• Journal of Broadcast Engineering
• /
• v.14 no.4
• /
• pp.463-474
• /
• 2009

By employing the subscriber concept in broadcasting services, IPTV (Internet Protocol Television) operators provide various grades of services to subscribers based on the billing level of the subscribers. With the income from subscribers for a basis, IPTV operators plan to provide high quality services. Since Web browser-based IPTV provides T-commerce and E-commerce services as well as television services, users may frequently visit other service domains to buy goods or content. To provide the user with charged or private services, these service domains request authentication of user. The existing authentication system is not appropriate for the IPTV service environment because the environment unavoidably forces the user to cross from one authentication-based service domain to another. Single sign-on provides a user with transparent authentication services by enabling an authenticated user to move between authentication-based service domains without any re-authentication. Like this distributed environment, since the IPTV service environment also provides a variety of authentication-based services, transparent authentication service needs to be provided to subscribers who want to access charged or private services. In this paper, we propose a new user authentication scheme for the IPTV environment. This scheme integrates the Security Assertion Markup Language (SAML), which is a standard for XML-based single sign on. We validate this scheme using a simple use case scenario.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.15 no.12
• /
• pp.7292-7301
• /
• 2014

With the development of IT Info-Communications technology, the vehicle with a combination of wireless-communication technology has resulted in significant research into the convergence of the component of existing traffic with information, electronics and communication technology. Intelligent Vehicle Communication is a Machine-to-Machine (M2M) concept of the Vehicle-to-Vehicle. The Vehicle-to-Infrastructure communication consists of safety and the ease of transportation. Security technologies must precede the effective Intelligent Vehicle Communication Structure, unlike the existing internet environment, where high-speed vehicle communication is with the security threats of a wireless communication environment and can receive unusual vehicle messages. In this paper, the Vehicle Identification number between the V2I and the secure message communication protocol was proposed using hash functions and a time stamp, and the validity of the vehicle was assessed. The proposed system was the performance evaluation section compared to the conventional technique at a rate VPKI aspect showed an approximate 44% reduction. The safety, including authentication, confidentiality, and privacy threats, were analyzed.

• Journal of the Korea Convergence Society
• /
• v.10 no.1
• /
• pp.103-113
• /
• 2019

License plate recognition camera is dedicated device designed for acquiring images of the target vehicle for recognizing letters and numbers in a license plate. Mostly, it is used as a part of the system combined with server and image analysis module rather than as a single use. However, building a system for vehicle license plate recognition is costly because it is required to construct a facility with a server providing the management and analysis of the captured images and an image analysis module providing the extraction of numbers and characters and recognition of the vehicle's plate. In this study, we would like to develop an embedded type convergent camera (Edge Base) which can expand the function of the camera to not only the license plate recognition but also the security CCTV function together and to perform two functions within the camera. This embedded type convergence camera equipped with a high resolution 4K IP camera for clear image acquisition and fast data transmission extracted license plate area by applying YOLO, a deep learning software for multi object recognition based on open source neural network algorithm and detected number and characters of the plate and verified the detection accuracy and recognition accuracy and confirmed that this camera can perform CCTV security function and vehicle number plate recognition function successfully.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.4
• /
• pp.63-70
• /
• 2015

The numerous improved schemes of user authentication based on password have been proposed in order to prevent the data access from the unauthorized person. The importance of user authentication has been remarkably growing in the expanding application areas of wireless sensor networks. Recently, emerging wireless sensor networks possesses a hierarchy among the nodes which are divided into cluster heads and sensor nodes. Such hierarchical wireless sensor networks have more operational advantages by reducing the energy consumption and traffic load. In 2012, Das et al. proposed a user authentication scheme to be applicable for the hierarchical wireless sensor networks. Das et al. claimed that their scheme is effectively secure against the various security flaws. In this paper, author will prove that Das et al.'s scheme is still vulnerable to man-in-the-middle attack, password guessing/change attack and does not support mutual authentication between the user and the cluster heads.

