• International Journal of Computer Science & Network Security
• /
• v.22 no.7
• /
• pp.229-239
• /
• 2022

Today's Internet of Things (IoT) has had a dramatic increase in the use of various daily aspects. As a consequence, many homes adopt IoT technology to move towards the smart home. So, the home can be called smart when it has a range of smart devices that are united into one network, such as cameras, sensors, etc. While IoT smart home devices bring numerous benefits to human life, there are many security concerns associated with these devices. These security concerns, such as user privacy, can result in an insecure application. In this research, we focused on analyzing the vulnerabilities of IoT smart home cameras. This will be done by designing a new model that follows the STRIDE approach to identify these threats in order to afford an efficient and secure IoT device. Then, apply a number of test cases on a smart home camera in order to verify the usage of the proposed model. Lastly, we present a scheme for mitigation techniques to prevent any vulnerabilities that might occur in IoT devices.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.4
• /
• pp.753-762
• /
• 2021

WebAssembly(WASM) is a low-level instruction format that can be run in a web environment. Since WASM has a excellent performance, various web applications use webassembly. However, according to our security analysis WASM has a security pitfall related to control flow integrity (CFI) for indirect calls. To address the problem in this paper we propose a new code instrumentation scheme to protect indirect calls, named WACFI. Specifically WACFI enhances a CFI technique for indirect call in WASM based on source code anlysis and binary instrumentation. To test the feasibility of WACFI, we applied WACFI to a sound-encoding application. According to our experimental results WACFI only adds 2.75% overhead on the execution time while protecting indirect calls safely.

• The Journal of Economics, Marketing and Management
• /
• v.5 no.2
• /
• pp.1-9
• /
• 2017

This study has reviewed the "A survey on the relation between the employees' viewpoint with knowledge management and cultural intelligence among the employees working in Social Security Organization of Ardabil". The present study is functional in terms of objective and the method is descriptive and survey. This has asked the others' ideas and viewpoints concerning a specific subject and has analyzed them. About the nature and the method used, the present research is of correlation research. The population applied in this research includes all employees working in Social Security Organization of Ardabil consisting of 400. The method used for sampling is simple random sampling. To collect the information in the first step of the research the library method has been used. In this research the data has been collected through standard questionnaires. Then, via descriptive and inferential statistics the research data has been characterized and regarding the spatial scaling of the measurement to test the hypothesis the, correlation analysis of Pearson has been used and also to specify the reliability of the questionnaire the Chronbach's Alpha has been taken in use and the SPSS software to analyze the data also. The findings resulted from the study showed that there is a significant relation between the factors concerning employees' efficiency with knowledge management and the cultural intelligence and all hypotheses was confirmed.

• Journal of Digital Convergence
• /
• v.12 no.8
• /
• pp.229-234
• /
• 2014

Vehicular electronic communication system has continued to develop in favor of high performance and user convenience with the evolution of auto industry. Yet, due to the nature of communication system, concerns over intruder attacks in transmission sections have been raised with a need for safe and secure communication being valued. Any successful intruder attacks on vehicular operation and control systems as well as on visual equipment could result in serious safety and privacy problems. Thus, research has focused on hardware-based security and secure communication protocols. This paper proposed a safe and secure vehicular communication protocol, used the formal verification tool, Casper/FDR to test the security of the proposed protocol against different types of intruder attacks, and verified that the proposed protocol was secure and ended without problems.

