• Journal of Korea Multimedia Society
• /
• v.14 no.10
• /
• pp.1335-1347
• /
• 2011

The dissemination and use of mobile applications have been rapidly expanding these days. And in such a situation, the security of mobile applications has emerged as a new issue. Although the safety of general software such as desktop and enterprise software is systematically achieved from the development phase to the verification phase through secure coding, there have been not sufficient studies on the safety of mobile applications yet. This paper deals with deriving weakness enumeration specialized in mobile applications and implementing a tool that can automatically analyze the derived weakness. Deriving the weakness enumeration can be achieved based on CWE(Common Weakness Enumeration) and CERT(Computer Emergency Response Team) relating to the event-driven method that is generally used in developing mobile applications. The analysis tool uses the dynamic tests to check whether there are specified vulnerabilities in the source code of mobile applications. Moreover, the derived vulnerability could be used as a guidebook for programmers to develop mobile applications.

• Journal of Information Processing Systems
• /
• v.10 no.1
• /
• pp.1-22
• /
• 2014

Recent technological advances provide the opportunity to use large amounts of multimedia data from a multitude of sensors with different modalities (e.g., video, text) for the detection and characterization of criminal activity. Their integration can compensate for sensor and modality deficiencies by using data from other available sensors and modalities. However, building such an integrated system at the scale of neighborhood and cities is challenging due to the large amount of data to be considered and the need to ensure a short response time to potential criminal activity. In this paper, we present a system that enables multi-modal data collection at scale and automates the detection of events of interest for the surveillance and reconnaissance of criminal activity. The proposed system showcases novel analytical tools that fuse multimedia data streams to automatically detect and identify specific criminal events and activities. More specifically, the system detects and analyzes series of incidents (an incident is an occurrence or artifact relevant to a criminal activity extracted from a single media stream) in the spatiotemporal domain to extract events (actual instances of criminal events) while cross-referencing multimodal media streams and incidents in time and space to provide a comprehensive view to a human operator while avoiding information overload. We present several case studies that demonstrate how the proposed system can provide law enforcement personnel with forensic and real time tools to identify and track potential criminal activity.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.606-608
• /
• 2014

Recent smartphone users constantly increases, an increase in malicious applications smartphones indiscretions exists within the Terminal, through the deployment of privacy disclosure, Singh and other victims also are on the rise. A typical personal way to malicious code masquerading as a normal application and install it on the handset of my text message or a personal note, such as personal information, the certificate directory, is the way that leaked. Therefore, to obtain permission to attack the root Terminal event by collecting malware infections and respond to determine whether it is necessary for the technique. In this paper, check the features of a Smartphone in real time systems, to carry out a study on the application throughout the Terminal to collect my attack event analysis, malware infection can determine whether or not the mobile security monitoring system. This prevents a user's personal information and take advantage of the top and spill are expected to be on the field.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.12
• /
• pp.119-126
• /
• 2020

In this paper, we design and implement a product information guidance system Based on BLE beacons. This system is designed to provide various functions such as contactless entrance service through mobile ticket, seat guidance service, event push service, content push service, and public service. This system consists of three modules: a beacon recognition module, a server linkage module, and a content transmission module. The beacon recognition module implements a function of transmitting a specific ID of a nearby beacon when a customer with a smartphone approaches the available service area. The server linkage module recognizes the beacon ID value, transfers it to the server, and implements the function to check the location of the server having the ID. The content transmission module implements a function of transmitting event or service information set at a corresponding location to a smartphone. The beacon-based product information guidance system implemented in this paper has the advantage of being able to quickly and easily implement various product information guidance systems.

• Journal of Korean Society of Disaster and Security
• /
• v.12 no.1
• /
• pp.35-44
• /
• 2019

In the event of a disaster (or accident), first of all, the ability to respond to an immediate disaster is important. This study investigated the disaster response capacity and the effects of disaster response exercise personnel. A questionnaire consisting of 28 items was used to assess disaster response capabilities. The questionnaire consists of contrast, preparedness initial response, warning, and response steps. Survey participants are self-service fire-fighters of small and medium-sized manufacturing companies participating in exercise. The effectiveness of the exercise. was measured by dividing the subjects before and after the exercise. Analyzing the difference between before and after exercise, it was confirmed that disaster response exercise. had significant effects on improving disaster response capacity. This study suggests that the disaster response exercise. has the effect on the disaster response capacity of the members and the necessity of disaster response exercise. As in the case study, if a company or organization regularly conducts disaster response exercise., its disaster response capabilities will improve. In addition, it is anticipated that in the event of a disaster (or accident), it will be possible to prevent or reduce property damage as well as property damage.

