircraft, a pilot and co-pilot should control FCS (Flight Control System) with FBW(Fly By Wire) system for flight operation. In contrast, the flight operation in UAV system is remotely and fully managed by GCS (Ground Control System) almost in real time. To make it possible the communication channel should be necessary between the UAV and the GCS. There are many protocols between two systems. Amongst them, MAVLink (Macro Air Vehicle Link) protocol is representatively used due to its open architecture. MAVLink does not define any securities itself, which results in high vulnerability from external attacks. This paper proposes the method to enhance data security in GCS network by applying cryptographic methods to the MAVLink messages in order to support safe UAV operations.

• Journal of KIISE:Information Networking
• /
• v.29 no.3
• /
• pp.286-298
• /
• 2002

The Remote Procedure Call(RPC) has been traditionally used for Inter Process Communication(IPC) among precesses in distributed computing environment. As distributed applications have been complicated more and more, the Mobile Agent paradigm for IPC is emerged. Because there are some paradigms for IPC, researches to evaluate and compare the performance of each paradigm are issued recently. But the performance models used in the previous research did not reflect real distributed computing environment correctly, because they did not consider the evacuation elements for providing security services. Since real distributed environment is open, it is very vulnerable to a variety of attacks. In order to execute applications securely in distributed computing environment, security services which protect applications and information against the attacks must be considered. In this paper, we evaluate and compare the performance of the Remote Procedure Call with that of the Mobile Agent in IPC paradigms. We examine security services to execute applications securely, and propose new performance models considering those services. We design performance models, which describe information retrieval system through N database services, using Petri Net. We compare the performance of two paradigms by assigning numerical values to parameters and measuring the execution time of two paradigms. In this paper, the comparison of two performance models with security services for secure communication shows the results that the execution time of the Remote Procedure Call performance model is sharply increased because of many communications with the high cryptography mechanism between hosts, and that the execution time of the Mobile Agent model is gradually increased because the Mobile Agent paradigm can reduce the quantity of the communications between hosts.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38C no.8
• /
• pp.651-662
• /
• 2013

In this study, we suggest the selecting evaluation method considering 6 major factors like Compliance system application (Development language conformance, Platform Compliance), threat evaluation (criticality of security incident, possibility of security incident), application benefit (Reliability / quality improvement, Modify Cost) for appropriate secure coding rule selecting evaluation. Using this method, we selected and make a set consist of 197 secure coding rules for Battlefield Management System Software. And calculated the application priority for each rules.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.6
• /
• pp.370-378
• /
• 2014

It is well known that data mining plays a crucial role in varities of real-world applications, by which extracts knowledge from large volume of datasets. Among functionalties provided by data mining, frequency mining over given multisets is a basic and essential one. However, most of users would like to obtain the frequency over their multisets without revealing their own multisets. In this work, we come up with a novel way to achive this goal and prove its security rigorously. Our scheme has several advantages over existing work as follows: Firstly, our scheme has the most efficient computational complexity in the cardinality of multisets. Further our security proof is rigorously in the simulation paradigm. Lastly our system assumption is general.

• Convergence Security Journal
• /
• v.18 no.3
• /
• pp.27-35
• /
• 2018

The certificate is electronic information issued by an accredited certification body to certify an individual or to prevent forgery and alteration between communications. Certified certificates are stored in PCs and smart phones in the form of encrypted files and are used to prove individuals when using Internet banking and smart banking services. Among the rapidly growing Android-based malicious applications are malicious apps that leak personal information, especially certificates that exist in the form of files. This paper proposes a method for judging whether malicious codes leak certificates by using DroidBox, an Android-based dynamic analysis tool.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.353-362
• /
• 2023

Messenger phishing, communications frauds crime, exploits remote control of smartphones and non-face-to-face financial transactions, causing property damage due to money transfers, as well as account opening and loans in the name of victims. Such financial accidents may be careless of victims, but the current messenger phishing criminal method is intelligent and can be seen as digging into loopholes in the non-face-to-face user verification process. In this paper we analyze how messenger phishing uses loopholes in user identification procedures in non-face-to-face financial transactions. Through experiments, it is suggested to improve the non-face-to-face verification process for safer financial transactions.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.19 no.1
• /
• pp.19-25
• /
• 2024

This paper proposes an artificial intelligence-based personal information area object detection optimization method in an embedded system to de-identify personal information in video data. As an object detection optimization method, first, in order to increase the detection rate for personal information areas when detecting objects, a gyro sensor is used to collect the shooting angle of the image data when acquiring the image, and the image data is converted into a horizontal image through the collected shooting angle. Based on this, each learning model was created according to changes in the size of the image resolution of the learning data and changes in the learning method of the learning engine, and the effectiveness of the optimal learning model was selected and evaluated through an experimental method. As a de-identification method, a shuffling-based masking method was used, and double-key-based encryption of the masking information was used to prevent restoration by others. In order to reuse the original image, the original image could be restored through a security key. Through this, we were able to secure security for high personal information areas and improve usability through original image restoration. The research results of this paper are expected to contribute to industrial use of data without personal information leakage and to reducing the cost of personal information protection in industrial fields using video through de-identification of personal information areas included in video data.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37A no.10
• /
• pp.858-864
• /
• 2012

In South Korea, to effective and systematic response to disasters, the government will build wireless communication network for PPDR(Public Protection and Disaster Relief) on a national level by 2015. To do it, as MOPAS(Ministry of Public Administration and Security) requested the new frequency assignment for PPDR, KCC(Korea Communications Commission) has been examined new frequency allocations about TETRA and WiBro technologies. In this paper, we were defined the technical parameters, were estimated the spectrum of TETRA-TRS requirements for Korean wireless communication of PPDR based on M.2033 methodology recommended by ITU-R.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.32 no.2B
• /
• pp.133-142
• /
• 2007

WPANs are formed in relatively small area and a PNC that serves as a central control device plays an important role in the operation and organization of a piconet. Typical applications of WPANs are security system and health monitoring system. In these type of systems, guaranteeing realtime service is very important, and communications cannot take place when the PNC malfunctions. Thus, in this situation, it is necessary to elect a new PNC as soon as possible. For this reason, we propose distributed PNC election scheme that considers not only QoS support but also network connectivity to avoid possible network partition. Simulation results show proposed mechanism can select PNC with guaranteeing QoS and connectivity for a limited period.