• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.8
• /
• pp.1818-1824
• /
• 2015

Cloud computing draws attention as an application to provide dynamically scalable infrastructure for application, data and file storage. An untrusted remote server can cause a variety of problems in the field of data protection. It may process intentionally or involuntarily user's data operations(modify, insert, delete) without user's permission. It may provide false information in order to hide his mistakes in the auditing process. Therefore, it is necessary to audit the integrity of data stored in the cloud server. In this paper, we propose a new data auditing system that can verify whether servers had a malicious behavior or not. Performance and security analysis have proven that our scheme is suitable for cloud computing environments in terms of performance and security aspects.

• Journal of Internet of Things and Convergence
• /
• v.5 no.1
• /
• pp.7-11
• /
• 2019

This study suggests a methodology to track crime suspects or anomalies through CCTV in order to expand the scope of CCTV use as the number of CCTV installations continues to increase nationwide in recent years. For the abnormal behavior classification, we use the existing studies to find out suspected criminals or abnormal actors, use CNN to track objects, and connect the surrounding CCTVs to each other to predict the movement path of objectified objects CCTVs in the vicinity of the path were used to share objects' sample data to track objects and to track objects. Through this research, we will keep track of criminals who can not be traced, contribute to the national security, and continue to study them so that more diverse technologies can be applied to CCTV.

• Journal of Internet Computing and Services
• /
• v.17 no.3
• /
• pp.11-18
• /
• 2016

Accessing unauthorized rogue APs in WiFi environments is a very dangerous behavior which may lead WiFi users to be exposed to the various cyber attacks such as sniffing, phishing, and pharming attacks. Therefore, prompt and precise detection of rogue APs and properly alarming to the corresponding users has become one of most essential requirements for the WiFi security. This paper proposes a new rogue AP detection method which is mainly using the installation information of authorized APs and the DHCP snooping information of the corresponding switches. The proposed method detects rogue APs promptly and precisely, and notify in realtime to the corresponding users. Since the proposed method is simple and does not require any special devices, it is very cost-effective comparing to the wireless intrusion prevention systems which are normally based on a number of detection sensors and servers. And it is highly precise and prompt in rogue AP detection and flexible in deployment comparing to the existing rogue AP detection methods based on the timing information, location information, and white list information.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.13 no.1
• /
• pp.45-52
• /
• 2018

In this paper, we propose smart digital door lock system using heterogeneous communication. This system has efficient function using RF communication and Internet communication, and realizes access and real image of the passengers by combining camera control technology to secure original competitiveness with existing products. It uses the Internet of things and receive images to and from your smart-phone. And senses human behavior. In the simulated results, the image transmission rate of 90 % or more and the time required to transmit 10,000 images have an average transmission speed of 3 seconds. It is expected to secure competitiveness to increase the security of door lock in the future by enabling minimum security and fire monitoring service in real time.

• KIISE Transactions on Computing Practices
• /
• v.21 no.3
• /
• pp.257-262
• /
• 2015

As software grows more complex, it contains more bugs that are not recognized by developers. Attackers can then use exploitable bugs to penetrate systems or spread malicious code. As a representative method, attackers manipulated documents or multimedia files in order to make the software engage in unanticipated behavior. Recently, this method has gained frequent use in A.P.T. In this paper, an automatic analysis method to find software security bugs was proposed. This approach aimed at finding security bugs in the software which can arise from input data such as documents or multimedia. Through dynamic taint analysis, how input data propagation to vulnerable code occurred was tracked, and relevant instructions in relation to input data were found. Next, the relevant instructions were translated to a formula and vulnerable input data were found via the formula using an SMT solver. Using this approach, 6 vulnerable codes were found, and data were input to crash applications such as HWP and Gomplayer.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.05a
• /
• pp.285-287
• /
• 2017

Currently, the world of data communication is not simply communication between server and user in a wired way, but using wireless environment, various devices communicate with each other in a wider and diverse environment to generate a large amount of data. In this environment, IoT is now located deep in our lives, and IoT technologies are used in many tasks, but the data used in IoT is exposed without sufficient protection from malicious behavior. Most of these devices do not have enough computing power to cope with malicious attacks. In this paper, we aim to make all devices that have sufficient computing power and safety from simple sensors to be able to have security according to the situation. The proposed technology is based on the importance of the device and computing power, and it is possible to select the encryption technology selectively and to improve security.

• Journal of Digital Contents Society
• /
• v.19 no.2
• /
• pp.301-307
• /
• 2018

Generally, search engine summarizes the main contents of the search results so that user can click the site providing the information of the contents to search first. In this study, we demonstrated whether the user clicks on the search results based on the summary content provided by the search engine or on the order of the search result placement through empirical studies through the presentation of search results. By using the API provided by the search engine company, a search site that presents the search results in a regular and inverse order is created, and the click action of each user's search result is displayed in the order of actual click order, click position, and the user's search type such as the route of movement. As a result of the analysis, most users account for more than 60% of users who click on the first and second exposed search results regardless of the search results. It is confirmed that the search priority of users is determined according to the order of search results regardless of the summary of search results.

• Journal of Digital Contents Society
• /
• v.9 no.3
• /
• pp.491-498
• /
• 2008

The leakage of sensitive information by an insider within the organization becomes a serious threat nowadays. Sometimes, these insider threats are more harmful to an organization than external attack. Companies cannot afford to continue ignoring the potential of insider attacks. The purpose of this study is to design an integrated log analysis system that can detect various types of information leakages. The system uses threat rules generated through risk analysis, and monitors every aspect of the online activities of authorized insider. Not only should system have the ability to identify abnormal behavior, they should also be able to predict and even help to prevent potential risk. The system is composed of three modules, which are log collector, log analyzer and report generator.

• Convergence Security Journal
• /
• v.12 no.3
• /
• pp.123-129
• /
• 2012

Due to the high digital technology, various devices such as TV, PC, smartphone, and pad computer are connected to each other using internet and under the circumstance internet services of which the running platforms are mainly PC become "N-screenlized" by extending their service platform to non-PC devices. As a digital TV has outstanding features of being the most influential device in the living room and having the wide spectrum of users, several internet services has been ported on the digital TV platform (in the form of data services) in order to enhance their brand powers. Most of the services, however, failed to get a satisfactory results as the data services are defeated by the broadcasting contents in the competition for the viewer's interests. In the paper, the design guidelines that make data services not to compete with the broadcasting contents are proposed and a prototype of a data service that accommodates the guidelines is introduced. The prototype, called "TV ideal-type world-cup", does not disturb a viewer's watching broadcast contents and channel-changing behavior while it is running and its service flow is designed for a viewer to achieve the goal of service in a few minutes so that the viewer can enjoy the service in a commercial period.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.3
• /
• pp.521-530
• /
• 2017

In this paper, we propose a protection solution against intelligent Ransomware attacks by encrypting not only source files but also backup files of external storage. The system is designed to automatically back up to the cloud server at the time of file creation to perform monitoring and blocking in case a specific process affects the original file. When client creates or saves a file, both process identifiers, parent process identifiers, and executable file hash values are compared and protected by the whitelist. The file format that is changed by another process is monitored and blocked to prevent from suspicious behavior. By applying the system proposed in this paper, it is possible to protect against damage caused by the modification or deletion of files by Ransomware.