• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.1
• /
• pp.396-413
• /
• 2017

Dynamically checking the integrity of software at run-time is always a hot and difficult spot for trusted computing. Control-flow integrity is a basic and important safety property of software integrity. Many classic and emerging security attacks who introduce illegal control-flow to applications can cause unpredictable behaviors of computer-based systems. In this paper, we present a software-based approach to checking violation of control flow integrity at run-time. This paper proposes a high-performance and low-overhead software control flow checking solution, control flow checking at virtual edges (CFCVE). CFCVE assigns a unique signature to each basic block and then inserts a virtual vertex into each edge at compile time. This together with insertion of signature updating instructions and checking instructions into corresponding vertexes and virtual vertexes. Control flow faults can be detected by comparing the run-time signature with the saved one at compile time. Our experimental results show that CFCVE incurs only 10.61% performance overhead on average for several C benchmark programs and the average undetected error rate is only 9.29%. Compared with previous techniques, CFCVE has the characteristics of both high fault coverage and low memory and performance overhead.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.41 no.9
• /
• pp.1103-1107
• /
• 2016

Network assets have been protected from malware infection by checking the integrity of mobile devices through network access control systems, vaccines, or mobile device management. However, most of existing systems apply a uniform security policy to all users, and allow even infected mobile devices to log into the network inside for completion of the integrity checking, which makes it possible that the infected devices behave maliciously inside the network. Therefore, this paper proposes a network defense mechanism based on isolated networks. In the proposed mechanism, every mobile device go through the integrity check system implemented in an isolated network, and can get the network access only if it has been validated successfully.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.10
• /
• pp.4703-4723
• /
• 2016

The verification of data integrity is an urgent topic in remote data storage environments with the wide deployment of cloud data storage services. Many traditional verification algorithms focus on the block-oriented verification to resolve the dispute of dynamic data integrity between the data owners and the storage service providers. However, these algorithms scarcely pay attention to the data verification charge and the users' verification experience. The users more concern about the availability of accessed files rather than data blocks. Moreover, the data verification charge limits the number of checked data in each verification. Therefore, we propose a mixed verification protocol to verify the data integrity, which rapidly locates the corrupted files by the file-oriented verification, and then identifies the corrupted blocks in these files by the block-oriented verification. Theoretical analysis and simulation results demonstrate that the protocol reduces the cost of the metadata computation and transmission relative to the traditional block-oriented verification at the expense of little cost of additional file-oriented metadata computation and storage at the data owner. Both the opportunity of data extracted and the scope of suspicious data are optimized to improve the verification efficiency under the same verification cost.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.6
• /
• pp.1553-1561
• /
• 2018

The source code for Android is open and easy to modify depending on the purpose. Recently, this charateristic has been exploited to bypass the runtime protection technique and extract the original executable code. Unfortunately, Android devices are so fragmented that it is difficult to verify the integrity of the system. To solve this problem, this paper proposes a technique to verify the integrity of the execution environment indirectly using the features of the application permission. Before executing the original executable code, it loads and executes the dummy DEX file to monitor for abnormal events and determine whether the system is intact. The proposed technique shows a performance overhead of about 2 seconds and shows that it can detect the bypassing technique that is currently disclosed.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.44 no.1
• /
• pp.51-59
• /
• 2021

Electronic document communication based on a digital channel is becoming increasingly important with the advent of the paperless age. The electronic document based on PDF format does not provide a powerful customer experience for a mobile device user despite replacing a paper document by providing the content integrity and the independence of various devices and software. On the other hand, the electronic document based on HTML5 format has weakness in the content integrity as there is no HTML5 specification for the content integrity despite its enhanced customer experience such as a responsive web technology for a mobile device user. In this paper, we design the Document-HTML, which provides the content integrity and the powerful customer experience by declaring the HTML5 constraint rules and the extended tags to contain the digital signature based on PKI. We analyze the existing electronic document that has been used in the major financial enterprise to develop a sample. We also verify the Document-HTML by experimenting with the sample of HTML electronic communication documents and analyze the PKI equation. The Document-HTML document can be used as an authorized electronic document communication and provide a powerful customer experience in the mobile environment between an enterprise and a user in the future.

