• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.4
• /
• pp.827-839
• /
• 2012

A cell phone is very close to the user and therefore should be considered in digital forensic investigation. Recently, the proportion of smartphone owners is increasing dramatically. Unlike the feature phone, users can utilize various mobile application in smartphone because it has high-performance operating system (e.g., Android, iOS). As acquisition and analysis of user data in smartphone are more important in digital forensic purposes, smartphone forensics has been studied actively. There are two way to do smartphone forensics. The first way is to extract user's data using the backup and debugging function of smartphones. The second way is to get root permission, and acquire the image of flash memory. And then, it is possible to reconstruct the filesystem, such as YAFFS, EXT, RFS, HFS+ and analyze it. However, this methods are not suitable to recovery and analyze deleted data from smartphones. This paper introduces analysis techniques for fragmented flash memory pages in smartphones. Especially, this paper demonstrates analysis techniques on the image that reconstruction of filesystem is impossible because the spare area of flash memory pages does not exist and the pages in unallocated area of filesystem.

• International Journal of Computer Science & Network Security
• /
• v.22 no.3
• /
• pp.53-60
• /
• 2022

The article examines the problems of ensuring the effectiveness of the economic security system in the face of increasing competition. The relevance of the study is determined by the intensification of competition between enterprises and the threats arising from this phenomenon. The methodological basis is the methods used: analysis and synthesis - to identify the main trends in the development of tools for economic security of the enterprise; systematization - to highlight the main characteristics of the economic security of the enterprise in the intensification of competition; generalization - to form the general conclusions of the study. The purpose of scientific research is to substantiate the feasibility of using the tools of the economic security system to increase its efficiency in the face of intensifying competition. The main components of the economic security system of the enterprise, which have the greatest impact on the formation of an effective level of economic security. The defining characteristics of the system of economic security of the enterprise are investigated. Special characteristics of the economic security system of the enterprise are considered. The offered directions of tools of maintenance of system of economic safety of the enterprise in competitive conditions: objective, subjective external, subjective internal. For each area, specific tools for ensuring the system of economic security, which affect its efficiency, have been identified.

• The Journal of Society for e-Business Studies
• /
• v.15 no.1
• /
• pp.1-16
• /
• 2010

Confidentiality is one of the most important requirements of information protection systems. The access control technique has been used to provide confidentiality, but it has fundamental problems in that it cannot prevent violations of confidentiality committed by authorized users. Information flow control is a technique introduced to resolve such problems, and many approaches based on programming languages have been proposed. However, it is not easy for a programmer to implement the technique at the source code level. Furthermore, the practicality of information flow control is difficult to demonstrate because it does not provide control over programs that have already been developed. This paper proposes a method that enables a practical information flow control through using a protected area, a separate part of computer system storage. Case studies are given to show its usefulness.

• Journal of the Korean Society for Aviation and Aeronautics
• /
• v.28 no.3
• /
• pp.18-26
• /
• 2020

Cost reduction and equality by exempting re-scanning of passengers, baggage and cargo secured from the first airport of departure, mainly in the European Union/European Economic Area(EU/EEA), Switzerland, etc. One-Stop Security(OSS) is being promoted to maintain the level of security while increasing speed and convenience, and movement is expected to expand worldwide. Therefore, this paper establishes the basic concept of OSS through a literature review of ICAO Standards and Recommended Practices(SARPs), and analyzes the actual conditions of OSS implementation in major countries such as the United States and the EU. It is intended to present the political, economic benefits for Korea and highlight the urgency of implementing the OSS system in the aviation industry including the cargo sector. Therefore, the practical implications of strengthening international cooperation through the expansion of government and airport operators OSS implementation to overcome the resource shortage problem of the existing national air cargo security system and to strengthen the status as a global aviation powerhouse were drawn up. There is academic significance that it raised the need for effective implementation of OSS, which was not previously covered.

• Journal of information and communication convergence engineering
• /
• v.1 no.4
• /
• pp.183-188
• /
• 2003

The $4^{th}$ generation mobile communications, through several radio access networks such as WLAN, Bluetooth, UMTS, GPRS, CDMA 1X, and IMT-2000 in the same area offering different type of coverage, will support interactive multimedia services in additions to wider bandwidths, higher bit rates, and service portability. Regardless of various radio access networks, they will also support robust security mechanisms, as well as seamless mobility and common authentication. In this paper, we give an overview of WLAN security and examine its security problems. We also explain the enhanced security schemes, such as port-based authentication, EAP, and IEEE 802.1X. For secure wireless communications, several possible security solutions are offered and evaluated in various respects to improve WLAN security. This paper will make a contribution to provide more secure wireless communications to cellular operators embracing WLAN technology as a means to generate new revenues based on data services.

