• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.1
• /
• pp.824-827
• /
• 2005

The need to be able to identify other individual human beings is fundamental to the security and has been true since the beginning of human history. Physical or behavioral characteristics (finger-scan, face-scan, voice, palm, iris, retina, signature, human DNA, keystroke, vain, gait etc.) of a person are used to authenticate the person. The biometric technologies allow for a greater reliability of authentication as compared with password systems for physical access, network security, e-commerce, and so on. In this paper, we describe various technologies, market analysis, multi-modal system, standardization, privacy issue and future prospect of biometrics.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.21 no.2
• /
• pp.147-157
• /
• 2018

There are increasing demands to provide early warning against intruding drones and cope with potential threats. Commercial anti-drone systems are mostly based on simple target detection by radar reflections. In real scenario, however, it becomes essential to obtain drone radar signatures so that hostile targets are recognized in advance. We present experimental test results that micro-Doppler radar signature delivers partial information on multi-rotor platforms and exhibits limited performance in drone recognition and classification. Afterward, we attempt to generate high resolution profile of flying drone targets. To this purpose, wide bands radar signals are employed to carry out inverse synthetic aperture radar(ISAR) imaging against moving drones. Following theoretical analysis, experimental field tests are carried out to acquire real target signals. Our preliminary tests demonstrate that high resolution ISAR imaging provides effective measures to detect and classify multiple drone targets in air.

• Journal of KIISE:Computing Practices and Letters
• /
• v.8 no.3
• /
• pp.303-317
• /
• 2002

In this paper, we design and implement E-COIRS enabling users to query with concepts and image features used for further refining the concepts. For example, E-COIRS supports the query "retrieve images containing black home appliance to north of reception set. "The query includes two types of concepts: IS-A and composite. "home appliance"is an IS-A concept, and "reception set" is a composite concept. For evaluating such a query. E-COIRS includes three important components: a visual image indexer, thesauri and a query processor. Each pair of objects in an mage captured by the visual image indexer is converted into a triple. The triple consists of the two object identifiers (oids) and their spatial relationship. All the features of an object is referenced by its old. A composite concept is detected by the triple thesaurus and IS-A concept is recolonized by the fuzzy term thesaurus. The query processor obtains an image set by matching each triple in a user with an inverted file and CS-Tree. To support efficient storage use and fast retrieval on high-dimensional feature vectors, E-COIRS uses Cell-based Signature tree(CS-Tree). E-COIRS is a more advanced content-based image retrieval system than other systems which support only concepts or image features.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1994.11a
• /
• pp.51-66
• /
• 1994

A divisible off-line electronic cash system based on cut-and-choose has first been proposed by [OO91] and recently more efficient single term divisible cash system was presented in [EO94] which is based on Brand's scheme [Bra93]. In this paper, we present a different type of single term divisible electronic cash system which is more efficient than previously proposed systems such as [OO91], [YLR93], and [EO94] in the standpoint of the amount of communication, the number of modular multiplications required in the payment transactions, and the storage requirement in the withdrawal protocol. Our scheme is a modified version of [LL93], where the major improvement has been made in its withdrawal transaction to introduce untraceability and multi-spendability. We have borrowed the idea of the withdrawal protocol of our scheme from [EO94] with minor modifications. Transferability in our scheme allows only a finite number of transfer. Our scheme satisfies an the desirable properties of an electronic cash system such as untraceability, divisibility and transferability. In addition, we present a n-spendable cash. The basic idea of extension to multi-spendability has been borrowed from [Bra93] with minor modifications.

• Smart Structures and Systems
• /
• v.9 no.6
• /
• pp.489-504
• /
• 2012

For the safety of prestressed structures such as cable-stayed bridges and prestressed concrete bridges, it is very important to ensure the prestress force of cable or tendon. The loss of prestress force could significantly reduce load carrying capacity of the structure and even result in structural collapse. The objective of this study is to present a smart PZT-interface for wireless impedance-based prestress-loss monitoring in tendon-anchorage connection. Firstly, a smart PZT-interface is newly designed for sensitively monitoring of electro-mechanical impedance changes in tendon-anchorage subsystem. To analyze the effect of prestress force, an analytical model of tendon-anchorage is described regarding to the relationship between prestress force and structural parameters of the anchorage contact region. Based on the analytical model, an impedance-based method for monitoring of prestress-loss is conducted using the impedance-sensitive PZT-interface. Secondly, wireless impedance sensor node working on Imote2 platforms, which is interacted with the smart PZT-interface, is outlined. Finally, experiment on a lab-scale tendon-anchorage of a prestressed concrete girder is conducted to evaluate the performance of the smart PZT-interface along with the wireless impedance sensor node on prestress-loss detection. Frequency shift and cross correlation deviation of impedance signature are utilized to estimate impedance variation due to prestress-loss.

