• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.6
• /
• pp.135-149
• /
• 2006

Securing wireless Ad hoc network including the secure mechanism design and implementation is generally more difficult for vulnerability of channels and nodes, the absence of infrastructure, topology that change dynamically, and etc, than ire network. The efforts of early researches are based on the adaptation of securing methods for the wire network to wireless ad hoc network. However, wireless ad hoc network could not get effective study finding because network has essential problems. This paper proposes that some new problems are being came to light over the survivability and availability of the network itself, that are caused by the massive packet attack of more than one or two nodes, and proves the consequence of this phenomenon. Also, we propose an effective prevention mechanism of masquerade attacks for survivability reinforcement that escape standard of the early way by survivability of wireless Ad hoc network and approaches for performance elevation and reflect special quality of wireless Ad hoc network.

• Journal of Information Processing Systems
• /
• v.16 no.5
• /
• pp.1034-1047
• /
• 2020

The personal authentication technique is an essential tool in this complex and modern digital information society. Traditionally, the most general mechanism of personal authentication was using alphanumeric passwords. However, passwords that are hard to guess or to break, are often hard to remember. There are demands for a technology capable of replacing the text-based password system. Graphical passwords can be an alternative, but it is vulnerable to shoulder-surfing attacks. This paper looks through a number of recently developed graphical password systems and introduces a personal authentication system using a machine learning technique with electroencephalography (EEG) signals as a new type of personal authentication system which is easier for a person to use and more difficult for others to steal than other preexisting authentication systems.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.1
• /
• pp.132-141
• /
• 2015

There might have been weakness in securing user authentication or verification with real time service approach, while existing unimodal biometric authentication has been used mainly for user identification and recognition. Accordingly, it is essential to research and develop ways that upgrade security performance with multi biometric based real time authentication and verification technology. This paper focused to suggest binding assignment and strategy for developing multi biometric authentication technology through investigation of advanced study and patents. Description includes introduction, technology outline, technology trend, patent analysis, and conclusion.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.05a
• /
• pp.50-53
• /
• 2022

Recently, there have been cases in which counterfeit foreign ships have entered and left domestic ports several times. Vessels have a ship-specific serial number given by the International Maritime Organization (IMO) to identify the vessel, and IMO marking is mandatory on all ships built since 2004. In the case of airports and ports, which are representative logistics platforms, a security system is essential, but it is difficult to establish a security system at a port and there are many blind spots, which can cause security problems due to insufficient security systems. In this paper, a port security system is designed using deep learning object recognition and OpenCV. The security system process extracts the IMO number of the ship after recognizing the object when entering the ship, determines whether it is the same ship through feature point matching for ships with entry records, and stores the ship image and IMO number in the entry/exit DB for the first arrival vessel. Through the system of this paper, port security can be strengthened by improving the efficiency and system of port logistics by increasing the efficiency of port management personnel and reducing incidental costs caused by unauthorized entry.

• The KIPS Transactions:PartC
• /
• v.15C no.5
• /
• pp.359-366
• /
• 2008

As the use of Internet and information communication technology is being generalized, the SSL protocol is essential in Internet because the important data should be transferred securely. While the SSL protocol is designed to defend from active attack such as message forgery and message alteration, the cipher suite setting can be easily modified. If the attacker draw on a malfunction of the client system and modify the cipher suite setting to the symmetric key algorithm which has short key length, he should eavesdrop and cryptanalysis the encrypt data. In this paper, we examine the domestic web site whether they generate the security session through the symmetric key algorithm which has short key length and propose the solution of the cipher suite setting problem.