• Korean Security Journal
• /
• no.48
• /
• pp.57-78
• /
• 2016

This study was set up hypotheses and conduct surveys target major in security students that the higher satisfaction with the curriculum and major selection will be higher satisfaction for the job selection and employment after graduation. Test results Chronbach's Alpha coefficients 0.833 have been calculated as ensuring internal consistency and simple regression analysis revealed a correlation coefficient of each item is presented to 0.811 showed a very high correlation. Therefore, the higher the satisfaction with the major selection and curriculum were analyzed by the higher satisfaction with the job choices and employment after graduation. The university seems to need effective training courses to give students an increasing satisfaction with the majors. To increase the level of theoretical and practical training is required to the active support and attention of Industrial School Institute. In order to increase the satisfaction of employees and future development security, the need for effective education in universities is raised.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.2
• /
• pp.223-230
• /
• 2013

Recently, a large number of corporations are adopting cloud solution in order to reduce IT-related costs. By the way, Digital Trace should have admissibility to be accepted as digital evidence in court, and integrity is one of the factors for admissibility. In this context, this research implemented integrity verification test to VM Data which was collected by well-known private cloud solutions such as Citrix, VMware, and MS Hyper-V. This paper suggests the effective way to verify integrity of VM data collected in private cloud computing environment based on the experiment and introduces the error that EnCase fails to mount VHD (Virtual Hard Disk) files properly.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.5
• /
• pp.818-828
• /
• 2018

Nowadays, various security systems are developed and used for protecting information on the network. Although security solutions can prevent some of the security risks, they provide high performance only if used appropriately in accordance with their purposes and functionality. Security solutions commonly used in information protection systems include firewalls, IDS, and IPS. However, despite various information protection systems are introduced, there are always techniques that can threaten the security systems through bypassing them. The purpose of this paper is to develop effective training techniques for responding to the bypass attack techniques in the information security systems and to develop effective techniques that can be applied to the training. In order to implement the test bed we have used GNS3 network simulator, and deployed it on top of virtual operating system using VirtualBox. The proposed correspondence training scenario against bypassing information protection system attacks could be very effectively used to counteract the real attacks.

• The Journal of the Korea Contents Association
• /
• v.9 no.10
• /
• pp.305-313
• /
• 2009

This study is to test the relationship between job stress, social support and subjective well-being among security guard. 420 members of private security companies in Seoul were selected. Total 356 copies were picked up as the final sample. In conclusion, First, job stress among the private security guard have an effect on the social support. In other words, even though their role and personal relationship put them under a lot of stress, social support is high. while the more stress of duty they have, the lower social support is. Second, job stress among the private security guard have an effect on the subjective well-being. That is to say, the more stress of duty they have, the lower subjective well-being is. Third, social support has an effect on the subjective well~being. Namely, the more social support by neighbor and family is, the higher subjective well-being is. Forth, job stress has a direct or indirect effects social support and subjective well-being in meal or in malt.

• Proceedings of the Korea Contents Association Conference
• /
• 2009.05a
• /
• pp.1175-1179
• /
• 2009

This study is to test the relationship between job stress, social support and subjective well-being among security agents. From 2. 23 to 3.30. 2009, covering a 35day period, 14 private security companies in Seoul were selected. Total 356 copies were picked up as the final sample. First, job stress of security agents showed that it was related to social support of neighbor and there's no relation to social support of family. Second, it showed that job stress of security agents negative affected on subjective well-being. Third, social support attentively affected on social well-being. Especially, it showed that the more social support by family was, the more subjective well-being was. Considering all the factors, social support by neighbors functions as an important parameter in relationship between subjective well-being and job stress among security agents.

• KSCI Review
• /
• v.14 no.2
• /
• pp.205-214
• /
• 2006

Is need Remote Access through internet for business of Ubiquitous Computing age, and apply OTP for confidentiality about inputed ID and Password, network security of integrity. Current OTP must be possessing hardware or Token, and there is limitation in security. Install a Snooping tool to OTP network in this treatise, and because using Cain, enforce ARP Cache Poisoning attack and confirm limitation by Snooping about user password. Wish to propose new system that can apply Tokenless OTP by new security way, and secure confidentiality and integrity. Do test for access control inflecting Tokenless OTP at Remote Access from outside. and could worm and do interface control with certification system in hundred. Even if encounter hacking at certification process, thing that connection is impossible without pin number that only user knows confirmed. Because becoming defense about outward flow and misuse and hacking of password when apply this result Tokenless OTP, solidify security, and evaluated by security system that heighten safety.