• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.5
• /
• pp.109-127
• /
• 2011

Mobile Office is a new type of working method in the workplace that can be used at any time or anywhere by connecting to the network with mobile devices. This allows people to do their jobs without their physical presence in their offices to use computers. The elements in mobile office environment are advancing. They include the widespread distribution of the smart phones, the network enhancing strategy in a ubiquitous environment and expansion of the wireless internet; however, there are not enough security guidelines or policies against these threats on the new environment, the mobile office, although there is the revitalization policy of smart work supported by the government. CERT and ISAC, the known security system as of now, could be used for the secure mobile office, In this paper, suggestions are to be provided for strengthening the security of smart mobile office by analysing the functions of CERT and ISAC.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.379-390
• /
• 2012

This study is to consider political implication of indicators to measure personal information security in public sector studied by Ministry of Public Adminstration and Security from 2008 to 2011. The study analyzed the priority of personal information security policy dividing into personal information security infrastructure, personal information management with life cycle, correspondence of information infringement by scholars, experts, and chargers. As the results, to progress personal information security policy is important to management of personal identification information on web site; specially institutional infrastructure as responsible organization, exclusive manpower, and security budget; personal information security infrastructure. As like the results, it would be reflected in the progress of personal information security policy and tried to provide systematic management program with improving safe information distribution and usefulness.

• International Journal of Computer Science & Network Security
• /
• v.21 no.6
• /
• pp.181-186
• /
• 2021

Ensuring national security in cyberspace is becoming an increasingly important issue, given the growing number of cybercrimes due to adaptation to new security and protection technologies. The purpose of this article is to study the features of counteracting, preventing, and detecting crimes in the virtual space of Ukraine on the example of cases and analysis of the State Center for Cyber Defense and Countering Cyber Threats CERT-UA and the Cyber Police Department of the National Police of Ukraine. The research methodology is based on the method of analysis and study of cases of crime detection in the virtual environment of the State Center for Cyber Defense and Countering Cyber Threats CERT-UA and the Cyber Police Department of the National Police of Ukraine. The results show that the consistent development of the legal framework in 2016-2020 and the development of a cyber-defense strategy for 2021-2025 had a positive impact on the institution-building and detection of cybercrime in Ukraine. Establishing cooperation with developed countries (USA) has helped to combat cybercrime by facilitating investigations by US law enforcement agencies. This means that international experience is effective for developing countries as a way to quickly understand the threats and risks of cybercrime. In Ukraine, the main number of incidents concerns the distribution of malicious software in the public sector. In the private sector, cyber police are largely confronted with the misappropriation of citizens' income through Internet technology. The practical value of this study is to systematize the experience of overcoming cybercrime on the example of cases of crime detection in a virtual environment.

• KIPS Transactions on Computer and Communication Systems
• /
• v.9 no.12
• /
• pp.315-320
• /
• 2020

Identity authentication is an important technology that has long been used in society to identify individuals and provide appropriate services. With the development of the Internet infrastructure, many areas have expanded into online areas, and identity authentication technologies have also expanded online. However, there is still a limit to identity authentication technology that relies entirely on trusted third parties like the government. A centralized identity management system makes the identification process between agencies with different identity management systems very complex, resulting in a waste of money and time for users. In particular, the limits of the centralized identity management system were clearly revealed in the face mask shortage in the 2020 COVID-19 crisis. A Decentralized Identity (DID) is a way for users to manage their identity on their own, and recently, a number of DID platform based on blockchain technology have been proposed. In this paper, we analyze the limitations of the existing centralized identity management system and propose a DID system that can be utilized in future national emergency situations such as COVID-19.

• The Journal of the Convergence on Culture Technology
• /
• v.7 no.1
• /
• pp.216-222
• /
• 2021

COVID-19 pandemic brings attentions to the nonmilitary and transnational non-traditonal security threats, as the scales of such damage by these threats are beyond expectation. The Republic of Korea Army tries to forecast non-traditional security threat which may be occurred in Korean peninsula by using collective intelligence platform. In coming years, climate change, social changes and technology development caused by the 4th industrial revolution will diversify non-traditional security threat. Considering urbanization, internet distribution rate, and geopolitical location where atmosphere from continent and ocean meet, Korea would may face the most lethal ones compared to those of other countries may face. Therefore, to predict such threats in pangovernment scale using collective intelligence platforms which embrace civil, public, military, industry, academy and research center is the most important than anything.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.12
• /
• pp.127-134
• /
• 2020

Recently, Harmful sites, including pornographic videos, drugs, personal information and hacking tool distribution sites, have caused serious social problems. However, due to the nature of the Internet environment where anyone can use it freely, it is difficult to control the user effectively. And the site operator operates by changing the domain to bypass the blockage. Therefore, even once identified sites have low persistence. In this paper, we propose multi-channel domain tracking technology, a technique that can effectively track changes in the domain addresses of harmful sites, including the same or similar content, by tracking changes in these harmful sites. Proposed technology is a technology that can continuously track information in a domain using OSINT technology. We tested and verified that the proposed technology was effective for domain tracking with a 90.4% trace rate (sensing 66 changes out of 73 domains).

• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.3
• /
• pp.83-90
• /
• 2022

Diabetes is a common disease today, and there are also many cases of developing into serious complications called Diabetic Foot Ulcers(DFU). Diagnosis and prevention of DFU in advance is an important task, and this paper proposes the method. Based on existing studies introduced in the paper, it can be seen that foot pressure and temperature information are deeply correlated with DFU. Introduce the process and architecture of SmarTinsole, an IoT device that measures these indicators. Also, the paper describes the preprocessing process for AI-based diagnosis of DFU. Through the comparison of the measured pressure graph and the actual human step distribution, it presents the results that multiple information collected in real-time from SmarTinsole are more efficient and reliable than the previous study.

• Journal of Digital Convergence
• /
• v.19 no.4
• /
• pp.133-139
• /
• 2021

Due to the rapid progress in network technology, many research on content security technologies is also being conducted in the mobile digital content sector. In the meantime, content protection has been immersed in preventing illegal copying, certifying, and issuance/management certificates, but still have many vulnerabilities in managing or authenticating confidential information. This study aims to strengthen confidential information about content based on dual management of content download rights through mobile phone numbers or device numbers. It also protect replay-attack by building a secure mobile DRM system where digital content is safely distributed based on a three-stage user authentication process. In addition, blockchain-based content security enhancements were studied during the primary/secondary process for user authentication for the prevention of piracy and copyright protection. In addition, the client authentication process was further improved through three final stages of authorization in the use of illegal content, considering that legitimate users redistributed their content to third-party.

• Journal of Advanced Information Technology and Convergence
• /
• v.10 no.2
• /
• pp.15-31
• /
• 2020

Various websites have been created due to the increased use of the Internet, and the number of documents distributed through these websites has increased proportionally. However, it is not easy to collect newly updated documents rapidly. Web crawling methods have been used to continuously collect and manage new documents, whereas existing crawling systems applying a single node demonstrate limited performances. Furthermore, crawlers applying distribution methods exhibit a problem related to effective node management for crawling. This study proposes an efficient distributed crawler through stepwise crawling node allocation, which identifies websites' properties and establishes crawling policies based on the properties identified to collect a large number of documents from multiple websites. The proposed crawler can calculate the number of documents included in a website, compare data collection time and the amount of data collected based on the number of nodes allocated to a specific website by repeatedly visiting the website, and automatically allocate the optimal number of nodes to each website for crawling. An experiment is conducted where the proposed and single-node methods are applied to 12 different websites; the experimental result indicates that the proposed crawler's data collection time decreased significantly compared with that of a single node crawler. This result is obtained because the proposed crawler applied data collection policies according to websites. Besides, it is confirmed that the work rate of the proposed model increased.

• International journal of advanced smart convergence
• /
• v.11 no.1
• /
• pp.11-18
• /
• 2022

Securities and investment services have and use large data. Investors started to invest through their own analysis methods. There are 22 major securities and investment companies in Korea and only 6 companies support open API. Python is effective for requesting and receiving, analyzing text data from open API. Daishin Securities Co. is the only open API that officially supports Python, and eBest Investment & Securities Co. unofficially supports Python. There are two important differences between CYBOS plus of Daishin Securities Co. and xingAPI of eBest Investment & Securities Co. First, we must log in to CYBOS plus to access the server of Daishin Securities Co. And the python program does not require a logon. However, to receive data using xingAPI, users log on in an individual Python program. Second, CYBOS plus receives data in a Request/Reply method, and zingAPI receives data through events. It can be thought that these points will show a difference in response time. Response time is important to users who use open APIs. Data were measured from August 5, 2021, to February 3, 2022. For each measurement, 15 repeated measurements were taken to obtain 420 measurements. To increase the accuracy of the study, both APIs were measured alternately under same conditions. A paired t-test was performed to test the hypothesis that the null hypothesis is there was no difference in means. The p-value is 0.2961, we do not reject null hypothesis. Therefore, we can see that there is no significant difference between means. From the boxplot, we can see that the distribution of the response time of eBest is more spread out than that of Cybos, and the position of the center is slightly lower. CYBOS plus has no restrictions on Python programming, but xingAPI has some limits because it indirectly supports Python programming. For example, there is a limit to receiving more than one current price.