• Journal of Internet Computing and Services
• /
• v.8 no.3
• /
• pp.9-17
• /
• 2007

Super-distribution is essential for revitalization of digital contents industry in DRM system. Since existing DRM systems emphasize on security for intellectual property rights, it became restrictions to content distribution and the consumer rights. This paper suggests license management mechanism which strengthen super-distribution between consumers. It is to manage distribution history for each content by inserting consumer's identification information in content head. Client can verify security by comparing header and license after issuing license. It classifies the type of distribution and license, and then applies adaptive distribution methods. It can revitalize contents distribution by releasing proper license for super-distribution.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.6
• /
• pp.370-378
• /
• 2014

It is well known that data mining plays a crucial role in varities of real-world applications, by which extracts knowledge from large volume of datasets. Among functionalties provided by data mining, frequency mining over given multisets is a basic and essential one. However, most of users would like to obtain the frequency over their multisets without revealing their own multisets. In this work, we come up with a novel way to achive this goal and prove its security rigorously. Our scheme has several advantages over existing work as follows: Firstly, our scheme has the most efficient computational complexity in the cardinality of multisets. Further our security proof is rigorously in the simulation paradigm. Lastly our system assumption is general.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.13 no.3
• /
• pp.19-25
• /
• 2017

Nowadays, networked computer systems play an increasingly important role in our society and its economy. They have become the targets of a wide array of malicious attacks that invariably turn into actual intrusions. This is the reason computer security has become an essential concern for network administrators. Recently, a number of Detection/Prevention System schemes have been proposed based on various technologies. However, the techniques, which have been applied in many systems, are useful only for the existing patterns of intrusion. Therefore, probe detection has become a major security protection technology to detection potential attacks. Probe detection needs to take into account a variety of factors ant the relationship between the various factors to reduce false negative & positive error. It is necessary to develop new technology of probe detection that can find new pattern of probe. In this paper, we propose an hybrid probe detection using Fuzzy Cognitive Map(FCM) and Self Adaptive Module(SAM) in dynamic environment such as Cloud and IoT. Also, in order to verify the proposed method, experiments about measuring detection rate in dynamic environments and possibility of countermeasure against intrusion were performed. From experimental results, decrease of false detection and the possibilities of countermeasures against intrusions were confirmed.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.16 no.1
• /
• pp.99-109
• /
• 2020

In the past, conservative concepts have been applied in terms of the characteristic of nuclear power plants(NPPs), resulting in analog-based equipment and closed networks. However, as digital technology has recently been applied to the design, digital-based facilities and communication networks have been used in nuclear power plants, increasing the risk of cybersecurity than using analog-based facilities. Nuclear power plant facilities are divided into a safety system and a non-safety system. It is essential to identify the difference and cope with cybersecurity threats to the safety system according to its characteristics. In this paper, we examine the cybersecurity regulatory guidelines for safety systems in nuclear power plant facilities. Also, we analyze cybersecurity threats to a programmable logic controller of the safety system and suggest cybersecurity requirements be applied to it to respond to the threats. By implementing security functions suitable for the programmable logic controller according to the suggested cybersecurity requirements, regulatory guidelines can be satisfied, and security functions can be extended according to other system requirements. Also, it can effectively cope with cybersecurity attacks that may occur during the operation of nuclear power plants.

• Journal of National Security and Military Science
• /
• s.2
• /
• pp.261-283
• /
• 2004

To build up the military strength based on information oriented armed forces, the Korean ministry of national defense (MND) promotes the defense CALS (Continuous Acquisition and Life cycle Support) initiative for the reductions of acquisition times, improvements of system qualities, and reductions of costs. These defense CALS activities are the major component of the underlying mid and long term defense digitization program and the ultimate goal of program is to bring a quick victory by providing real-time battlefield intelligence and the economical operations of the military. The concept of defense CALS is to automate the acquisition and disposition of defense systems throughout their life cycle. For implementing defense CALS, the technology for exchange and sharing CALS standard data that is created once and used many times should be considered. In order to develop an efficient CALS information exchange and sharing system, it is required to integrate distributed and heterogeneous data sources and provide systematic search tools for those data. In this study, we developed a content based search engine technology which is essential for the construction of integrated data environments. The developed technology provides the environment of sharing the CALS standard data such as SGML(Standard Generalized Markup Language) and STEP(Standard for The Exchange of Product model data). Utilizing this technology, users can find and access distributed and heterogeneous data sources without knowing its actual location.