• Journal of Korean Society of Disaster and Security
• /
• v.11 no.2
• /
• pp.75-82
• /
• 2018

The purpose of this study is designed to apply the model of the problem-based learning in the class of Disaster Psychology and then analyze the experiences that its students felt. The participants in this research are 56 undergraduates. The class of Disaster Psychology was conducted with blended learning using lecture and PBL. The PBL problem should be solved just for 3 weeks. The data collected after the class is an analysis of the PBL problem, log on group activities, personal reflection diary, Group evaluation. Then, each data should be collected and analyzed quantitatively through the repetitive comparison, and the triangle-measurement. The findings suggest that there is a remarkable educational learning experience in seven categories: acquire expertise, confidence, practical problem-solving skill, communication ability, roles of calling, efficacy, change in perspective. This study introduces a case of PBL course development and expects subsequent applications and research.

• Journal of Internet Computing and Services
• /
• v.14 no.3
• /
• pp.23-33
• /
• 2013

Recently in the field of IT, cloud computing technology has been deployed rapidly in the current society because of its flexibility, efficiency and cost savings features. However, cloud computing system has a big problem of vulnerability in security. In order to solve the vulnerability of cloud computing systems security in this study, impact types of virtual machine about the vulnerability were determined and the priorities were determined according to the risk evaluation of virtual machine's vulnerability. For analyzing the vulnerability, risk measurement standards about the vulnerability were defined based on CVSS2.0, which is an open frame work; and the risk measurement was systematized by scoring for relevant vulnerabilities. Vulnerability risk standards are considered to suggest fundamental characteristics of vulnerability and to provide the degree of risks and consequently to be applicable to technical guides to minimize the vulnerability. Additionally, suggested risk standard of vulnerability is meaningful as the study content itself and could be used in technology policy project which is to be conducted in the future.

• Journal of the Korea Society for Simulation
• /
• v.29 no.2
• /
• pp.73-81
• /
• 2020

HCCL stands for Heterogenous Container Class Library. HCCL is a library that allows heterogeneous types of data to be stored in a container as a single record and to be constructed as a list of the records to be stored in database. With HCCL, encryption/decryption can be done based on the unified data type. Recently, IoT sensor which is embedded in smartphone enables developers to provide various convenient services to users. However, it is also true that infringement of personal information may occur in the process of transmitting sensor information to API and users need to be prepared for this situation in some sense. In this study, we developed a data model that enhances existing security using SEED cryptographic algorithms while managing information of sensors based on HCCL. Due to the fact that the Android environment does not provide permission management function for sensors, this study decided whether or not to encrypt sensor information based on the user's choice so that the user can determine the creation and storage of safe data. For verification of this work, we have presented the performance evaluation by comparing with the situation of storing the sensor data in plaintext.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.5
• /
• pp.1161-1170
• /
• 2016

In this paper, we provide an authentication technology for verifying dynamic signature made by finger on smart phone. In the proposed method, we are using the Auto-Encoder-based 1 class model in order to effectively distinguish skilled forgery signature. In addition to the basic dynamic signature characteristic information such as appearance and velocity of a signature, we use accelerometer value supported by most of the smartphone. Signed data is re-sampled to give the same length and is normalized to a constant size. We built a test set for evaluation and conducted experiment in three ways. As results of the experiment, the proposed acceleration sensor value and 1 class model shows 6.9% less EER than previous method.

• Journal of Korean Society of Disaster and Security
• /
• v.12 no.2
• /
• pp.65-72
• /
• 2019

More than 64% of Korea's land is occupied by mountain regions, which have terrain characteristics that make it vulnerable to mountain disasters. The trails of Taebaeksan Mountain National Park-the region considered in this study-are located in the vicinity of steep slopes, and therefore, the region is vulnerable to landslides and debris flow during heavy storms. In this study, a slope stability model, which is a deterministic analysis method, was used to examine the potential occurrence of landslides. According to the soil classification of the detailed soil map, the specific weight of soil, effective cohesion, internal friction angle of soil, effective soil depth, and ground slope were used as the parameters of the model, and slope stability was evaluated based on the DEM of a 1 m grid. The results of the slope stability analysis showed that the more hazardous the area was, the closer the ratio of groundwater/effective soil depth is to 1.0. Further, many of the private houses and commercial facilities in the lower part of the national park were shown to be exposed to danger.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.3
• /
• pp.433-441
• /
• 2021

Android applications are released across various categories, including productivity apps and games, and users are exposed to various applications and even malware depending on their usage patterns. On the other hand, most analysis engines train using existing datasets and do not reflect user patterns even if periodic updates are made. Thus, the detection rate for known malware is high, while types of malware such as adware are difficult to detect. In addition, existing engines incur increased service provider costs due to the cost of server farm, and the user layer suffers from problems where availability and real-timeness are not guaranteed. To address these problems, we propose an analysis system that performs on-device malware detection through transfer learning, which requires only one-time communication with the server. In addition, The system has a complete process on the device, including decompiler, which can distribute the load of the server system. As an evaluation result, it shows 90.3% accuracy without transfer learning, while the model transferred with adware catergories shows 95.1% of accuracy, which is 4.8% higher compare to original model.

