• Convergence Security Journal
• /
• v.20 no.3
• /
• pp.99-108
• /
• 2020

The COVID-19 pandemic have been spreading continuously across the world, hence it is difficult to expect coming to an end in a short period of time. The use of digital technology has shown tangible results in suppressing COVID-19, but raised privacy and data-protection concerns. In the context of the global efforts to deal with the coronavirus pandemic, various digital technologies are taking on a role in surveillance, monitoring, and forecasting. Also the Korea government manages Corona crisis based on legal basis. In this paper, Korea and each country's response to the Corona 19 pandemic are shown, and suggests ways to protect personal information while using digital tools. Large-scale data collection and processing is essential for the suppression of pandemic, but it should be limited to the level and scope required privacy. Also international cooperation, temporary and transparent use of personal information, the corresponding legal basis are necessary. As the use of data and algorithms is expected to continue to increase, technical and institutional efforts to reinforce privacy protection must continue.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.6
• /
• pp.1139-1145
• /
• 2014

User recognition technology, which identifies or verifies a certain individual is absolutely essential under robotic environments for intelligent services. The conventional face recognition algorithm using single distance face image as training images has a problem that face recognition rate decreases as distance increases. The face recognition algorithm using face images by actual distance as training images shows good performance but this has a problem that it requires user cooperation. This paper proposes the LDA-based long distance face recognition method which uses multiple distance face images from a zoom camera for training face images. The proposed face recognition technique generated better performance by average 7.8% than the technique using the existing single distance face image as training. Compared with the technique that used face images by distance as training, the performance fell average 8.0%. However, the proposed method has a strength that it spends less time and requires less cooperation to users when taking face images.

• International Journal of Computer Science & Network Security
• /
• v.21 no.9
• /
• pp.281-291
• /
• 2021

The Islamic jurisprudential legal system represents an essential component of the Islamic religion, that governs many aspects of Muslims' daily lives. This creates many questions that require interpretations by qualified specialists, or Muftis according to the main sources of legislation in Islam. The Islamic jurisprudence is usually classified into branches, according to which the questions can be categorized and classified. Such categorization has many applications in automated question-answering systems, and in manual systems in routing the questions to a specialized Mufti to answer specific topics. In this work we tackle the problem of automatic categorisation of Islamic jurisprudential legal questions using deep learning techniques. In this paper, we build a hierarchical deep learning model that first extracts the question text features at two levels: word and sentence representation, followed by a text classifier that acts upon the question representation. To evaluate our model, we build and release the largest publicly available dataset of Islamic questions and answers, along with their topics, for 52 topic categories. We evaluate different state-of-the art deep learning models, both for word and sentence embeddings, comparing recurrent and transformer-based techniques, and performing extensive ablation studies to show the effect of each model choice. Our hierarchical model is based on pre-trained models, taking advantage of the recent advancement of transfer learning techniques, focused on Arabic language.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.103-113
• /
• 2008

Reducing handoff latency is essential in providing seamless multimedia service in Wireless LAN based on the IEEE 802.11 standard. Reducing authentication delay is critical in reducing handoff latency. To this end, several authentication protocols for fBst handoff have been proposed. Mishra et al. used proactive key distribution to improve the authentication delay incurred in the current standard and Park et al. proposed a new authentication protocol based on Blom's key pre-distribution scheme. In this paper, we propose an enhanced authentication protocol based on Bresson et al.'s group key protocol. If a mobile node has previously access the network, our proposed protocol only requires simple hash operations in providing mutual authentication between a mobile node and access points. Our protocol is more efficient than Park et al.'s and Mishra et al.'s technique can be used in our protocol to further enhance our protocol.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.2
• /
• pp.105-115
• /
• 2009

