• Proceedings of the IEEK Conference
• /
• 2000.11a
• /
• pp.291-294
• /
• 2000

This paper describes on the threats in the MPLS Network. Also we discuss on attack scenario that are Unauthenticated Access, Data disclosure and Data modification. Finally we discuss and suggest the best various Security of solutions in MPLS network

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.11 no.1
• /
• pp.59-67
• /
• 2015

A novel authentication mechanism is biometric authentication where users are identified by their measurable human characteristics, such as fingerprint, voiceprint, and iris scan. The technology of biometrics is becoming a popular method for engineers to design a more secure user authentication scheme. In terms of physiological and behavioral human characteristics, biometrics is used as a form of identity access management and access control, and it services to identity individuals in groups that are under surveillance. In this article, we review the biometric-based authentication protocol by Althobati et al. and provide a security analysis on the scheme. Our analysis shows that Althobati et al.'s scheme does not guarantee server-to-user authentication. The contribution of the current work is to demonstrate this by mounting threat of data integrity and bypassing the gateway node on Althobati et al.'s scheme. In addition, we analysis the security vulnerabilities of Althobati et al.'s protocol.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.2
• /
• pp.263-277
• /
• 2021

Taint analysis techniques are popularly used to detect web vulnerabilities originating from unverified user input data, such as Cross-Site Scripting (XSS) and SQL Injection, in web applications written in JavaScript. To detect such vulnerabilities, it would be necessary to trace variables affected by user-submitted inputs. However, because of the dynamic nature of JavaScript, it has been a challenging issue to identify those variables without running the web application code. Therefore, most existing taint analysis tools have been developed based on dynamic taint analysis, which requires the overhead of running the target application. In this paper, we propose a novel static taint analysis technique using symbol information obtained from the TypeScript (a superset of JavaScript) compiler to accurately track data flow and detect security vulnerabilities in TypeScript code. Our proposed technique allows developers to annotate variables that can contain unverified user input data, and uses the annotation information to trace variables and data affected by user input data. Since our proposed technique can seamlessly be incorporated into the TypeScript compiler, developers can find vulnerabilities during the development process, unlike existing analysis tools performed as a separate tool. To show the feasibility of the proposed method, we implemented a prototype and evaluated its performance with 8 web applications with known security vulnerabilities. We found that our prototype implementation could detect all known security vulnerabilities correctly.

• Convergence Security Journal
• /
• v.22 no.1
• /
• pp.55-60
• /
• 2022

This study is to analyze trends and relational structures in the energy sector related to renewable energy. For this reason, in this study, we focused on big data including SNS data. SNS utilizes the Instagram platform to collect renewable energy hash tags and use them as a word embedding method for big data analysis and social network analysis, and based on the results derived from this research, it will be used for the development of the renewable energy industry. It is expected that it can be utilized.

• Journal of Convergence for Information Technology
• /
• v.7 no.1
• /
• pp.35-42
• /
• 2017

In this paper, we propose to implement an integrated monitoring system using log data to reduce the load of analysis task of information security officer and to detect information leak in advance. To do this, we developed a transmission module between different model DBMS that transmits large amount of log data generated by the individual security system (MSSQL) to the integrated monitoring system (ORACLE), and the transmitted log data is digitized by individual and individual and researches about the continuous inspection and measures against malicious users when the information leakage symptom is detected by using the numerical data.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.11
• /
• pp.4226-4241
• /
• 2014

Cloud storage provides an easy, cost-effective and reliable way of data management for users without the burden of local data storage and maintenance. Whereas, this new paradigm poses many challenges on integrity and privacy of users' data, since users losing grip on their data after outsourcing the data to the cloud server. In order to address these problems, recently, Worku et al. have proposed an efficient privacy-preserving public auditing scheme for cloud storage. However, in this paper, we point out the security flaw existing in the scheme. An adversary, who is on-line and active, is capable of modifying the outsourced data arbitrarily and avoiding the detection by exploiting the security flaw. To fix this security flaw, we further propose a secure and efficient privacy-preserving public auditing scheme, which makes up the security flaw of Worku et al.'s scheme while retaining all the features. Finally, we give a formal security proof and the performance analysis, they show the proposed scheme has much more advantages over the Worku et al.'s scheme.