• Journal of Information Technology Services
• /
• v.20 no.6
• /
• pp.17-43
• /
• 2021

Currently, various discussions are underway to establish a more advanced management system for public rental housing. Also, it calls for improvement methods for problems arising in management of the current rental housing system. In this regard, this study aims to evaluate determinants that affect user acceptance intention of blockchain technology to implement a new system that complements drawbacks of the current public rental housing system. The study uses the Unified Theory of Acceptance and Use of Technology (UTAUT) as a theoretical model; the study model utilizes three UTAUT variables -performance expectancy, social influence, and Facilitating conditions-, applies security, availability, and reliability that are perceived from blockchain technology as external parameters to facilitate understanding of user acceptance intention of blockchain technology, and evaluates whether innovativeness can regulate the influence of performance expectancy, social influence, and Facilitating conditions on user acceptance intention of blockchain technology. Based on the significant survey result where 274 IT technicians participated, the study applies structural equation modeling to explore structure of user acceptance intention in the blockchain-based management system for public rental housing. As a result, security-reliability and availability are found to factors as determinants for user acceptance intention, affecting implementation of the public rental housing management system, while innovativeness shows no significant statistical results related to regulation effect. This study has implications in that it understands characteristics of blockchain and empirically analyzes the relationship between the characteristics and acceptance intention to enable blockchain's contribution to activate the public rental housing management system in the future.

• Convergence Security Journal
• /
• v.22 no.4
• /
• pp.17-24
• /
• 2022

Recently, machine learning-based cyber attack detection and classification research has been actively conducted, achieving a high level of detection accuracy. However, low-spec IoT devices and large-scale network traffic make it difficult to apply machine learning-based detection models in IoT environment. Therefore, In this paper, we propose an efficient IoT attack detection and classification method through PCA(Principal Component Analysis) and LightGBM(Light Gradient Boosting Model) using datasets collected in a MQTT(Message Queuing Telementry Transport) IoT protocol environment that is also used in the defense field. As a result of the experiment, even though the original dataset was reduced to about 15%, the performance was almost similar to that of the original. It also showed the best performance in comparative evaluation with the four dimensional reduction techniques selected in this paper.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.1
• /
• pp.143-156
• /
• 2024

Federated Learning (FL) has emerged as a potent methodology for decentralized model training across multiple collaborators, eliminating the need for data sharing. Although FL is lauded for its capacity to preserve data privacy, it is not impervious to various types of privacy attacks. Differential Privacy (DP), recognized as the golden standard in privacy-preservation techniques, is widely employed to counteract these vulnerabilities. This paper makes a specific contribution by applying an existing, task-specific adaptive DP mechanism to the FL environment. Our comprehensive analysis evaluates the impact of this mechanism on the performance of a shared global model, with particular attention to varying data distribution and partitioning schemes. This study deepens the understanding of the complex interplay between privacy and utility in FL, providing a validated methodology for securing data without compromising performance.

• Journal of KIISE:Databases
• /
• v.31 no.6
• /
• pp.567-584
• /
• 2004

As XML becomes popular as the way of presenting information on the web, how to secure XML data becomes an important issue. So far study on XML security has focused on security of data communications by using digital sign or encryption technology. But, it now requires not just to communicate secure XML data on communication but also to manage query process to access XML data since XML data becomes more complicated and bigger. We can manage XML data queries by access control technique. Right now current XML data access control only deals with read operation. This approach has no option to process update XML queries. In this paper, we present XML access control model and technique that can support both read and update operations. In this paper, we will propose the operation for XML document update. Also, We will define action type as a new concept to manage authorization information and process update queries. It results in both minimizing access control steps and reducing memory cost. In addition, we can filter queries that have no access rights at the XML data, which it can reduce unnecessary tasks for processing unauthorized query. As a result of the performance evaluation, we show our access control model is proved to be better than other access control model in update query. But it has a little overhead to decide action type in select query.