• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.41 no.4
• /
• pp.113-123
• /
• 2004

This paper presents a new collusion-secure fingerprinting scheme to embed fingerprints into three-dimensional(3-D) mesh models efficiently. In the proposed scheme, we make the same number of fingerprints as the number of customers based on the finite projective geometry, partition a 3-D mesh model related to the number of bits assigned to each fingerprint and then embed a watermark representing copyright information into each submesh to be marked. Considering imperceptibility and robustness of the watermarking algorithm we embed the watermark signal into mid-frequency DCT coefficients obtained by transforming vertex coordinates in the triangle strips which are generated from the submeshes to be marked. Experimental results show that our scheme is robust to additive random noises, MPEG-4 SNHC 3-D mesh coding, geometrical transformations, and fingerprint attacks by two traitors' collusion. In addition, we can reduce the number of bits assigned to each fingerprint significantly.

• Convergence Security Journal
• /
• v.13 no.6
• /
• pp.83-89
• /
• 2013

When applying web hacking techniques and methods it needs to configure the integrated step-by-step and run an information security. Web hackings rely upon only one way to respond to any security holes that can cause a lot. In this study the diagnostic process of cross-site scripting attacks and web hacking response procedures are designed. Response system is a framework for configuring and running a step-by-step information security. Step response model of the structure of the system design phase, measures, operational step, the steps in the method used. It is designed to secure efficiency of design phase of the system development life cycle, and combines the way in secure coding. In the use user's step, the security implementation tasks to organize the details. The methodology to be applied to the practice field if necessary, a comprehensive approach in the field can be used as a model methodology.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.1
• /
• pp.142-147
• /
• 2006

As computers and networks become popular, distributing information on the Internet is common in our daily life. In the past, e-mail has been the primary choice of exchanging information, but instant messengers are gaining popularity abroad and domestically because of their nature of getting immediate reponses. However a instant messenger services have the exposure of data on internet but clients use them without recognizing their exposure. It's like phone tapping. The coding technology using Public Key Cryptosystem has developed the public key infrastructure to be able to do the services of Access-control, Authentication, Confidentiality, Integrity. and Non-repudiation with internet. It is a thesis that suggests the certification protocol in a instant messenger using PKI(Public Key Infrastructure) for secure communication.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.4
• /
• pp.885-895
• /
• 2017

Security issues arise due to various types of external intrusions as much as the rapidly changing IT environment. Attacks using vulnerabilities in web applications are increasing, and companies are trying to find the cause of the vulnerability, prevent external intrusion, and protect their systems and important information. Especially, according to the Supervision Regulation, each financial institution and electronic financial service provider shall perform vulnerability analysis evaluation for the website for disclosure once every six months and report the result to the Financial Services Commission. In this study, based on the Web vulnerability items defined in the Supervision Regulation, based on the inspection cases of actual financial institution, we analyze the most frequently occurring items and propose effective countermeasures against them and ways to prevent them from occurring in advance.

• International Journal of Railway
• /
• v.9 no.2
• /
• pp.36-40
• /
• 2016

TETRA communication system is very versatile system which can transmit voice + data and packet data optimized. Direct mode operation permits to connect between mobiles when mobile stain is out of coverage of networks. It can be more secure communication channel for railway signaling systems. Railway signaling systems use many of wayside signal equipment, which require many maintenance efforts and budget. Many railway authorities want to reduce and replace the wayside equipment. Radio based signaling systems are one of candidate for replacing the conventional signaling systems. The radio based signaling systems can replace track circuit and wayside signal. The radio systems permit to connect between control centers and trains. The radio systems have to ensure high quality of the connectivity more or equal to the existed track circuits. We studied the application of TETRA systems for railway radio systems for bridging between train control centers and trains. We provide an operation scenario for radio based train control system to ensure the safety require to the existed trains control system and satisfied the existed operational availability. We showed the data transmission speed, maximum bit error rate, and data coding for the radio-based signal system using TETRA systems.