• The Journal of Information Technology
• /
• v.10 no.3
• /
• pp.77-92
• /
• 2007

This study aims to suggest an implementation methodology of security module for data integrity of mobile internet terminal. This is based on the WTLS(Wileless Transport Layer Security) of WAP Protocol. This security module is expected to achieve central role in conversion of wireless internet environment and emphasis of encryption technology and safe and calculable wireless communication environment construction.

• Journal of the Korean Operations Research and Management Science Society
• /
• v.32 no.2
• /
• pp.149-162
• /
• 2007

In the era of the internet and ubiquitous computing, IS users are still facing a variety of threats. Therefore, a need of more tightened information security service increases unprecedentedly. In this sense, this study is aimed at proposing a new research model in which IT assets (i.e., network, system, and information influence) Security and Information Security Service (i.e., confidentiality, integrity, nonrepudiation, authentication) affect information security quality positively, leading to users' satisfaction eventually. To prove the validity of the proposed research model, PLS analysis is applied with valid 177 questionnaires. Results reveal that both IT assets Security and Information Security Service influence informations security qualify positively, and user satisfaction as well. From the results, it can be concluded that Korean government's recent orchestrated efforts to boost the IT assets Security and Information Security Service helped great improve the information security quality and user satisfaction.

• 제어로봇시스템학회:학술대회논문집
• /
• 2001.10a
• /
• pp.56.4-56
• /
• 2001

Using GPS in the navigation systems such as aviation, maritime and land applications, integrity is considered importantly with accuracy for safety. Integrity monitoring performed in the GPS receiver itself is Receiver Autonomous Integrity Monitoring (RAIM) and need not an independent ground monitoring station. RAIM algorithm uses redundant information when more than four satellites are visible and makes consistency checks between measurement information to alarm users whether the system is operating out of its specified performance limits. Selective Availability (SA) that was used to protect the security interests of the U.S. and its allies by globally denying the full accuracy of the civil system was turned off on May 1, 2000 ...

• Language and Information
• /
• v.2 no.1
• /
• pp.177-213
• /
• 1998

conflicting criterial used in identifying words have called the lexical integrity principle into question. That is, cases where the morphological word does not coincide with the syntactic word have notivated the syntactic view of word derivation, as pointed out by Bresnan and Mchombo(1995). Further, the implicit desire to make the clausal structure of Korean parallel to those posited for English(Chomsky 1991) and French(Pollock 1989) has also led most of the current literature on Korean morphology to claim that Korean verbal inflections head their own functional projections such as AgrP, TP, and MP im syntax. In this paper, I will first argue against such a syntactic view. After reviewing some basic properties of Korean verbal inflections, I will show that the evidence from mismatch phenomena supports the lexical integrity principle over the head-movement theories of word derivation. Then, I will propose a theory of lexical grammar which maintains the lexical integrity principle while retaining the effects of functional projections and syntactic movement.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.12
• /
• pp.6079-6097
• /
• 2018

Safety-related systems (SRSs) has widely used in shipbuilding and power generation to prevent fatal accidents and to protect life and property. Thus, SRS performance is a high priority. The safety integrity level (SIL) is the relative performance level of an SRS with regard to its ability to operate reliably in a safe manner. In this article, we proposed an optimal design procedure to achieve the targeted SIL of SRSs. In addition, a more efficient failure mode and effects diagnostic analysis (FMEDA) process and optimization model were developed to improve cost efficiency. Based on previous IEC 61508 diagnostic analyses that revealed unnecessary costs associated with excessive reliability, the new approach consists of two phases: (i) SIL evaluation by FMEDA, and (ii) solution optimization for achieving the target SIL with minimal cost using integer-programming models. The proposed procedure meets the required safety level and minimizes system costs. A case study involving a gas-detection SRS was conducted to demonstrate the effectiveness of the new procedure.