• The KIPS Transactions:PartC
• /
• v.16C no.6
• /
• pp.691-698
• /
• 2009

A mobile communication device is a small size of portable computer which provides communication service, such as smart phone and PDA. Currently, one of the biggest barriers in developing the mobile communication device is security issue. Even though there are excellent security functions which can remove the security issues, there is a problem that the mobile communication device can not be loaded with all the functions because it has low storage, poor computational power, and inconvenient user interface, compared to the desktop personal computer. This paper proposes a context-aware security reconfiguration scheme for effective security management of the mobile communication device. The scheme can provide the mobile communication device with the optimized security service which is most adapted to its current security context. Through the prototype implementation and the experiments of the proposed scheme, we have confirmed that the proposed scheme is excellent in terms of computing resource efficiency and usability, without degrading security level.

• The KIPS Transactions:PartC
• /
• v.18C no.5
• /
• pp.317-326
• /
• 2011

This study is meaningful in that it standardizes various security and defense policies and devices, newly defines characteristics of defense policies and defense techniques, and specify and report various kinds of security polities and devices in order for administrators or users to add and apply the policies when introducing new security policies including the implementation of existing network infra and applying additionally. Therefore, this study aims to divide the policies into ONSU-MF(One Network Security Unit-Multi Function) that classifies one network security device-based policies and OSD-MD(One Security Device-Multi Defense), which implements various security methods by using one security device, and suggest network security infra improvement mechanism through the standardization implementation technique integrating the two methods.

• Journal of Digital Convergence
• /
• v.14 no.11
• /
• pp.501-505
• /
• 2016

Recently, the frequency of dealing important information regarding financial services like paying through smart device or internet banking on smart device has been increasing. Also, with the development of smart device execution environment towards open software environment, it became easier for users to download and use random application software, and its security aspect appears to be weakening. This study inspects features of hardware-based smart device security technology. Furthermore, this study proposes a realization method in MTM hardware-based secure smart device execution environment for an application software that runs in smart devices. While existing MTM provides the root of trust function only for the mobile device, the MTM-based mobile security environment technology proposed in this paper can provide numerous security functions that application program needs in mobile device. The further researches on IoT devices that are compatible with security hardware, gateway security technology and methods that secure reliability and security applicable to varied IoT devices by advancing security hardware are the next plan to proceed.

• Journal of Information Processing Systems
• /
• v.14 no.3
• /
• pp.740-750
• /
• 2018

There are a great number of Internet-connected devices and their information can be acquired through an Internet-wide scanning tool. By associating device information with publicly known security vulnerabilities, security experts are able to determine whether a particular device is vulnerable. Currently, the identification of the device information and its related vulnerabilities is manually carried out. It is necessary to automate the process to identify a huge number of Internet-connected devices in order to analyze more than one hundred thousand security vulnerabilities. In this paper, we propose a method of automatically generating device information in the Common Platform Enumeration (CPE) format from banner text to discover potentially weak devices having the Common Vulnerabilities Exposures (CVE) vulnerability. We demonstrated that our proposed method can distinguish as much adequate CPE information as possible in the service banner.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.6
• /
• pp.1455-1459
• /
• 2016

Recently, the frequency of dealing important information regarding financial services like paying through smart device or internet banking on smart device has been increasing. Also, with the development of smart device execution environment towards open software environment, it became easier for users to download and use random application software, and its security aspect appears to be weakening. This study will inspect features of hardware-based smart device security technology. Furthermore, this study will propose a realization method in MTM hardware-based secure smart device execution environment for application software runs that in smart device.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.4 no.4
• /
• pp.671-690
• /
• 2010

The continuous growth of attacks in the Internet causes to generate a number of rules in security devices such as Intrusion Prevention Systems, firewalls, etc. Policy anomalies in security devices create security holes and prevent the system from determining quickly whether allow or deny a packet. Policy anomalies exist among the rules in multiple security devices as well as in a single security device. The solution for policy anomalies requires complex and complicated algorithms. In this paper, we propose a new method to remove policy anomalies in a single security device and avoid policy anomalies among the rules in distributed security devices. The proposed method classifies rules according to traffic direction and checks policy anomalies in each device. It is unnecessary to compare the rules for outgoing traffic with the rules for incoming traffic. Therefore, classifying rules by in-out traffic, the proposed method can reduce the number of rules to be compared up to a half. Instead of detecting policy anomalies in distributed security devices, one adopts the rules from others for avoiding anomaly. After removing policy anomalies in each device, other firewalls can keep the policy consistency without anomalies by adopting the rules of a trusted firewall. In addition, it blocks unnecessary traffic because a source side sends as much traffic as the destination side accepts. Also we explain another policy anomaly which can be found under a connection-oriented communication protocol.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.4
• /
• pp.1941-1960
• /
• 2019

