• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.2
• /
• pp.81-94
• /
• 2005

Recently, wireless LAN circumstance is being widely deployed in Public spots. Many People use Portable equipments such as PDA and laptop computer for multimedia applications, and also demand of mobility support is increasing. However, handoff latency is inevitably occurred between both APs when clients move from one AP to another. To reduce handoff latency. in this paper, we suggest WFH(Weighted Frequent Handoff) using effective data structure. WFH improves cache hit ratio using a new cache replacement algorithm considering the movement pattern of users. It also reduces unessential duplicate traffics. Our algorithm uses FHR(Frequent Handoff Region) that can change pre-authentication lesion according to QoS based user level, movement Pattern and Neighbor Graph that dynamically captures network movement topology.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.6
• /
• pp.1706-1727
• /
• 2023

Under Water Sensor Networks (UWSN) has gained attraction among various communities for its potential applications like acoustic monitoring, 3D mapping, tsunami detection, oil spill monitoring, and target tracking. Unlike terrestrial sensor networks, it performs an acoustic mode of communication to carry out collaborative tasks. Typically, surface sink nodes are deployed for aggregating acoustic phenomena collected from the underwater sensors through the multi-hop path. In this context, UWSN is constrained by factors such as lower bandwidth, high propagation delay, and limited battery power. Also, the vulnerabilities to compromise the aquatic environment are in growing numbers. The paper proposes an Energy-Efficient standalone Intrusion Detection System (EEIDS) to entail the acoustic environment against malicious attacks and improve the network lifetime. In EEIDS, attributes such as node ID, residual energy, and depth value are verified for forwarding the data packets in a secured path and stabilizing the nodes' energy levels. Initially, for each node, three agents are modeled to perform the assigned responsibilities. For instance, ID agent verifies the node's authentication of the node, EN agent checks for the residual energy of the node, and D agent substantiates the depth value of each node. Next, the classification of normal and malevolent nodes is performed by determining the score for each node. Furthermore, the proposed system utilizes the sheep-flock heredity algorithm to validate the input attributes using the optimized probability values stored in the training dataset. This assists in finding out the best-fit motes in the UWSN. Significantly, the proposed system detects and isolates the malicious nodes with tampered credentials and nodes with lower residual energy in minimal time. The parameters such as the time taken for malicious node detection, network lifetime, energy consumption, and delivery ratio are investigated using simulation tools. Comparison results show that the proposed EEIDS outperforms the existing acoustic security systems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.1
• /
• pp.13-31
• /
• 2023

Korean Government-PKI (GPKI) is a public-key infrastructure which provides authentication and security functions for information system used by central government, local governments, and public institutions of the Republic of Korea to provide their own administrative and public services. The current cryptosystem of GPKI was established in the early 2000s, and more than ten years have passed since the last improvement in 2010. Over the past decade or so, the information security, including cryptography, has undergone many changes and will continue to face many changes. Therefore, for the sustainable security of GPKI, it is necessary to review the security of the cryptosystem at this point. In this paper, we analyze the current status and the security of technologies and standards used in the system. We identify cryptographic algorithms with degraded security, international standards which are obsoleted or updated, and cryptographic parameters that should be revised for the high security level. And based on this, we make several suggestions on the reorganization of cryptographic algorithms and related technologies for the security enhancement of GPKI.

• Convergence Security Journal
• /
• v.24 no.2
• /
• pp.123-132
• /
• 2024

In the era of the Internet of Things, 7 billion diverse devices have been interconnected worldwide. Ensuring information security across these varied devices is crucial in this hyper-connected age. To achieve essential security functions such as confidentiality, integrity, and authentication, it is imperative to implement true random number generators (TRNGs). Therefore, this study proposes a method to rapidly characterize the randomness of TRNGs. While there are international standards for formally characterizing the randomness of TRNGs, adhering to these standards often requires significant time and resources. This study aims to help TRNG developers enhance efficiency in both time and cost by characterizing rough randomness and unpredictability. Firstly, we propose applying auto-correlation and cross-correlation metrics for analog signals. Secondly, we suggest adopting joint entropy and mutual information metrics for digital signals.

