• Journal of KIISE
• /
• v.43 no.3
• /
• pp.275-288
• /
• 2016

In this paper, we investigate the security issues of the Android platform which dominates the global market of smart mobile devices. The current permission model for Android security is not powerful and has two problems. One is the coarse-grained relationship between permissions and methods which require them. The other is that mobile users do not have rights to control the permissions of the application. To solve these problems, we propose MacDroid which can control the platform's resources for accessing installed applications. Users can control the application's behavior via MacDroid's policy. We have divided the permission set into method units. The results of the performance test using a pure Android platform show that our proposed scheme can improve security within a short time.

• Convergence Security Journal
• /
• v.16 no.1
• /
• pp.69-80
• /
• 2016

The purpose of this study is to examine the effects of job stress factors on Coping Strategy' turnover intention, and to analyze the moderating effects of five personality factors between each job stress factor and turnover intention. To achieve this purpose, this study surveyed users of the Seoul and Gyeonggi in based on cluster sampling method. A total of 262 samples were used for this study, except 18 erroneous samples dropped. For the data process of the questionnaire, each answer content was coded and an element analysis, credibility analysis, frequency analysis, co-relationship analysis and regression analysis were performed using the SPSS version 18.0 of Angel for Windows. Through the data analysis following the research methods above, the conclusion was acquired as follows: First, thejob stress of the security personnel affect coping behavior. Second, in the effects of Security Agents Job Stress on Coping Strategy, Five Personality Factors showed moderating effects.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.6
• /
• pp.1431-1439
• /
• 2017

In the security field, log analysis is important to detect malware or abnormal behavior. Recently, image visualization techniques for malware dectection becomes to a major part of security. These techniques can also be used in online games. Users can leave a game when they felt bad experience from game bot, automatic hunting programs, malicious code, etc. This churning can damage online game's profit and longevity of service if game operators cannot detect this kind of events in time. In this paper, we propose a new technique of PNG image conversion based churn prediction to improve the efficiency of data analysis for the first. By using this log compression technique, we can reduce the size of log files by 52,849 times smaller and increase the analysis speed without features analysis. Second, we apply data mining technique to predict user's churn with a real dataset from Blade & Soul developed by NCSoft. As a result, we can identify potential churners with a high accuracy of 97%.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.447-448
• /
• 2021

The boundary-based security architecture has the advantage of easy deployment of security solutions and high operational efficiency. The boundary-based security architecture is easy to detect and block externally occurring security threats, but is inappropriate to block internally occurring security threats. Unfortunately, internal security threats are increasing in frequency. In order to solve this problem, a zero trust model has been proposed. The zero trust model requires a real-time monitoring function to analyze the behavior of a subject accessing various information resources. However, there is a limit to real-time monitoring of file access of a subject confirmed to be trusted in the system. Accordingly, this study proposes a method to monitor user's file access in real time. To verify the effectiveness of the proposed monitoring method, the target function was verified after the demonstration implementation. As a result, it was confirmed that the method proposed in this study can monitor access to files in real time.

• Korean Security Journal
• /
• no.18
• /
• pp.143-167
• /
• 2009

As of entering the 21st century, a trend in the field of a private security industry among the advanced countries have been increased a qualification system and train session to meet the needs of professionalism. Intensifying the professionalism in Korea, education and train system has been initiated to change but the oligopoly market already formulated due to impractical selection standard and management of education system. Issuing certification and offering basic training through a designated institution for the purpose of improving quality of the private security industry worker, its practical effectiveness were lower than expectation. Rather certification-holder or security agency, institution or truster's rent-seeking behavior have been increased by occupational licensing system. The founded results, which were associated to problems in selecting and educating to the private security guard, in this study were that any verification has been initiated towards dual-system in official approval and structural problems in education system, and non-existence of verification for professionalism and management capability to security agency owner and its upper managerial level. Current a dual system in an officially authorized verification system and completion of security guard credential requested change to an unified official qualification verification system to solve those problems. Ranges of an applicant to the unified official qualification verification system should be extend to the whole population in the private security industry. Moreover, minimization of the dead-weigh loss, which is caused by oligopoly phenomenon while using its market-dominant status, increasement number of designated institution, which allows self-regulating competition, and endowment of autonomy, which is in selecting education and agency, were requested to solve the problems in selecting and educating to the private security guard. In order to minimize stated problems while maintaining objectiveness, a new manage and supervise institution, which is called a 'private security industry committee', should be establish. The private security industry committee is a formation of governance network which are participated from professional group to civil organization.