• Journal of KIISE:Computer Systems and Theory
• /
• v.30 no.3_4
• /
• pp.149-159
• /
• 2003

The need for information security increases interests on cipher algorithms recently. Especially, a large volume of data transmission over high-band communication network requires faster encryption and decryption techniques for real-time processing. It would be a good solution for this problem that we implement the cipher algorithm in forms of hardware circuits. Though some previous researches use this approach, they focus only on repeatedly executing the core part of the algorithm to minimize the hardware chip size, while most cipher algorithms are inherently parallel. In this paper, we propose a new design for the SEED block cipher algorithm developed by KISA (Korea Information Security Agency) in 1998 as Korean standard cipher algorithm. It exploits the parallelism of the algorithm basically and implements it in a pipelined fashion. We described the design in VHDL program and performed functional simulations on the program, and then found that it worked correctly. In addition, we synthesized it and verified that it could be implemented in a single FPGA chip, implying that the new design can be Practically used for the actual hardware implementation of a high-speed and high-performance cipher system.

• Journal of the Korea Convergence Society
• /
• v.6 no.4
• /
• pp.225-234
• /
• 2015

With the growing number of people that use web services, the perception of the importance of securing web applications is also increasing. There are many different types of attacks that target web applications. In the rapidly-changing knowledge and information society, which came into being with the advancements made in information and communication technology, there is currently an urgent need for building web sites for the purposes of developing one's creativity and character. In this paper, attack schemes that use SQL injections and XSS and target educational digital curation systems which provide educational contents with the aim of developing of one's creativity and character are analyze, in terms of how the attacks are carried out and their vulnerabilities. Furthermore, it suggests ways of dealing appropriately with these web-based attacks that use SQL injections and XSS.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.4
• /
• pp.767-780
• /
• 2015

In recent years, as smart phone penetration rate is growing explosively, new forms of cyber crime data is poured out beyond the limits of management system for cyber crime investigation. These new forms of data are collected and stored in police station but, some of data are not systematically managed. As a result, investigators sometimes miss the hidden data which can be critical for a case. Crime data is usually generated by computer which produces complex and huge data and records many logs automatically, so it is necessary to simplify a collected data and cluster by crime pattern. In this paper, we categorize all kinds of cyber crime and simplify crime database and extract critical clues relative to other cases. Through data mining and network-visualization, we found there is correlation between clues of a case. From this result, we conclude cyber crime data mining helps crime prevention, early blocking and increasing the efficiency of the investigation.

• The Journal of the Korea Contents Association
• /
• v.17 no.3
• /
• pp.231-237
• /
• 2017

Threat intelligences collected from cyber incident sharing system and security events collected from Security Information & Event Management system are analyzed and coped with expanding malicious code rapidly with the advent of big data. Analytical classification of the threat intelligence in cyber incidents requires various features of cyber observable. Therefore it is necessary to improve classification accuracy of the similarity by using multi-profile which is classified as the same features of cyber observables. We propose a multi-profile ensemble model performed similarity analysis on cyber incident of threat intelligence based on both attack types and cyber observables that can enhance the accuracy of the classification. We see a potential improvement of the cyber incident analysis system, which enhance the accuracy of the classification. Implementation of our suggested technique in a computer network offers the ability to classify and detect similar cyber incident of those not detected by other mechanisms.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.18 no.5
• /
• pp.9-15
• /
• 2018

With the advent of the 5G communication era recently, advancement of the convergence technologies related to IoT has been progressed rapidly. IoT convergence technologies using various sensors are actively applied many fields in our lives, and it contributes to the popularization of these convergence technologies among many people successfully. The security problem of the IoT which connects many things on the network is critically vulnerable and is one of the most important challenge to be solved urgently. In this paper, we design an intrusion detection and self-treatment system for IoT, which can detect external attacks and anomalies in order to solve the security problems in IoT, perform self-treatment by operating the vaccine program according to the intrusion type whenever it detects certain intrusion. Furthermore, we consider the broadcasting of intrusion alarm message according to the frequency of similar circumstances in order to block intrusion contagious in IoT.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.5
• /
• pp.27-32
• /
• 2016

In general, IoT(Internet of things) designate the intelligence technologies and services which interact all necessity information between human and things, things and thing and things and systems with all things connecting through the internet based. The smart home in present of IoT environment fuses the daily supplies/equipment which needs to use for the private life with the internet of things that is the fruit of the converged business through all most private consumption related in vastly. The concept of smart home has been built around early 2000s due to the spread of high speed internet and advanced of smart electronics and internet, furthermore influencing by the enhancement of wireless network and smart devices, it is advanced as a smart home within the internet of things environment. Smart home service inside the house which most closely implemented with personal life is being developed and advanced in various forms. These developments may exert a positive effect, but if it does not resolve the security issues for the smart home service, then it may cause a big plague of privacy and personal life.