• Journal of Practical Engineering Education
• /
• v.16 no.4
• /
• pp.491-497
• /
• 2024

Over the past five years, the proportion of patients with arrhythmia heart disease among teenagers and those in their 20s has been increasing. Heart disease has consistently remained the second leading cause of death in Korea and as the number has increased, electrocardiogram testing for arrhythmia has become important. However, specialized electrocardiogram medical devices are economically burdensome and are difficult to store individually in hospitals due to their large size and difficulty in operation. Testing is conducted through visits. Therefore, it is essential to enable individuals to perform ECG self-examinations using an Arduino-based ECG sensor that is affordable and easy to use in daily life, so that arrhythmia can be identified through individual ECG measurement. In this study, data is measured using an electrocardiogram sensor (AD8232), and changes in bio signals are visually provided through real-time monitoring, allowing users to make intuitive decisions and at the same time understand test results. To safeguard sensitive personal information, we have developed a web service that provides individual heart disease and customized health guides that can protect personal information through web vulnerability security using session and user authentication and SSL.

• The KIPS Transactions:PartA
• /
• v.16A no.6
• /
• pp.453-462
• /
• 2009

Studies on software plagiarism detection, prevention and judgement have become widespread due to the growing of interest and importance for the protection and authentication of software intellectual property. Many previous studies focused on comparing all pairs of submitted codes by using attribute counting, token pattern, program parse tree, and similarity measuring algorithm. It is important to provide a clear-cut model for distinguishing plagiarism and collaboration. This paper proposes a source code clustering algorithm using a probability model on extreme value distribution. First, we propose an asymmetric distance measure pdist($P_a$, $P_b$) to measure the similarity of $P_a$ and $P_b$ Then, we construct the Plagiarism Direction Graph (PDG) for a given program set using pdist($P_a$, $P_b$) as edge weights. And, we transform the PDG into a Gumbel Distance Graph (GDG) model, since we found that the pdist($P_a$, $P_b$) score distribution is similar to a well-known Gumbel distribution. Second, we newly define pseudo-plagiarism which is a sort of virtual plagiarism forced by a very strong functional requirement in the specification. We conducted experiments with 18 groups of programs (more than 700 source codes) collected from the ICPC (International Collegiate Programming Contest) and KOI (Korean Olympiad for Informatics) programming contests. The experiments showed that most plagiarized codes could be detected with high sensitivity and that our algorithm successfully separated real plagiarism from pseudo plagiarism.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.51 no.6
• /
• pp.276-281
• /
• 2014

Necessities of a traffic means work a car in the modern society human to an usability of a life is enjoying. On the other hand, the damage by traffic accident increment the human quotient worked as we were in proportion to the vehicle which increased. Passing an examination moves necessarily on an obstacle to suddenly appear at the fronts if a car travels and the vehicles which stopped suddenly. Dynamic passing an examination about an obstacle turn on Vehicle Emergency Lamp to by hand when is unhurried, and can turn off, but to appear urgently dynamic passing an examination in time human is instinctive, but cannot inform an emergency to a back vehicle, and a rear-end collision occurs. A car we synthesize a speed of a vehicle, and this unit analyzes as we use GPS, and to drive runs Vehicle Emergency Lamp to automatic in the situations that shall turn on emergencies etc. If a speed of a vehicle continuously slows down in too high-speed driving or low-speed driving, or we are stopped, Vehicle Emergency Lamp is always turned on. It was built if we rise again as clearing itself from risk, and a speed of a vehicle judges, and we turn off Vehicle Emergency Lamp to automatic. It runs till rear-end collision sensor operates, and by hand reset does Vehicle Emergency Lamp a driving vehicle collides from behind to a back vehicle or when a driving vehicle was overthrown. It is shortened very much to the chain rear-end collision traffic accident that is a traffic accident of large size if we use this unit. And we did authentication through the experiment which a driver was helpful to unnecessary operation and a relaxed safe driving during drivings.