• Journal of the Korea Society of Computer and Information
• /
• v.22 no.9
• /
• pp.65-71
• /
• 2017

This paper proposes a smart phone authentication method based on user's behavior and habit that is an authentication method against shoulder surfing attack and brute force attack. As smart phones evolve not only storage of personal data but also a key means of financial services, the importance of personal information security in smart phones is growing. When user authentication of smart phone, pattern authentication method is simple to use and memorize, but it is prone to leak and vulnerable to attack. Using the features of the smart phone pattern method of the user, the pressure applied when touching the touch pad with the finger, the size of the area touching the finger, and the time of completing the pattern are used as feature vectors and applied to user authentication security. First, a smart phone user models and stores three parameter values as prototypes for each section of the pattern. Then, when a new authentication request is made, the feature vector of the input pattern is obtained and compared with the stored model to decide whether to approve the access to the smart phone. The experimental results confirm that the proposed technique shows a robust authentication security using subjective data of smart phone user based on habits and behaviors.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.2
• /
• pp.786-799
• /
• 2018

Recently, NFV has attracted attention as a next-generation network virtualization technology for hardware -independent and efficient utilization of resources. NFV is a technology that not only virtualize computing, server, storage, network resources based on cloud computing but also connect Multi-Tenant of VNFs, a software network function. Therefore, it is possible to reduce the cost for constructing a physical network and to construct a logical network quickly by using NFV. However, in NFV, when a new VNF is added to a running Tenant, authentication between VNFs is not performed. Because of this problem, it is impossible to identify the presence of Fake-VNF in the tenant. Such a problem can cause an access from malicious attacker to one of VNFs in tenant as well as other VNFs in the tenant, disabling the NFV environment. In this paper, we propose Auto-configurable Security Mechanism in NFV including authentication between tenant-internal VNFs, and enforcement mechanism of security policy for traffic control between VNFs. This proposal not only authenticate identification of VNF when the VNF is registered, but also apply the security policy automatically to prevent malicious behavior in the tenant. Therefore, we can establish an independent communication channel for VNFs and guarantee a secure NFV environment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.2
• /
• pp.329-337
• /
• 2013

Cyber threats of the ICS(Industrial Control System) has been researched on the level to the threat to the network service as well as a specific system, even if the extent of damage was not intended. Although some range of "security" just include the protection of systems against the deliberate attacks of terrorists or cyber hackers, often more damage is done by carelessness, and equipment failures than by those deliberate attacks. This paper presented a taxonomy for classifying all abnormal behaviors of ICS, including deliberate attacks, inadvertent mistakes, equipment failures, and software problems. The classification criteria of ICS abnormal behaviors was selected to highlight commonalities and important features of deliberate attacks as well as inadvertent actions.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1057-1067
• /
• 2013

The market share of smartphones has been increasing more and more at the recent mobile market and smart devices and applications that are based on a variety of operating systems has been released. Given this reality, the importance of smart devices analysis is coming to the fore and the most important thing is to minimize data corruption when extracting data from the device in order to analyze user behavior. In this paper, we compare and analyze the area-specific changes that are the file system of collected image after obtaining root privileges on the Android OS and iOS based devices, and then propose the most efficient method to obtain root privileges.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.7
• /
• pp.3608-3628
• /
• 2017

Several block cipher modes of operation have been proposed in the literature to protect sensitive information. However, different security analysis models have been presented for attacking them. The analysis indicated that most of the current modes of operation are vulnerable to several attacks such as known plaintext and chosen plaintext/cipher-text attacks. Therefore, this paper proposes a secure block cipher mode of operation to thwart such attacks. In general, the proposed mode combines one-time chain keys with each plaintext before its encryption. The challenge of the proposed mode is the generation of the chain keys. The proposed mode employs the logistic map together with a nonce to dynamically generate a unique set of chain keys for every plaintext. Utilizing the logistic map assures the dynamic behavior while employing the nonce guarantees the uniqueness of the chain keys even if the same message is encrypted again. In this way, the proposed mode called SPCBC can resist the most powerful attacks including the known plaintext and chosen plaintext/cipher-text attacks. In addition, the SPCBC mode improves encryption time performance through supporting parallelized implementation. Finally, the security analysis and experimental results demonstrate that the proposed mode is robust compared to the current modes of operation.