• Advances in Traditional Medicine
• /
• v.8 no.1
• /
• pp.17-23
• /
• 2008

While full recognition of the practical value of Traditional Chinese Medicine is being endorsed, the current stand on the research methodology of this field should be worked out. Since modern medicine has already developed a logical system of research methodology basing on the principles of deduction, any research on any system of medicine need to take reference to what is most popularly used and commonly recommended. The best way to approach research on Chinese Medicine, therefore, would be one that would take full reference to the methodology being used in modern medicine, while at the same time respecting the traditional approach. This would enable traditional medicine to be elevated to the level of general modern recognition. Nevertheless, innate problems in traditional medicine are making its research difficult. The problems lie in difficulties to achieve uniform herb supply, principles of randomization and placebo arrangements, uncertain chemical structures and toxicology etc. A practical approach centered on carefully planned evidence-based clinical trials, with parallel studies on biological activities and herb authentication is being recommended.

• ETRI Journal
• /
• v.38 no.6
• /
• pp.1145-1152
• /
• 2016

Because the nodes in a wireless sensor network (WSN) are mobile and the network is highly dynamic, monitoring every node at all times is impractical. As a result, an intruder can attack the network easily, thus impairing the system. Hence, detecting anomalies in the network is very essential for handling efficient and safe communication. To overcome these issues, in this paper, we propose a rule-based anomaly detection technique using roaming honeypots. Initially, the honeypots are deployed in such a way that all nodes in the network are covered by at least one honeypot. Honeypots check every new connection by letting the centralized administrator collect the information regarding the new connection by slowing down the communication with the new node. Certain predefined rules are applied on the new node to make a decision regarding the anomality of the node. When the timer value of each honeypot expires, other sensor nodes are appointed as honeypots. Owing to this honeypot rotation, the intruder will not be able to track a honeypot to impair the network. Simulation results show that this technique can efficiently handle the anomaly detection in a WSN.

• Journal of Electrical Engineering and Technology
• /
• v.7 no.3
• /
• pp.443-450
• /
• 2012

As power grids are integrated into one big umbrella (i.e., Smart Grid), communication network plays a key role in reliable and stable operation of power grids. For successful operation of smart grid, interoperability and security issues must be resolved. Security means providing network system integrity, authentication, and confidentiality service. For a cyber-attack to a power grid system, which may jeopardize the national security, vulnerability of communication infrastructure has a serious impact on the power grid network. While security aspects of power grid network have been studied much, security mechanisms are rarely adopted in power gird communication network. For security issues, strict timing requirements are defined in IEC 61850 for mission critical messages (i.e., GOOSE). In this paper, we apply security algorithms (i.e., MD-5, SHA-1, and RSA) and measure their processing time and transmission delay of secured mission critical messages. The results show the algorithms satisfying the timing requirements defined in IEC 61850 and we observer the algorithm that is optimal for secure communication of mission critical messages. Numerical analysis shows that SHA-1 is preferable for secure GOOSE message sending.

• International Journal of Computer Science & Network Security
• /
• v.21 no.1
• /
• pp.107-118
• /
• 2021

The term Internet of Things (IoTs) refers to the future where things are known daily through the Internet, whether in one way or another, as it is done by the method of collecting various information from various sensors to form a huge network through which people, things and machines are helped to make a link between them at all time and anywhere. The IoTs is everywhere around us such as connected appliances, smart homes security systems and wearable health monitors. However, the question is what if there is a malfunction or outside interference that affects the work of these IoTs based devises? This is the reason of the spread of security causes great concern with the widespread availability of the Internet and Internet devices that are subject to many attacks. Since there aren't many studies that combines requirements, mechanisms, and the attacks of the IoTs, this paper which explores recent published studies between 2017 and 2020 considering different security approaches of protection related to the authentication, integrity, availability and confidentiality Additionally, the paper addresses the different types of attacks in IoTs. We have also addressed the different approaches aim to prevention mechanisms according to several researchers' conclusions and recommendations.

• THE INTERNATIONAL COMMERCE & LAW REVIEW
• /
• v.34
• /
• pp.157-185
• /
• 2007

The purpose of this thesis is to contribute to the activation of e-contract service for one stop e-trade by analyzing the problems and its solutions in e-contract service at home and abroad. In order to achieve the purpose of this thesis, case studies are done on e-contract service providers such as CECTRUST service of NTT DATA in Japan and HanCM.com of Haansoft in Korea and user companies such as Taisei Corporation using CECTRUST service and Hyundai Card using HanCM.com. The problems in the e-contract service are the lack of e-contract service providers, rare publicity of e-contract service, limited use of e-contract service at only home, higher pricing for e-contract service, short time management of e-contract documents by service providers, no application of newly developed security technology to e-contract service, unsatisfaction of requirements of e-contract service provider as trusted third party, absence of lower pricing e-contract service by service provider, authorizing key error in electronic signature under recognized authentication system in case of fail in renewal of digital certificate and reproduction of digital certificate. The solutions of these problems are the upbringing of e-contract service providers, broad publicity of e-contract service, development of e-contract service on a global basis, establishment of lower pricing for e-contract service, long time management of e-contract documents by service providers, application of newly developed security technology such as bio technology to e-contract service, satisfaction of requirements of e-contract service provider as trusted third party by designation of recognized e-document repository, development of lower e-contract service by way of application service provider(ASP), introduction of time stamping of e-contract document and signature key value. The limitation of this thesis is that the problems and its solutions could not meet with the broad recognition as they are conferred by intuition because of few e-contract service provider.