• The Journal of the Korea Contents Association
• /
• v.21 no.12
• /
• pp.896-905
• /
• 2021

In the field of SIEM(Security information and event management), many studies try to use a feedback system to solve lack of completeness of training data and false positives of new attack events that occur in the actual operation. However, the current feedback system requires too much human inputs to improve the running model and even so, those feedback from inexperienced analysts can affect the model performance negatively. Therefore, we propose "active model improving feedback technology" to solve the shortage of security analyst manpower, increasing false positive rates and degrading model performance. First, we cluster similar predicted events during the operation, calculate feedback priorities for those clusters and select and provide representative events from those highly prioritized clusters using XAI (eXplainable AI)-based event visualization. Once these events are feedbacked, we exclude less analogous events and then propagate the feedback throughout the clusters. Finally, these events are incrementally trained by an existing model. To verify the effectiveness of our proposal, we compared three distinct scenarios using PKDD2007 and CSIC2012. As a result, our proposal confirmed a 30% higher performance in all indicators compared to that of the model with no feedback and the current feedback system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.5
• /
• pp.787-799
• /
• 2023

As IoT devices are widely used at home, IoT automation system that is integrate IoT devices for users' demand are gaining populrity. There is automation rule in IoT automation system that is collecting event and command action. But attacker delay the packet and make time that real state is inconsistent with state recongnized by the system. During the time, the system does not work correctly by predefined automation rule. There is proposed some detection method for delay attack, they have limitations for application to IoT systems that are sensitive to traffic volume and battery consumption. This paper proposes a practical packet delay attack detection technique that can be applied to IoT systems. The proposal scheme in this paper can recognize that, for example, when a sensor transmits an message, an broadcast packet notifying the transmission of a message is sent to the Server recognized that event has occurred. For evaluation purposes, an IoT system implemented using Raspberry Pi was configured, and it was demonstrated that the system can detect packet delay attacks within an average of 2.2 sec. The experimental results showed a power consumption Overhead of an average of 2.5 mA per second and a traffic Overhead of 15%. We demonstrate that our method can detect delay attack efficiently compared to preciously proposed method.

• Journal of Korean Society of Disaster and Security
• /
• v.15 no.1
• /
• pp.1-12
• /
• 2022

An automatic optimization technique is used to estimate the optimal parameters of the hydrologic model, and different hydrologic response results can be provided depending on objective functions. In this study, the parameters of the event-based rainfall-runoff model were estimated using various objective functions, the reproducibility of the hydrograph according to the objective functions was evaluated, and appropriate objective functions were proposed. As the rainfall-runoff model, the storage function model(SFM), which is a lumped hydrologic model used for runoff simulation in the current Korean flood forecasting system, was selected. In order to evaluate the reproducibility of the hydrograph for each objective function, 9 rainfall events were selected for the Cheoncheon basin, which is the upstream basin of Yongdam Dam, and widely-used 7 objective functions were selected for parameter estimation of the SFM for each rainfall event. Then, the reproducibility of the simulated hydrograph using the optimal parameter sets based on the different objective functions was analyzed. As a result, RMSE, NSE, and RSR, which include the error square term in the objective function, showed the highest accuracy for all rainfall events except for Event 7. In addition, in the case of PBIAS and VE, which include an error term compared to the observed flow, it also showed relatively stable reproducibility of the hydrograph. However, in the case of MIA, which adjusts parameters sensitive to high flow and low flow simultaneously, the hydrograph reproducibility performance was found to be very low.

• Korean Security Journal
• /
• no.44
• /
• pp.169-198
• /
• 2015

The purpose of present study is to provide an efficient 'Disaster Emergency Communication System' (below DECS) to deal with serious disaster situations in national levels. Currently, DECSs such as the VHF, UHF, and TRS are worked to control some disaster situations in the world. However, new system such as for sending the correct image and big data is more likely to need than current the DECSs in the comtemporary societies. Several serious disaster events such as the Sam-Poong Department Store Collapse, Daegu Subway Fire, and Sewol Submerge event, nevertheless, there was not the DECS based on the field in South Korea. In July 2014, finally, South Korean government started to provide a PS-LTE system which is the new and one system with fire fighting, police, army, railway. however, there are no many academic studies for DECSs to deal with disaster situations in South Korea. The present research highlights to explore an efficient DECS of Korean styles to fix some national security and public safety. The paper provides three key findings: first is how to make a unified Korean DECS based on PS-LTE. Second is how to make sure the frequency of 700MHz levels to communicate in the shady areas. Three is what kinds of communication facility is adequate for fixing PS-LTE DECS.

• Journal of KIISE:Computing Practices and Letters
• /
• v.10 no.2
• /
• pp.146-155
• /
• 2004

Currently most of commercial operating systems contain a high-level audit feature to increase their own security level. Linux does not fall behind the other commercial operating systems in performance and stability, but Linux does not have a good audit feature. Linux is required to support a higher security feature than C2 level of the TCSEC in order to be used as a server operating system, which requires the kernel-level audit feature that provides the system call auditing feature and audit event. In this paper, we present LxBSM, which is a kernel module to provide the kernel-level audit features. The audit record format of LxBSM is compatible with that of Sunshield BSM. The LxBSM is implemented as a loadable kernel module, so it has the enhanced usability. It provides the rich audit records including the user-level audit events such as login/logout. It supports both the pipe and file interface for increasing the connectivity between LxBSM and intrusion detection systems (IDS). The performance of LxBSM is compared and evaluated with that of Linux kernel without the audit features. The response time was increased when the system calls were called to create the audit data, such as fork, execve, open, and close. However any other performance degradation was not observed.