• Convergence Security Journal
• /
• v.13 no.4
• /
• pp.53-59
• /
• 2013

As the hacking technology for cyber-terror and financial fraud evolves, the research and development for advanced and standardized information security technology is growing to be more and more important. In this paper, the domestic level of technology and standardization for information security as compared to advanced country is diagnosed, and future policy is presented by analyzing the influence effect for market and technology. The information security is classified into information security-based & user protection, network & system security, and application security & evaluation validation with details of OTP-based validation, smart-phone app security, and mobile electronic finance, etc. The analytic results indicate that domestic level is some poor for advanced country, the technological development and standardization capability for smart-phone app security and mobile electronic finance is needed, and finally the government's supporting policy for the future Internet is urgently needed.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.277-280
• /
• 2011

VoIP is a technology of voice communication, using the existing internet network which sends and receives voice packets. VoIP has an advantage that VoIP is cheaper than an existing telephony, and the tech is vitalized lately. But recently you can download Volp Application in the Market that have a vulnerability(Anyone Can Upload). This weakness is wrongfully used that People are downloaded by encouraging about malignant code is planted. Signal intercepts indicates from this case. and paralysis by DDoS Attack, bypass are charged for hacking. Judging from, security threat of VolP analysis and take countermeasures. In the thesis we analyze the VoIP security caused on 'Soft Phone' and 'Smart Phone', and figure out security policies and delineate those policies on the paper.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.245-248
• /
• 2011

Voice over Internet protocol(VoIP) is call's contents using the existing internet. Thus, in common with the Internet service has the same vulnerability. In addition, unlike traditional PSTN remotely without physical access to hack through the eavesdropping is possible. Cyber terrorism by anti-state groups take place when the agency's computer network and telephone system at the same time work is likely to get upset. In this paper is penetration testing for security threats(Call interception, eavesdropping, misuse of services) set out in the NIS in the VoIP. In addition, scenario writing and penetration testing, hacking through the Voice over Internet protocol at the examination center will study discovered vulnerabilities. Vulnerability discovered in Voice over Internet protocol presents an attack and defense plan.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.2
• /
• pp.394-402
• /
• 2010

At a recent, enterprises based on online-service are established because of rapid growth of information network. These enterprises collect personal information and do customer management. If customers use a paid service, company send billing information to customer and customer pay it. Such circulation and management of information is big issue but most companies don't care of information security. Actually, personal information that was managed by largest internal open-market was exposed. For safe customer information management, this paper proposes the method that decrease load of RSA cryptography algorithm that is commonly used for preventing from illegal attack or hacking. The method for decreasing load was designed by Binary NAF Method and it can operates modular Exponentiation rapidly. We implemented modular Exponentiation algorithm using existing Binary Method and Windows Method and compared and evaluated it.

• Journal of Korea Multimedia Society
• /
• v.14 no.5
• /
• pp.703-709
• /
• 2011

State-based infrastructure on IT-based network are prone to numerous cyber attack including subsequent hacking and internet infringement. These acts of terrorism are increasing because of the expanding IT convergence technology. Recently, the trend on cyber security monitoring and control researches focus on combining the general idea of security monitoring and control along with IT field and other control systems. This convergence trend has been increasing in both the use and importance. This research analyzes the state-based infrastructure monitoring and control system, its vulnerability as well as its improvement by incorporating the cyber convergence systems to existing systems. The subject of this research is for extensive use of CCTV systems which is expanded for 'CCTV Monitoring and Control Field' as well as 'Traffic Monitoring and Control Field' operated by 'Intelligent Traffic Information System' and Disaster Management Area which is studied in various fields. Eventually, the objective of the paper is to solve these issues, to apply related systems and to suggest improvement on the convergence system.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.5 no.5
• /
• pp.447-453
• /
• 2004

In this paper, we propose a new system to block harmful Internet information based on IP spoofing. The proposed system is located on a organization's internal network and monitors all outgoing traffic and lets all this traffic go outside. Once the proposed system detects a host's access to a harmful site, it sends the host a pseudo RST packet that pretends to be the response from the harmful site, and prevents the connection between the host and the harmful site. The proposed software system is installed on only a server, and need not be installed on user hosts at all. Thus we can maintain and upgrade the blocking system easily. The performance evaluation of the proposed system shows that it effectively blocks the access to the harmful sites. Since the proposed system is based on IP spoofing, it can be used badly as a hacking tool. Finally we propose some methods to eliminate this possibility.

• Journal of Convergence for Information Technology
• /
• v.8 no.3
• /
• pp.85-90
• /
• 2018

Blockchain technology provides distributed trust structure; with this, we can implement a system that cannot be forged and make Smart Contract possible. With blockchain technology emerging as next generation security technology, there have been studies on authentication and security services that ensure integrity. Although Internet-based services have been going with user authentication with password, the information can be stolen through a client and a network and the server is exposed to hacking. For the reason, we suggest blockchain technology and OTP based authentication mechanism to ensure integrity. In particular, the Two-Factor Authentication is able to ensure secure authentication by combining OTP authentication and biometric authentication without using password. As the suggested authentication applies multiple hash functions and generates transactions to be placed in blocks in order for biometric information not to be identified, it is protected from server attacks by being separate from the server.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.7
• /
• pp.993-999
• /
• 2021

Recently, many studies on VNDN technology have been conducted to graft Named Data Networking (NDN) into VANET as a core network technology. VNDN can use the content name to deliver various infotainment application content data through name-based forwarding. When VNDN is used as a communication technology for infotainment applications in connected vehicles, it is possible to realize data-centric networking technology in which data is the subject of communication. It can overcome the limitations of connected vehicle infotainment application service technology based on the host-centric current Internet, such as security attack/hacking, performance degradation in long-distance data transmission, frequent data cut-off. In this paper, we present the main functions provided by VNDN technology, and systematically analyze and organize the issues necessary to realize infotainment application services for connected vehicles in the VNDN environment. Based on this, it can be utilized as basic information necessary to establish infotainment application requirements in VNDN environment.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.23 no.1
• /
• pp.103-110
• /
• 2019

Electronic voting has been followed by a lot of research as it provides convenience to voters and increases participation rates. Nevertheless, electronic voting has not been widespread yet. The existing electronic voting system does not guarantee credibility, and there arises a question on the security that the voting could be forged or altered by the attack to the central server. In this paper, we proposed blockchain based systems to solve the problems in electronic voting. Although the blockchain may guarantee the security of transaction data, there have been only a few electronic voting systems implemented using the blockchain. We developed blockchain enabled voting and brought out some of its related legal, technical and operational challenges to enforce more security in voting. Unlike centralized voting, the systems could enforce security and solve the problems such as forgery or alteration of transaction data caused by hacking or any attempts to gain control of the central server system.

• Convergence Security Journal
• /
• v.19 no.1
• /
• pp.11-17
• /
• 2019

Recently, the abuse of Internet technology has caused economic and mental harm to society as a whole. Especially, malicious code that is newly created or modified is used as a basic means of various application hacking and cyber security threats by bypassing the existing information protection system. However, research on small-capacity executable files that occupy a large portion of actual malicious code is rather limited. In this paper, we propose a model that can analyze the characteristics of known small capacity executable files by using data mining techniques and to use them for detecting unknown malicious codes. Data mining analysis techniques were performed in various ways such as Naive Bayesian, SVM, decision tree, random forest, artificial neural network, and the accuracy was compared according to the detection level of virustotal. As a result, more than 80% classification accuracy was verified for 34,646 analysis files.