• Journal of the Institute of Electronics Engineers of Korea SD
• /
• v.41 no.12
• /
• pp.67-74
• /
• 2004

AES is frequently used as a symmetric cryptography algorithm for the Internet. Wireless embedded systems increasingly use more conventional wired network protocols. Hence, it is important to have low-cost implementations of AES for thor The basic architecture of AES unrolls oかy one full cipher round which uses 20 S-boxes together with the key scheduler and the algorithm repeatedly executes it. To reduce the implementation cost further, the folded architecture which uses only eight S-box units was studied in the recent years. In this paper, we will study a low-cost AES implementation for wireless communication technology based on the folded architecture. We first improve the folded architecture to avoid the sixteen bytes of additional state memory. Then, we implemented a single byte architecture where only one S-box unit is used for data encryption and key scheduling. It takes 352 clocks to finish a complete encryption. We found that the maximum clock frequency of its FPGA implementation reaches about 40 MHz. It can achieve about 13 Mbps which is enough for 3G wireless communication technology.

• Journal of Korea Society of Industrial Information Systems
• /
• v.18 no.6
• /
• pp.83-94
• /
• 2013

As smart devices have proliferated and mobile networks have accelerated, various wired IT(Information Technology) services are transplanted in wireless environments. Cloud computing service, enabling individual users or firm users to download data from a server and upload data after manipulating data, is also available in mobile devices. Unlike cloud service in wired network environments, mobile cloud service provides differentiated aspects in mobility, security issues caused by persistent connection to networks. In this paper we aim to analyze the factors affecting the user attitude and their structural relationships towards mobile cloud service use. We extend TAM(Technology Acceptance Model) to consider the characteristics of mobile environments. Research findings, analyzed by SEM(Structural Equation Model), are explained and practical implications are presented with concluding remarks.

• Journal of the Korean Society for Railway
• /
• v.19 no.2
• /
• pp.159-169
• /
• 2016

The current railway control system in Korea is comprised of signaling, electric rail power, communication, and maintenance systems that are independent of each other. Further, these systems have different mediums and protocols for transmitting the field equipment data to the central control system. The Safety Supervision System has as its purpose the collecting of safety-related data from each system to predict and prevent accidents, this system utilizes standard protocol. Safety-related data need to be collected from field data transmission devices of the existing control system, the data should be collected without affecting the communication of the existing system. In this study, sniffing skill, which is typically used for network traffic monitoring or security, is used to collect data. The problems arising from the use of sniffing devices are noted, and the Packet Conversion Node is proposed as a solution to the problems. Further, functional and performance testing were completed for the prototype, and the software architecture and packet conversion process were verified.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.14 no.1
• /
• pp.75-81
• /
• 2004

Signature based intrusion detection system (IDS), having stored rules for detecting intrusions at the library, judges whether new inputs are intrusion or not by matching them with the new inputs. However their policy has two restrictions generally. First, when they couldn`t make rules against new intrusions, false negative (FN) errors may are taken place. Second, when they made a lot of rules for maintaining diversification, the amount of resources grows larger proportional to their amount. In this paper, we propose the learning algorithm which can evolve the competent of anomaly detectors having the ability to detect anomalous attacks by genetic algorithm. The anomaly detectors are the population be composed of by following the negative selection procedure of the biological immune system. To show the effectiveness of proposed system, we apply the learning algorithm to the artificial network environment, which is a computer security system.

• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.2
• /
• pp.33-40
• /
• 2016

Due to the growth of social network systems (SNS), big data are realized and Hadoop was developed as a distributed platform for analyzing big data. Enterprises analyze data containing users' sensitive information by using Hadoop and utilize them for marketing. Therefore, researches on data encryption have been done to protect the leakage of sensitive data stored in Hadoop. However, the existing researches support only the AES encryption algorithm, the international standard of data encryption. Meanwhile, Korean government choose ARIA algorithm as a standard data encryption one. In this paper, we propose a HDFS data encryption scheme using ARIA algorithms on Hadoop. First, the proposed scheme provide a HDFS block splitting component which performs ARIA encryption and decryption under the distributed computing environment of Hadoop. Second, the proposed scheme also provide a variable-length data processing component which performs encryption and decryption by adding dummy data, in case when the last block of data does not contains 128 bit data. Finally, we show from performance analysis that our proposed scheme can be effectively used for both text string processing applications and science data analysis applications.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.12
• /
• pp.1688-1696
• /
• 2020

The paradigm of Internet-of-things(IoT) systems is changing from a cloud-based system to an edge-based system to solve delays caused by network congestion, server overload and security issues due to data transmission. However, edge-based IoT systems have fatal weaknesses such as lack of performance and flexibility due to various limitations. To improve performance, application-specific hardware can be implemented in the edge device, but performance cannot be improved except for specific applications due to a fixed function. This paper introduces a edge-centric metamorphic IoT(mIoT) platform that can use a variety of hardware through on-demand partial reconfiguration despite the limited hardware resources of the edge device, so we can increase the performance and flexibility of the edge device. According to the experimental results, the edge-centric mIoT platform that executes the reconfiguration algorithm at the edge was able to reduce the number of server accesses by up to 82.2% compared to previous studies in which the reconfiguration algorithm was executed on the server.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.22 no.5
• /
• pp.17-22
• /
• 2022