• Journal of Internet Computing and Services
• /
• v.5 no.6
• /
• pp.45-58
• /
• 2004

This paper consists of two parts, One is the ECC( GF(2/sup m/)) algorithm to improve the security strength and the processing time of SSL VPN and the other is the WLCAPT algorithm instead of LSNAT for the security strength of virtual server. In general when corporates use SSL protocol in order to build VPN, they use RSA algorithm with the problem of security and processing time about authentication and confidentiality, In this paper, a shared public key is generated with ECSPK which uses ECC( GF(2/sup m/)) algorithm to improve the security and processing time instead of RSA In addition, WLCAPT algorithm proposed in this paper is applied to virtual server which resides in the server side and then after NAT translation, the actual server of headquarter is securely communicated with it.

• Journal of Internet Computing and Services
• /
• v.9 no.4
• /
• pp.85-96
• /
• 2008

An authentication procedure on wired and wireless network will be done based on the registration and management process storing both the user's IP address and client device's MAC address information. However, existent MAC address registration/administration mechanisms were weak in MAC Spoofing attack as the attacker can change his/her own MAC address to client's MAC address. Therefore, an advanced mechanism should be proposed to protect the MAC address spoofing attack. But, existing techniques sequentially compare a sequence number on packet with previous one to distinguish the alteration and modification of MAC address. However, they are not sufficient to actively detect and protect the wireless MAC spoofing attack. In this paper, both AirSensor and AP are used in wireless network for collecting the MAC address on wireless packets. And then proposed module is used for detecting and protecting MAC spoofing attack in real time based on MAC Address Lookup table. The proposed mechanism provides enhanced detection/protection performance and it also provides a real time correspondence mechanism on wireless MAC spoofing attack with minimum delay.

• The Journal of the Korea Contents Association
• /
• v.19 no.12
• /
• pp.313-320
• /
• 2019

One of the causes of many damage cases that occur today by hacking attack is social engineering attack. The attacker is usually a malicious traitor or an ignorant insider. As a solution, we are strengthening security training for all employees in the organization. Nevertheless, there are frequent situations in which computers are shared. In this case, the person in charge of the computer has difficulty in tracking and responding when a specific representative accessed and what a specific representative did. In this paper, we propose the method that the person in charge of the computer tracks in real time through the smartphone when a representative access the computer, when a representative access offline using hacked or shared authentication. Also, we propose a method to prevent the leakage of important information by encrypting and backing up important files of the PC through the smartphone in case of abnormal access.

• Management & Information Systems Review
• /
• v.14
• /
• pp.151-180
• /
• 2004

Owing to the digital revolution, Internet Commerce and Electronic commerce, revolutionize the way of doing business and making payment. The entrance of the Internet has a prominent for spread of Electronic Commerce and those phenomenons will result in paperless trading and cashless trade. By virtue of Internet, an increasing share of business transactions occurs online. Electronic payment is essential for the smooth progress of the electronic commerce as electronic payment plays the important role in the electronic commerce, that is, the value transfer restyling from the electronic commerce. Traditionally international settlement systems such as letters of credits, remittance and documentary collections operated as important and poplar method of payment, Now, information technology has made it possible to pay for the sale of goods and services over the internet. In international trade, there are service providers (bolero, TradeCard, BeXcom) to settle payment electronically through the Internet. The purpose of this study is to Conduct comparative analysis with approach manner functional respect systematic respect, role. It is shown which the Electronic payment system is better. In this study, the author attempts to find the problems is (bolero, TradeCard, BeXcom) and solutions in switching from the documentary payment system to the electronic one. This conclusion of this study can be summarized as followings. In resoect of the law, bolero should seek to prevert the users from being treated unfairly due to multilateral agreement on Rulebook. TradeCard, BeXcom do not have the proper law that users are governed. so far as the practice problems concerned, stability of computer's operation and security of message interchange should be warranted and improved continuously. Through the standardization of the electronic document and the development of software, the examination of the shipping occuments must be done automatically. Bolero should induce more banks to take part in Bolero, and make the carrier the cost and time in managing the traditional document which will be used for the time being. In respect of information technology and security, to deduce the risk in the electronic settlement system and positively uses the global authentication guideline(Identrus).

• The KIPS Transactions:PartC
• /
• v.16C no.2
• /
• pp.183-188
• /
• 2009

Wireless sensor networks will be broadly deployed in the real world and widely utilized for various applications. A prerequisite for secure communication among the sensor nodes is that the nodes should share a session key to bootstrap their trust relationship. The open problems are how to verify the identity of communicating nodes and how to minimize any information about the keys disclosed to the other side during key agreement. At any rate, any one of the existing schemes cannot perfectly solve these problems due to some drawbacks. Accordingly, we propose a new pre-distribution scheme with the following merits. First, it supports authentication services. Second, each node can only find some indices of key spaces that are shared with the other side, without revealing unshared key information. Lastly, it substantially improves resilience of network against node capture. Performance and security analyses have proven that our scheme is suitable for sensor networks in terms of performance and security aspects.