• Journal of Digital Convergence
• /
• v.16 no.2
• /
• pp.195-201
• /
• 2018

Smartphones and PCs have become essential components of our daily life. People are expressing their opinions freely in SNS by using these devices. We are able to predict public opinions on specific subject by analyzing the related big data in SNS. In this paper, we have collected opinion data in SNS and analyzed reputation by text mining in order to make a prediction for the will of the people before 19th presidential election in South Korea. The result shows that our method makes more accurate estimate than other election polls.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.49 no.4
• /
• pp.9-15
• /
• 2012

With the rise of internet and e-commerce, this is more applicable now than ever. People rely on computer networks to provide them with news, stock prices, e-mail and online shopping. People's credit card details, medical records and other personal information are stored on computer systems. Many companies have a web presence as an essential part of their business. The research community uses computer systems to undertake research and to disseminate findings. The integrity and availability of all these systems have to be protected against a number of threats. Amateur hackers, rival corporations, terrorists and even foreign governments have the motive and capability to carry out sophisticated attacks against computer systems. Therefore, the field of information and communication security has become vitally important to the safety and economic well being of society as a whole. This paper provides an overview of IDS and IPS, their functions, detection and analysis techniques. It also presents comparison of security capability and characteristics of IDPS techniques. This will make basis of IDPS(Intrusion Detection and Protection System) technology integration for a broad-based IDPS solutions

• Convergence Security Journal
• /
• v.19 no.3
• /
• pp.61-70
• /
• 2019

Recently, developments on quantum computers and cloud computing have been actively conducted. Quantum computers have been known to show tremendous computing power and Cloud computing has high accessibility for information and low cost. For quantum computers, quantum error correcting codes are essential. Similarly, cloud computing requires homomorphic encryption to ensure security. These two techniques, which are used for different purposes, are based on similar assumptions. Then, there have been studies to construct quantum homomorphic encryption based on quantum error correction code. Therefore, in this paper, we propose a scheme which can process the homomorphic encryption like quantum computation by modifying the QECCs. Conventional quantum homomorphic encryption schemes based on quantum error correcting codes does not have error correction capability. However, using the proposed scheme, it is possible to process the homomorphic encryption like quantum computation and correct the errors during computation and storage of quantum information unlike the homogeneous encryption scheme with quantum error correction code.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.6
• /
• pp.1193-1204
• /
• 2021

In information security, AI technology is used to detect unknown malware. Although AI technology guarantees high accuracy, it inevitably entails false positives, so we are considering introducing XAI to interpret the results predicted by AI. However, XAI evaluation studies that evaluate or verify the interpretation only provide simple interpretation results are lacking. XAI evaluation is essential to ensure safety which technique is more accurate. In this paper, we interpret AI results as features that have significantly contributed to AI prediction in the field of malware, and present an evaluation method for the interpretation of AI results. Interpretation of results is performed using two XAI techniques on a tree-based AI model with an accuracy of about 94%, and interpretation of AI results is evaluated by analyzing descriptive accuracy and sparsity. As a result of the experiment, it was confirmed that the AI result interpretation was properly calculated. In the future, it is expected that the adoption and utilization of XAI will gradually increase due to XAI evaluation, and the reliability and transparency of AI will be greatly improved.

• Journal of Internet Computing and Services
• /
• v.23 no.6
• /
• pp.15-26
• /
• 2022

Various subjects are carrying out cyberattacks using a variety of tactics and techniques. Additionally, cyberattacks for political and economic purposes are also being carried out by groups which is sponsored by its nation. To deal with cyberattacks, researchers used to classify the malware family and the subjects of the attack based on malware signature. Unfortunately, attackers can easily masquerade as other group. Also, as the attack varies with subject, techniques, and purpose, it is more effective for defenders to identify the attacker's purpose and goal to respond appropriately. The essential goal of cyberattacks is to threaten the information security of the target assets. Information security is achieved by preserving the confidentiality, integrity, and availability of the assets. In this paper, we relabel the attacker's goal based on MITRE ATT&CK® in the point of CIA triad as well as classifying cyber security reports to verify the labeling method. Experimental results show that the model classified the proposed CIA label with at most 80% probability.