• Journal of Arbitration Studies
• /
• v.15 no.2
• /
• pp.225-261
• /
• 2005

Under Article IV of the United Nations Convention on the Recognition and Enforcement of Foreign Arbitral Awards (New York Convention), in order to obtain the recognition and enforcement of a foreign arbitral award, a party applying for recognition and enforcement of a foreign arbitral award shall supply (a) the duly authenticated original award or a duly certified copy thereof and (b) the original arbitration agreement or a duly certified copy thereof. In addition, if the arbitral award or arbitration agreement is not made in an official language of the country in which the award is relied upon, the party applying for recognition and enforcement of the award shall produce a translation of these documents into such language, and the translation shall be certified by an official or sworn translator or by a diplomatic or consular agent. In a case where a Vietnamese company which had obtained a favorable arbitral award in Vietnam applied for recognition and enforcement of a Vietnamese arbitral award before a Korean court, the recent Korean Supreme Court Judgment (Docket No. 2004 Da 20180. 'Judgment') rendered on December 12, 2004 has alleviated the document requirements as follows : The Judgment held that (i) the party applying for recognition andenforcement of a foreign arbitral award does not have to strictly comply with the document requirements when the other party does not dispute the existence and the content of the arbitral award and the arbitration agreement and that (ii) in case the translation submitted to the court does not satisfy the requirement of Article 4, the court does not have to dismiss the case on the ground that the party applying for recognition and enforcement of a foreign arbitral award has failed to comply with the translation requirement under Article 4, and instead may supplement the documents by obtaining an accurate Korean translation from an expert translator at the expense of the party applying for recognition and enforcement of the foreign arbitral award. In this regard, the author fully supports the view of the Judgment. Finally, the Judgment held that, even though the existence of a written arbitration agreement was not disputed at the arbitration, there was no written arbitration agreement between the plaintiff and the defendant and wenton to repeal the judgment of the second instance which admitted the existence of a written arbitration agreement between the parties. In this regard, the author does not share the view of the Judgment. The author believes that considering the trend of alleviating the formality requirement of arbitration agreements under Article 2 of the New York Convention, the Supreme Court could have concluded that there was a written arbitration agreement because the defendant participated in thearbitration proceedings in Vietnam without disputing the formality requirement of the arbitration agreement. Or the Supreme Court should have taken the view that the defendant was no longer permitted to dispute the formality requirement of the arbitration agreement because otherwise it would be clearly against the doctrine of estoppel.

• KIPS Transactions on Computer and Communication Systems
• /
• v.7 no.2
• /
• pp.49-58
• /
• 2018

A certificate is a means to certify users by conducting the identification of the users, the prevention of forgery and alteration, and non-repudiation. Most people use an accredited certificate when they perform a task using online banking, and it is often used for the purpose of proving one's identity in issuing various certificates and making electronic payments in addition to online banking. At this time, the issued certificate exists in a file form on the disk, and it is possible to use the certificate issued in an existing device in a new device only if one copies it from the existing device. However, most certificate duplication methods are a method of duplication, entering an 8-16 digit verification code. This is inconvenient because one should enter the verification code and has a weakness that it is vulnerable to security issues. To solve this weakness, this study proposes a method for enhancing security certificate duplication in a multi-channel using TCP and BLE. The proposed method: 1) shares data can be mutually authenticated, using BLE Advertising data; and 2) encrypts the certificate with a symmetric key algorithm and delivers it after the certification of the device through an ECC-based electronic signature algorithm. As a result of the implementation of the proposed method in a mobile environment, it could defend against sniffing attacks, the area of security vulnerabilities in the existing methods and it was proven that it could increase security strength about $10^{41}$ times in an attempt of decoding through the method of substitution of brute force attack existing method.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.11
• /
• pp.51-56
• /
• 2016

In this paper, we propose an Arduino-based plant monitoring system. The proposed system is based on the Arduino platform, using an environmental sensor and a pressure sensor for measuring temperature, humidity and illuminance in order to monitor the state of the environment and the facilities of the plant. Monitoring data are transmitted to a ZigBee coordinator connected to a server through a radio frequency transceiver. When using a pressure sensor and the environment sensor data stored on the host server, checking the pressure in the environment of the plant and equipment is intended to report any alarm status to the administrator. Using a grid line-based key distribution scheme, the authentication node dynamically generates a data key to protect the monitoring information. Applying a ZigBee wireless sensor network does not require additional wiring for the actual implementation of a plant monitoring system. Possible working-environment monitoring of an efficient plant can help analyze the cause of any failure by backtracking the working environment when a failure occurs. In addition, it is easy to expand or add a sensor function using the Arduino platform and an expansion board.