• International Journal of Computer Science & Network Security
• /
• v.21 no.3
• /
• pp.83-93
• /
• 2021

COVID-19 poses a major risk to global health, highlighting the importance of faster and proper diagnosis. To handle the rise in the number of patients and eliminate redundant tests, healthcare information exchange and medical data are transmitted between healthcare centres. Medical data sharing helps speed up patient treatment; consequently, exchanging healthcare data is the requirement of the present era. Since healthcare professionals share data through the internet, security remains a critical challenge, which needs to be addressed. During the COVID-19 pandemic, computed tomography (CT) and X-ray images play a vital part in the diagnosis process, constituting information that needs to be shared among hospitals. Encryption and image steganography techniques can be employed to achieve secure data transmission of COVID-19 images. This study presents a new encryption with the image steganography model for secure data transmission (EIS-SDT) for COVID-19 diagnosis. The EIS-SDT model uses a multilevel discrete wavelet transform for image decomposition and Manta Ray Foraging Optimization algorithm for optimal pixel selection. The EIS-SDT method uses a double logistic chaotic map (DLCM) is employed for secret image encryption. The application of the DLCM-based encryption procedure provides an additional level of security to the image steganography technique. An extensive simulation results analysis ensures the effective performance of the EIS-SDT model and the results are investigated under several evaluation parameters. The outcome indicates that the EIS-SDT model has outperformed the existing methods considerably.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.3
• /
• pp.53-64
• /
• 2006

Worm analysis report currently produced by anti-virus companies closely resemble those of virus report and do not properly characterize the specific attributes of worms. In this paper, we propose formalized presentation method based on time-based behavioral sequences to more accurately characterize worms. we define a format based on the behavior and communication patterns that occur between an infected host and a target host. we also propose a method for presently worm analysis data with that format. We also compare our framework with analysis data provided by Symantec.

• Korean Security Journal
• /
• no.34
• /
• pp.57-88
• /
• 2013

The study aims at identifying, through structure model, the relationship characteristics between a private security company and its service customer as well as the relationship between the service quality and the consumer behavior, thereby providing the practical services that may attract new customers and maintain the existing customers in the competition to survive in the same industry and also may raise the loyal customer base, providing academic fundamental data to set up aggressive relationship marketing strategies. To achieve such purposes above, the research was conducted with 229 subjects, the users of a private security company's service as the employees of the stores located in Cheonan area, using the convenience sampling. The data was treated, using the statistics program, SPSS Windows 18.0 Version for frequency analysis and reliability analysis. Additionally, the confirmative factor analysis and covariance structural analysis were made, using AMOS 18.0 Version. Through the data analysis following the research methods above, the conclusion was acquired as follows: First, the relationship characteristics of a private security company makes influence on service quality. Second, the service quality of a private security company makes influence on consumer behavior. Third, the relationship characteristics of a private security company makes influence on consumer behavior. Fourth, the service quality makes an influence as the mediate effect between the private security company's relationship characteristics and consumer behavior.

• Journal of Korean Society of Rural Planning
• /
• v.30 no.3
• /
• pp.37-53
• /
• 2024

The purpose of this study is to analyze the effectiveness of an agriculture and rural development ODA project in southern Nepal's Terai region to improve food security, and to suggest appropriate project approaches to improve food security. The subject of the analysis is the KOICA-funded 'Inclusive Rural Development project', and a framework for analyzing food security was established based on the FAO's four pillars of food security, and indicators were proposed to measure the food security of project farmers. The data for this study were obtained from a survey of project beneficiary farmers and their control group, and the effects of the project on food security were measured using a a t-test analysis, difference-in-difference analysis, propensity score matching-linear regression combined model (PSM-OLS) and a propensity score matching-difference-in-difference combined model(PSM-DID). The results showed that, in general, the ODA project treatment group had significant improvements in each of the four pillars of food security (food availability, access, utilization, and stability). In addition, cooperative membership had a positive impact on food security improvements, and there were also differences in outcomes among different ethnic groups in the Terai region. The implications of this study are that the Korean government's ODA policy should set aside the food security sector and incorporate food security indicators to contribute to the improvement of food security in ODA partner countries, and that agricultural and rural development ODA projects should include food security indicators as performance indicators in their pre-planning to contribute to securing food security for vulnerable groups as food insecurity is higher among vulnerable groups.