At the most recent, IPTV service is increasing, which isa communicative broadcasting fusion service that provides various multimedia contents interactively followed by user's request through super high-speed internet. For IPTV user service with high mobility, IPTV user's enrollment is essential. However, IPTV service provided to mobile users can't provide the certification of mobile user securely. This paper proposes light user certification protocol which can certificate mobile users by attaching RFID to IPTV STB for secure awareness of mobile users who get IPTV service. The proposed protocol prevent reply attack and man-in-the-middle attack from happening oftenin a wireless section by transmitting the result value hashed by hash function with both its' ID and random number received from tag after tag transmits random number which generated randomly in the process of certification of mobile user to IPTV STB.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.6
• /
• pp.67-75
• /
• 2003

The development of mobile phone is growing fast in the all over the world. Besides the basic voice communication, many multimedia services and global roaming service are capable in the 3rd generation mobile telecommunication. Because mobile phone has been the essential tool to communicate, the protection of privacy and the safe transmission are critical ones. In synchronous, asynchronous mode IMT2000 service, the mechanism of mutual authentication and generation of cipher key and integrity key are implemented in smart card chip called UIM, USIM. In this paper, we describe the authentication mechanism of 3GPP and 3CPP2 and its implementation results. Then, we specify a few problems which are not defined in standard.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.1
• /
• pp.93-104
• /
• 2011

A conditional access system is an essential element in IPTV services enabling service providers to allow authorized access to their services only to paid subscribers. Currently, there are two types of IPTV service models, namely PPC (pay-per-channel) and PPV (pay-per-view). However, a more desirable model would be the flexible PPC model, in which subscribers are free to choose any combination of preferred channels and add/remove channels independently. In this paper, we first point out that a previously proposed key management scheme for F-PPC is not secure. We then propose a new conditional access system using 4-level key hierarchy to realize secure F-PPC services. Compared to existing schemes, the proposed system is very efficient, just requiring O(1) communication for key update.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.449-451
• /
• 2021

Cyber-attacks targeting endpoints have developed sophisticatedly into targeted and intelligent attacks, Advanced Persistent Threat (APT) targeting the Industrial Internet of Things (IIoT) has increased accordingly. Machine learning-based Endpoint Detection and Response (EDR) solutions combine and complement rule-based conventional security tools to effectively defend against APT attacks are gaining attention. However, universal EDR solutions have a high false positive rate, and needs high-level analysts to monitor and analyze a tremendous amount of alerts. Therefore, the process of optimizing machine learning-based EDR solutions that consider the characteristics and vulnerabilities of IIoT environment is essential. In this study, we analyze the flow and impact of IIoT targeted APT cases and compare the method of machine learning-based APT detection EDR solutions.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.1
• /
• pp.117-128
• /
• 2023

Due to the full revision of the Digital Signature Act (enforcement on December 10, 2020), various certificates are being released and competing in the market. Under fierce competition, the certificate market share of large IT platform companies is increasing, and it is predicted that they will eventually monopolize the market. Therefore, identifying the consumer's certificate choice factors and understanding the difference in importance between the choice factors are essential elements for establishing a company's strategy for the certificate market and product positioning, and are key points in setting the government's certificate policy direction. In this study, consumers' certificate choice factors were extracted based on the details of preceding papers and surveys, and based on the extracted choice factors, 4 choice factors (reliability of issuer, program installation, certificate usage method(how to use), versatility(where to use)) were identified through a Delphi survey. As a result of conjoint analysis by conducting a consumer survey with selected choice factors, the reliability of the issuer was found to be the most important utility value. In order of importance, the certificate usage method(how to use), program installation, and versatility(where to use) appeared.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.1
• /
• pp.103-114
• /
• 2024

In a situation where drone-related crimes continue to rise, research in drone forensics becomes crucial for preventing and responding to incidents involving drones. Conducting forensic analysis on flight record files stored internally is essential for investigating illegal activities. However, analyzing flight record files generated through the exclusive DUML protocol requires a deep understanding of the protocol's structure and characteristics. Additionally, a forensic analysis tool capable of handling cryptographic payloads and analyzing various drone models is imperative. Therefore, this study presents the methods and characteristics of flight record files generated by drones. It also explains the structure of the flight record file and the features of the DUML packet. Ultimately, we conduct forensic analysis based on the presented structure of the DUML packet and propose an extension forensic analysis system that operates more universally than existing tools, performing expanded syntactic analysis.