• International Journal of Computer Science & Network Security
• /
• v.23 no.9
• /
• pp.111-119
• /
• 2023

Mobile Ad-hoc Network (MANET) is an infrastructure-less network that can configure itself without any centralized management. The topology of MANET changes dynamically which makes it open for new nodes to join it easily. The openness area of MANET makes it very vulnerable to different types of attacks. One of the most dangerous attacks is the Resource Consumption Attack (RCA). In this type of attack, the attacker consumes the normal node energy by flooding it with bogus packets. Routing in MANET is susceptible to RCA and this is a crucial issue that deserves to be studied and solved. Therefore, the main objective of this paper is to study the impact of RCA on two routing protocols namely, Ad hoc On-Demand Distance Vector (AODV) and Dynamic Source Routing (DSR); as a try to find the most resistant routing protocol to such attack. The contribution of this paper is a new RCA model (RCAM) which applies RCA on the two chosen routing protocols using the NS-2 simulator.

• Convergence Security Journal
• /
• v.20 no.1
• /
• pp.25-32
• /
• 2020

In the midst of the rising need for Industrial Security experts, the development of National Competency Standards(NCS) with regards to industrial security is a very important and urgent task. The NCS standardizes university-level academic curriculum and qualification systems and connects them with the industry's needs. This study has extracted, classified and analyzed security-related jobs and tasks requiring security expertise that is required within NCS. Through this study, many tasks have been confirmed to require security competencies that are different from those in IT-security, physical security that already exist as a NCS tasks. It is expected that the industry's needs of industrial security expertise will be reflected in future NCS development, which will be used as basic data for systematizing industrial security jobs and competency.

• Journal of Digital Convergence
• /
• v.14 no.12
• /
• pp.471-476
• /
• 2016

Recently, important information related with smart work such as office and video conference are handled in smart device quite a lot compare with before. Also, execution environment of smart devices is getting developed as open software environment. It brought convenience to download and use any kind of application software. By that, security side of smart devices became vulnerable. This paper will discuss characteristics of smart device security technology based on virtualization that is a mobile device platform with isolated secure execution area based on TEE (Trusted Execution Environment). Also, this paper will suggest an implementation method about safe smart device security platform based on domain separation for application software which can be executed in smart devices. The domain separation based smart device security platform technology in this paper blocks unauthorized access and leakage of sensitive information in device. Also it will be the solution can block transmission and execution of malicious code in various area including variety of IoT devices in internet rather than just smart devices.

• Journal of the Korea Convergence Society
• /
• v.10 no.5
• /
• pp.9-16
• /
• 2019

In this paper, it will analyze security problems, so technology's potential can apply to business security area. First, in order to deep learning do security tasks sufficiently in the business area, deep learning requires repetitive learning with large amounts of data. In this paper, to acquire learning ability to do stable business tasks, it must detect abnormal IP packets and attack such as normal software with malicious code. Therefore, this paper will analyze whether deep learning has the cognitive ability to detect various attack. In this paper, to deep learning to reach the system and reliably execute the business model which has problem, this paper will develop deep learning technology which is equipped with security engine to analyze new IP about Session and do log analysis and solve the problem of mathematical role which can extract abnormal data and distinguish infringement of system data. Then it will apply to business model to drop the vulnerability and improve the business performance.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.225-229
• /
• 2002

The electronic voting becomes new challenging area in cryptographic application. A variety of schemes are designed and implemented based on cryptographic protocols. Initiated by ICU, one of best practices was votopia[1] which was successfully served into the Internet voting based on modified Ohkubo et al.'s scheme[2] under Public Key Infrastructure (PKI) and Java technology. Votopia was used to select the Most Valuable Player and Best Goal Keepers of 2002 FIFA World Cup Korea/Japan$\^$TM/ through the Internet where most voters can access and cast their ballots from any place and at any time. However, votopia assumed that the resources of the Internet voters only connected via wired environment. In this paper, we suggest how to extend votopia to mobile voting which has limited computing resources.