• Journal of Information Processing Systems
• /
• v.17 no.4
• /
• pp.851-865
• /
• 2021

Enterprise networks in the PyeongChang Winter Olympics were hacked in February 2018. According to a domestic security company's analysis report, attackers destroyed approximately 300 hosts with the aim of interfering with the Olympics. Enterprise have no choice but to rely on digital vaccines since it is overwhelming to analyze all programs executed in the host used by ordinary users. However, traditional vaccines cannot protect the host against variant or new malware because they cannot detect intrusions without signatures for malwares. To overcome this limitation of signature-based detection, there has been much research conducted on the behavior analysis of malwares. However, since most of them rely on a sandbox where only analysis target program is running, we cannot detect malwares intruding the host where many normal programs are running. Therefore, this study proposes a method to detect malware variants in the host through logs rather than the sandbox. The proposed method extracts common behaviors from variants group and finds characteristic behaviors optimized for querying. Through experimentation on 1,584,363 logs, generated by executing 6,430 malware samples, we prove that there exist the common behaviors that variants share and we demonstrate that these behaviors can be used to detect variants.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.2
• /
• pp.617-636
• /
• 2021

This paper presents a privacy-preserving data aggregation scheme deals with the multidimensional data. It is essential that the multidimensional data is rarely mentioned in all researches on smart grid. We use the Paillier Cryptosystem and blinding factor technique to encrypt the multidimensional data as a whole and take advantage of the homomorphic property of the Paillier Cryptosystem to achieve data aggregation. Signature and efficient batch verification have also been applied into our scheme for data integrity and quick verification. And the efficient batch verification only requires 2 pairing operations. Our scheme also supports fault tolerance which means that even some smart meters don't work, our scheme can still work well. In addition, we give two extensions of our scheme. One is that our scheme can be used to compute a fixed user's time-of-use electricity bill. The other is that our scheme is able to effectively and quickly deal with the dynamic user situation. In security analysis, we prove the detailed unforgeability and security of batch verification, and briefly introduce other security features. Performance analysis shows that our scheme has lower computational complexity and communication overhead than existing schemes.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.9
• /
• pp.3258-3273
• /
• 2021

Malware is a severe threat to the computing system and there's a long history of the battle between malware detection and anti-detection. Most traditional detection methods are based on static analysis with signature matching and dynamic analysis methods that are focused on sensitive behaviors. However, the usual detections have only limited effect when meeting the development of malware, so that the manual update for feature sets is essential. Besides, most of these methods match target samples with the usual feature database, which ignored the characteristics of the sample itself. In this paper, we propose a new malware detection method that could combine the features of a single sample and the general features of malware. Firstly, a structure of Directed Cyclic Graph (DCG) is adopted to extract features from samples. Then the sensitivity of each API call is computed with Markov Chain. Afterward, the graph is merged with the chain to get the final features. Finally, the detectors based on machine learning or deep learning are devised for identification. To evaluate the effect and robustness of our approach, several experiments were adopted. The results showed that the proposed method had a good performance in most tests, and the approach also had stability with the development and growth of malware.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.5
• /
• pp.93-103
• /
• 2009

Since message forgery or alteration in VANET may cause severe consequences, authentication of critical messages must be provided. However, using normal digital signature may infringe privacy of drivers. Therefore, VANET requires authentication systems that provide conditional anonymity. In this paper, we propose a new authentication system for VANET. In our proposed system, each vehicle can update its pseudonym using re-encryption technique and digitally sign messages using representation problem on the pseudonym. By limiting the usage period, revocation of individual pseudonym is not required. Moreover, we also provide a way to revoke the vehicle itself. Secureness of our system partially rely on the usage of tamper-resistance hardware.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.44 no.1
• /
• pp.51-59
• /
• 2021

Electronic document communication based on a digital channel is becoming increasingly important with the advent of the paperless age. The electronic document based on PDF format does not provide a powerful customer experience for a mobile device user despite replacing a paper document by providing the content integrity and the independence of various devices and software. On the other hand, the electronic document based on HTML5 format has weakness in the content integrity as there is no HTML5 specification for the content integrity despite its enhanced customer experience such as a responsive web technology for a mobile device user. In this paper, we design the Document-HTML, which provides the content integrity and the powerful customer experience by declaring the HTML5 constraint rules and the extended tags to contain the digital signature based on PKI. We analyze the existing electronic document that has been used in the major financial enterprise to develop a sample. We also verify the Document-HTML by experimenting with the sample of HTML electronic communication documents and analyze the PKI equation. The Document-HTML document can be used as an authorized electronic document communication and provide a powerful customer experience in the mobile environment between an enterprise and a user in the future.