• Proceedings of the Korean Information Science Society Conference
• /
• 2010.06d
• /
• pp.106-109
• /
• 2010

컴퓨터의 대중화와 네트워크의 발달로 인해 우리 사회는 컴퓨터와 통신이 없이는 생각조차 할 수 없는 시대에 살고 있으며, 또한 많은 정보시스템들을 일상생활 속에서 접하고 살고 있다. 하지만 소프트웨어들의 보안 취약점으로 인해 개인뿐만 아니라 기업은 물론이고 국가에 이르기까지 그 위험성은 모두 열거할 수 없을 정도이며 그에 따른 정보보호의 중요성이 더욱 강조가 되고 있으며, 어느 시스템도 이러한 정보보호에서 자유로울 수 없다. 이러한 보안적 및 오류의 위험은 현재 개발되고 있는 소프트웨어 뿐만 아니라, 정상적으로 운영되고 있는 시스템도 예외가 될 수 없다. 이러한 보안취약점 및 오류의 위험은 소프트웨어 개발시 방어적 프로그램(Defensive Programming)을 포함하는 시큐어 코딩(Secure Coding)기법을 적용하여 보다 안정적인 프로그램을 개발 할 수 있다. 본 논문에서는 소프트웨어의 잠재적인 오류를 발생할 수 있는 요소와 보안 취약점으로 인하여 생길 수 있는 요소들을 살펴보고 실제 java로 개발되어 운영되고 있는 시스템들의 보안 취약점을 분석하였다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.10a
• /
• pp.480-482
• /
• 2017

The web is used in various ways such as shopping, news, and searching through a web browser. As the Web becomes more and more common, it is often the case that someone is trying to steal personal information or confidential documents from a company, so security must be paid to ensure security on the web. For this reason, you should be aware of the vulnerabilities that are being exploited maliciously in your web applications and improve security with secure coding. In this paper, we propose a method of detecting hacking and how to deal with vulnerabilities due to some weak points on the web.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.261-263
• /
• 2014

The public services without going through the web is now about to become impossible. To solve these kinds of security issues about the web, the government announced that a secure coding for web server is mandatory since 2012. In the domestic market, the web firewall has been promoted and widely sold as one of the best solutions for the existing web problems. In this study, with providing the effective way operator can apply security policies for the web firewall, more stable web services can be presented.

• The KIPS Transactions:PartC
• /
• v.15C no.3
• /
• pp.149-156
• /
• 2008

JPEG2000 is the upcoming image coding standard that provides better compression rate and image quality compared with JPEG. Lazy-mode steganography guarantees the safe communication under the two information loss stages in JPEG2000. However, it causes the severe changes of the code-block noise variance sequence after embedding and that is detectable under the steganalysis using the Hilbert-Huang transform (HHT) based sequential analysis. In this paper, a JPEG2000 lazy-mode steganography method is presented. The code blocks which produce the sudden variation of the noise variance after embedding are estimated by calculating low precision code-block variance (LPV) and low precision code-block noise variance (LPNV). By avoiding those code-blocks from embedding, our algorithm preserves the sequence and makes stego images secure under the HHT-based steganalytic detection. In addition, it prevents a severe degradation of image quality by using JPEG2000 quality layer information. On various 2048 images, experiments are performed to show the effective reduction of the noise variation after message embedding and the stable performance against HHT-based steganalysis.

• Journal of the Korean Society for Aeronautical & Space Sciences
• /
• v.42 no.5
• /
• pp.398-405
• /
• 2014

Recently the embedded software has been widely applied to the safety-critical systems in aviation and defense industries, therefore, the higher level of reliability, availability and fault tolerance has become a key factor for its implementation into the systems. The integrity of the software can be verified using the static analysis tools. And recent developed static analysis tool can evaluate code integrity through the mathematical analysis method. In this paper we detect the autocode error and violation of coding rules using the formal verification tool, Polyspace(R). And the fundamental errors on the flight control law model have been detected and corrected using the formal verification results. As a result of verification process, FBW helicopter control law autocode can ensure code integrity.