• Journal of Internet Computing and Services
• /
• v.7 no.4
• /
• pp.115-122
• /
• 2006

The purpose of this paper is to suggest the improving plans about the system as searching an effective managing devices for NEIS with analysis of managing condition. For the plans, questionnaire was performed in the five sections to primary and secondary school teachers. Those were recognition about C/S, Introduction and conductive processing of NEIS, Satisfaction of specific task on school affairs and educational matters, its function, efficiency and security as well as technical problem. Those were recognition about C/S, Introduction and conductive processing of NEIS, Satisfaction of specific task on school affairs and educational matters, its function, efficiency and security as well as technical problem. The results are following: First. in spite of satisfaction with function of C/S, it have been some problems such as frequent patch and down of server. Secondly, although the introduction of NEIS was done in hurry without gathering teachers' opinions and sufficient research of system, it has been expected to settle down normally with correction and security. Thirdly, positive reaction was generally showed in research on satisfaction of specific task for school affairs and educational matters. Fourthly, most of teachers have known the functions of NEIS and recognized its convenience. Although they has not thought it reduced their work, they have realized it's convenient for dealing with statistics. Lastly, they think of NEIS as the essential system for the age of information, in spite of problems such as reveal of personal data and security. Therefore, we should keep eyes to problem of an invasion of human right. In addition, study deep into NEIS should be conducted with consistent security for the system. In order to it. technical and legal system should be carried out side by side.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.5B
• /
• pp.849-857
• /
• 2010

Security is essential to make use of application service securely in VANET environments. This paper proposes payment protocol which supports user's anonymity. The proposed protocol is designed to use a charge card as a payment method and performs pre-registration, renewal and payment phase. The user's anonymity and disclosure of charge card information is protected through the pre-registration and renewal phase, and also fast computing operation is supported by minimizing the computational load on vehicles.

• Journal of Communications and Networks
• /
• v.15 no.5
• /
• pp.464-468
• /
• 2013

The widespread use of cryptographic technologies is complicated by inconsistencies and duplication in the key management systems supporting their applications. The proliferation of key management systems or protocols also results in higher operational and infrastructure costs, and fails in interoperability. Thus, it is essential to realize key management interoperability between different and heterogeneous cryptosystems. This paper presents a practical and separable key management system for heterogeneous public-key cryptosystems. We achieve the interoperability between different cryptosystems via cryptography approaches rather than communication protocols. With our scheme, each client can freely use any kind of cryptosystemthat it likes. The proposed scheme has two advantages over the key management interoperability protocol introduced by the organization for the advancement of structured information standards. One is that all the related operations do not involve the communication protocol and thus no special restrictions are taken on the client devices. The other is that the proposed scheme does not suffer from single-point fault and bottleneck problems.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.10a
• /
• pp.1219-1222
• /
• 2015

금융과 IT가 융합되는 핀테크(Fintech)가 IT산업과 금융산업에 새로운 패러다임으로 급부상하고 있다. 핀테크 기술에 대한 기술동향을 파악하고 유사한 연관 기술을 도출하는 것은 관련 사업자가 시장 경쟁에서 우위를 차지하기 위해 필요한 전략적 방향을 제시해 준다. 하지만 핀테크와 같이 단 기간 내에 기술에 대한 파급 속도가 빠르게 일어나며 산업전반에서 기술선점의 필요성이 크게 대두되는 경우 특허 데이터베이스만으로 유사기술을 검색을 위한 키워드를 선정하는 것이 어렵다는 단점이 있다. 본 논문에서는 새롭게 이슈화되는 기술 중 그 성장세가 급격하게 변화하여 등록된 특허만으로는 연관 기술 영역을 파악하는 일이 번거로운 상황에서 기사 분석을 통해 연관 기술 키워드를 추출 할 수 있는 방법을 제안하고자 한다. 특히 핀테크에서 중요하게 인식되는 결제, 보안, 사용자환경에 대한 연관 기술 키워드를 기사 내용에 포함되는 단어의 빈도 분석을 통해 추출하고자 하였다. 최종적으로 추출된 기술 키워드를 이용하여 실제 특허 검색 데이터베이스에서 관련 특허를 수집하고 분석하여 핀테크와 관련성이 매우 높은 연관 핵심 기술 특허를 도출하였다.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.8
• /
• pp.107-115
• /
• 2010

RFID (Radio Frequency IDentification) technology, automatic identification and data capture technologies in ubiquitous computing is an essential skill. Low-cost Radio Frequency Identification tags using memory and no physical contact due to the ease of use and maintenance of excellence are going to use expanded. However, it is possible to the illegal acquisition of the information between RFID tags and readers because RFID uses the RF signal, and the obtained information can be used for the purpose of location tracking and invasion of privacy. In this paper, we proposed the security scheme to protect against the illegal user location tracking and invasion of privacy. The security scheme proposed in this paper, using Gray Code and reduced the capacity of the calculation of the actual tags, However, it is impossible for the malicious attacker to track information because tag information transmitted from the reader is not fixed. Therefore, even if the tags information is obtained by a malicious way, our scheme provides more simple and safe user privacy than any other protection methods to protect user privacy, because not actual information but encrypted information is becoming exposed.