• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.18 no.6
• /
• pp.1369-1374
• /
• 2014

In case of APT attacks, the update server is being used as a means of dissemination, the update program is running malicious code or data in applications such as anti-virus signature is vulnerable to manipulation, SW Update threat identification and prevention measures are urgently required. This paper presents a natiional and international SW update structure, update process exploits and response measures to examine, Through the extraction/analysis of a domestic famous SW update log, we are willing to select the necessary component of the normal program update to identify a white list.

• The Journal of Korean Institute of Information Technology
• /
• v.17 no.10
• /
• pp.101-113
• /
• 2019

Recently, the intelligent video surveillance technology has become able to provide various services such as predictive surveillance that have not been provided previously. Securing the security of the intelligent video surveillance is essential, and malicious manipulation of the original CCTV video data can lead to serious social problems. Therefore, in this paper, we proposed an intelligent video surveillance environment based on blockchain. The proposed scheme guarantees the integrity of the CCTV image data and protects the ROI privacy through the edge blockchain, so there is no privacy exposure of the object. In addition, it is effective because it is possible to increase the transmission efficiency and reduce storage by enabling video deduplication.

• Journal of the Korean Society for Railway
• /
• v.11 no.4
• /
• pp.349-356
• /
• 2008

Put Safety-critical systems related to the railway communications are currently undergoing changes. Mechanical and electro-mechanical devices are being replaced by programmable electronics that are often controlled remotely via communication networks. Therefore designers and operators now not only have to contend with component failures and user errors, but also with the possibility that malicious entities are seeking to disrupt the services provided by theirs systems. Recognizing the safety-critical nature of the types of communications required in rail control operations, the communications infrastructure will be required to meet a number of safety requirements such as system faults, user errors and the robustness in the presence of malicious attackers who are willing to take determined action to interfere in the correct operation of a system. This paper discusses the safety strategies employed in the railway communications and proposes a security mechanism for Korean railway communication system. We present the developed communication safety evaluation tool based on the proposed security mechanism and also evaluate its protecting capability against the threats of masquerading, eavesdropping, and unauthorized message manipulation.

• The Journal of the Korea Contents Association
• /
• v.21 no.6
• /
• pp.1-11
• /
• 2021

The Neis System is a system integrating administrative information that was operated in elementary and secondary schools in Korea. Currently, this system is operated by a central server method and contains school administration information and important educational information of students. Among student information, the student life record contains important information for a student to advance to a higher level institution, but problems such as information leakage or manipulation may occur due to malicious attacks. In this paper, we propose a hybrid blockchain system that combines the server and blockchain technology managed by the existing Neis system. The proposed system records the query information of the database in a block when student information is accessed. When a request for correction of student information or issuance of a certificate is received, the query of the blockchain, the information in the database, and the student's key value are checked to determine whether the information has been leaked or manipulated, and only if the data is normal, the request for revision of the record is performed. This process is more secure than the existing central server because it checks the manipulation of data through the blockchain. The proposed system was implemented on the Ethereum platform, and the query information of the blockchain was experimentally verified using smart contracts. This study contributes to enhancing the reliability of the Nice system by strengthening the security against forgery and alteration of student data by combining the existing Nice system with a block chain.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.6
• /
• pp.1465-1475
• /
• 2015

Cheating detection models in the online games can be divided into two parts. The one is on client based model, which is designed to detect malicious programs not to be run while playing the games. The other one is server based model, which distinguishes the difference between benign users and cheaters by the server log analysis. The client based model provides various features to prevent games from cheating, For instance, Anti-reversing, memory manipulation and so on. However, being deployed and operated on the client side is a huge weak point as cheaters can analyze and bypass the detection features. That Is why the server based model is an emerging way to detect cheating users in online games. But the simple log data such as FPS's one can be hard to find validate difference between two of them. In this paper, In order to compensate for the disadvantages of the two detection model above, We use the existing game security solution log as well as the server one to bring high performance as well as detection ratio compared to the existing detection models in the market.