Unmanned aerial vehicles (UAVs), acting as mobile base stations (BSs), can be deployed in the typical fifth-generation mobile communications (5G) scenarios for the purpose of substantially enhancing the radio coverage. Meanwhile, UAV aided underlay device-to-device (D2D) communication mode can be activated for further improving the capacity of the 5G networks. However, this UAV aided D2D communication system is more vulnerable to eavesdropping attacks, resulting in security risks. In this paper, the D2D receivers work in full-duplex (FD) mode, which improves the security of the network by enabling these legitimate users to receive their useful information and transmit jamming signal to the eavesdropper simultaneously (with the same frequency band). The security communication under the UAV coverage is evaluated, showing that the system's (security) capacity can be substantially improved by taking advantage of the flexible radio coverage of UAVs. Furthermore, the closed-form expressions for the coverage probabilities are derived, showing that the cellular users (CUs)' secure coverage probability in downlink transmission is mainly impacted by the following three factors: its communication area, the relative position with UAV, and its eavesdroppers. In addition, it is observed that the D2D users or DUs' secure coverage probability is relevant to state of the UAV. The system's secure capacity can be substantially improved by adaptively changing the UAV's position as well as coverage.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.7C
• /
• pp.584-591
• /
• 2012

Distributing a Certificate Revocation List (CRL) quickly to all vehicles in the system requires a very large number of road side units (RSUs) to be deployed. In reality, initial deployment stage of vehicle networks would be characterized by limited infrastructure as a result in very limited vehicle to infrastructure communication. However, every vehicle wants the most recent CRLs to protect itself from malicious users and malfunctioning equipments, as well as to increase the overall security of the vehicle networks. To address this challenge, we design and implement a nomadic device based CRL acquisition method using nomadic device's communication capability with cellular networks. When a vehicle could not directly communicate with nearby RSUs, the nomadic device acts as a security mediator to perform vehicle's security functions continuously through cellular networks. Therefore, even if RSUs are not deployed or sparsely deployed, vehicle's security threats could be minimized by receiving the most recent CRLs in a reasonable time.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39C no.1
• /
• pp.1-8
• /
• 2014

This paper proposed a method that prevents data leakage and modulation and detects an unauthorized device by using AP and mobile device. Most of existing method for detecting and preventing an unauthorized device are similar to type of Evil Twin. However, in previous studies can not resolve many security accident and have the problem to cope with effectively security accident on various network. In order to solve these problem, companies prepare security accident through the varies policy and guideline. but It is hard to prevent all security accident because it is consistently increasing everyday. This paper suggests technique of detecting and preventing an unauthorized device using Context Awareness and Mobile Device Management. Firstly, when mobile device go into internal network, server distinguish access permission and authorization of mobile device using acquiring the conetxt information of mobile device. By using this result, server applies the appropriate management technique to the mobile device for leakage and accident of internal network.

• Convergence Security Journal
• /
• v.18 no.2
• /
• pp.49-58
• /
• 2018

As the demand for Internet of Things(IoT) increases, the need for the security of IoT devices is increasing steadily. It is difficult to apply the conventional security theory to IoT devices because IoT devices are subject to be constrained by some factors such as hardware, processor, and energy. Nowadays we have several security guidelines and related documents on IoT device. Most of them, however, do not consider the characteristics of specific IoT devices. Since they describes the security issues comprehensively, it is not easy to explain the specific security level reflecting each characteristics of IoT devices. In addition, most existing guidelines and related documents are described in view of developers and service proposers, and thus ordinary users are not able to assess whether a specific IoT device can protect their information securely or not. We propose an security evaluation model, based on the existing guidelines and related documents, for more specific IoT devices and prove that this approach is more convenient to ordinary users by creating checklists for the smart watch.