In this paper, we design a lightweight embedded device that can support intelligent edge computing, and show that the device quickly detects an object in an image input from a camera device in real time. The proposed system can be applied to environments without pre-installed infrastructure, such as an intelligent video control system for industrial sites or military areas, or video security systems mounted on autonomous vehicles such as drones. The On-Device AI(Artificial intelligence) technology is increasingly required for the widespread application of intelligent vision recognition systems. Computing offloading from an image data acquisition device to a nearby edge device enables fast service with less network and system resources than AI services performed in the cloud. In addition, it is expected to be safely applied to various industries as it can reduce the attack surface vulnerable to various hacking attacks and minimize the disclosure of sensitive data.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.12
• /
• pp.3383-3397
• /
• 2023

Scene graphs serve as semantic abstractions of images and play a crucial role in enhancing visual comprehension and reasoning. However, the performance of Scene Graph Generation is often compromised when working with biased data in real-world situations. While many existing systems focus on a single stage of learning for both feature extraction and classification, some employ Class-Balancing strategies, such as Re-weighting, Data Resampling, and Transfer Learning from head to tail. In this paper, we propose a novel approach that decouples the feature extraction and classification phases of the scene graph generation process. For feature extraction, we leverage a transformer-based architecture and design an adaptive calibration function specifically for predicate classification. This function enables us to dynamically adjust the classification scores for each predicate category. Additionally, we introduce a Distribution Alignment technique that effectively balances the class distribution after the feature extraction phase reaches a stable state, thereby facilitating the retraining of the classification head. Importantly, our Distribution Alignment strategy is model-independent and does not require additional supervision, making it applicable to a wide range of SGG models. Using the scene graph diagnostic toolkit on Visual Genome and several popular models, we achieved significant improvements over the previous state-of-the-art methods with our model. Compared to the TDE model, our model improved mR@100 by 70.5% for PredCls, by 84.0% for SGCls, and by 97.6% for SGDet tasks.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.8B
• /
• pp.730-737
• /
• 2003

In this paper, we present an efficient authentication proxy for IEEE 802.1x systems based on the port-based access control mechanism. An IEEE 802.1x system consists of PC supplicants, a bridge with authentication client functions, and an authentication server. For the network security and user authentication purposes, a supplicant who wants to access Internet should be authorized to access the bridge port using the Extended Authentication Protocol (EAP) over LAN. The frame of EAP over LAN is then relayed to the authentication server by the bridge. After several transactions between the supplicant and the server via the bridge, the supplicant may be either authorized or not. Noting that the transactions between the relaying bridge and the server will be increased as the number of supplicants grows in public networks, we propose a scheme for reducing the transactions by employing an authentication proxy function at the bridge. The proxy is allowed to cache the supplicant's user ID and password during his first transaction with the server. For the next authentication procedure of the same supplicant, the proxy function of the bridge handles the authentication transactions using its cache on behalf of the authentication server. Since the main authentication server handles only the first authentication transaction of each supplicant, the processing load of the server can be reduced. Also, the authentication transaction delay experienced by a supplicant can be decreased compared with the conventional 802.1x system.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.27 no.10C
• /
• pp.1015-1026
• /
• 2002

As per increasing research interest in the field of collaborative computing in recent year, the importance of security issues on that area is also incrementally growing. Generally, the persistency of collaborative system is facilitated with conventional authentication and cryptography schemes. It is however, hard to meet the access control requirements of distributed collaborative computing environments by means of merely apply the existing access control mechanisms. The distributed collaborative system must consider the network openness, and various type of subjects and objects while, the existing access control schemes consider only some of the access control elements such as identity, rule, and role. However, this may cause the state of security level alteration phenomenon. In order to handle proper access control in collaborative system, various types of access control elements such as identity, role, group, degree of security, degree of integrity, and permission should be taken into account. Futhermore, if we simply define all the necessary access control elements to implement access control algorithm, then collaborative system consequently should consider too many available objects which in consequence, may lead drastic degradation of system performance. In order to improve the state problems, we propose a novel access control framework that is suitable for the distributed collaborative computing environments. The proposed scheme defines several different types of object elements for the accessed objects and subjects, and use them to implement access control which allows us to guarantee more solid access control. Futhermore, the objects are distinguished by three categories based on the characteristics of the object elements, and the proposed algorithm is implemented by the classified objects which lead to improve the systems' performance. Also, the proposed method can support scalability compared to the conventional one. Our simulation study shows that the performance results are almost similar to the two cases; one for the collaborative system has the proposed access control scheme, and the other for it has not.