• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.10a
• /
• pp.343-345
• /
• 2017

With the development of IoT technology, terminals connected with IoT are being used. However, security incidents are occurring as IoT is applied to society as a whole. IoT security incidents can be linked to personal risk and social disruption. In this study, we extract the evidence of security breach in IoT device. Analyze IoT security breach environment and extract Hashing function to secure original integrity and integrity. Then, the Forensic evidence is extracted from the IoT security device to verify the integrity of the original and Forensic reports should be written and studied to be used as legal evidence.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.8
• /
• pp.4300-4314
• /
• 2019

With the development of video-related applications, media content has increased dramatically through applications. There is a substantial amount of near-duplicate videos (NDVs) among Internet videos, thus NDVR is important for eliminating near-duplicates from web video searches. This paper proposes a novel NDVR system that supports large-scale retrieval and contributes to the efficient and accurate retrieval performance. For this, we extracted keyframes from each video at regular intervals and then extracted both commonly used features (LBP and HSV) and new image features from each keyframe. A recent study introduced a new image feature that can provide more robust information than existing features even if there are geometric changes to and complex editing of images. We convert a vector set that consists of the extracted features to binary code through a set of hash functions so that the similarity comparison can be more efficient as similar videos are more likely to map into the same buckets. Lastly, we calculate similarity to search for NDVs; we examine the effectiveness of the NDVR system and compare this against previous NDVR systems using the public video collections CC_WEB_VIDEO. The proposed NDVR system's performance is very promising compared to previous NDVR systems.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.4
• /
• pp.1448-1463
• /
• 2021

With the continuous development of cloud storage, plenty of redundant data exists in cloud storage, especially multimedia data such as images and videos. Data deduplication is a data reduction technology that significantly reduces storage requirements and increases bandwidth efficiency. To ensure data security, users typically encrypt data before uploading it. However, there is a contradiction between data encryption and deduplication. Existing deduplication methods for regular files cannot be applied to image deduplication because images need to be detected based on visual content. In this paper, we propose a secure image deduplication scheme based on hashing and clustering, which combines a novel perceptual hash algorithm based on Local Binary Pattern. In this scheme, the hash value of the image is used as the fingerprint to perform deduplication, and the image is transmitted in an encrypted form. Images are clustered to reduce the time complexity of deduplication. The proposed scheme can ensure the security of images and improve deduplication accuracy. The comparison with other image deduplication schemes demonstrates that our scheme has somewhat better performance.

• International Journal of Computer Science & Network Security
• /
• v.23 no.9
• /
• pp.141-149
• /
• 2023

Repacked mobile apps constitute about 78% of all malware of Android, and it greatly affects the technical ecosystem of Android. Although many methods exist for repacked app detection, most of them suffer from performance issues. In this manuscript, a novel method using the Constant Key Point Selection and Limited Binary Pattern (CKPS: LBP) Feature extraction-based Hashing is proposed for the identification of repacked android applications through the visual similarity, which is a notable feature of repacked applications. The results from the experiment prove that the proposed method can effectively detect the apps that are similar visually even that are even under the double fold content manipulations. From the experimental analysis, it proved that the proposed CKPS: LBP method has a better efficiency of detecting 1354 similar applications from a repository of 95124 applications and also the computational time was 0.91 seconds within which a user could get the decision of whether the app repacked. The overall efficiency of the proposed algorithm is 41% greater than the average of other methods, and the time complexity is found to have been reduced by 31%. The collision probability of the Hashes was 41% better than the average value of the other state of the art methods.

• International Journal of Computer Science & Network Security
• /
• v.23 no.8
• /
• pp.49-62
• /
• 2023

There has been a rapid increase in the creation and alteration of new malware samples which is a huge financial risk for many organizations. There is a huge demand for improvement in classification and detection mechanisms available today, as some of the old strategies like classification using mac learning algorithms were proved to be useful but cannot perform well in the scalable auto feature extraction scenario. To overcome this there must be a mechanism to automatically analyze malware based on the automatic feature extraction process. For this purpose, the dynamic analysis of real malware executable files has been done to extract useful features like API call sequence and opcode sequence. The use of different hashing techniques has been analyzed to further generate images and convert them into image representable form which will allow us to use more advanced classification approaches to classify huge amounts of images using deep learning approaches. The use of deep learning algorithms like convolutional neural networks enables the classification of malware by converting it into images. These images when fed into the CNN after being converted into the grayscale image will perform comparatively well in case of dynamic changes in malware code as image samples will be changed by few pixels when classified based on a greyscale image. In this work, we used VGG-16 architecture of CNN for experimentation.

• The KIPS Transactions:PartC
• /
• v.14C no.3 s.113
• /
• pp.209-220
• /
• 2007

IPS(Intrusion Prevention Systems), which is installed in inline mode in a network, protects network from outside attacks by inspecting the incoming/outgoing packets and sessions, and dropping the packet or closing the sessions if an attack is detected in the packet. In the signature based filtering, the payload of a packet passing through IPS is matched with some attack patterns called signatures and dropped if matched. As the number of signatures increases, the time required for the pattern matching for a packet increases accordingly so that it becomes difficult to develop a high performance US working without packet delay. In this paper, we propose a high performance IPS based on signature hashing to make the pattern matching time independent of the number of signatures. We implemented the proposed scheme in a Linux kernel module in a PC and tested it using worm generator, packet generator and network performance measure instrument called smart bit. Experimental results show that the performance of existing method is degraded as the number of signatures increases whereas the performance of the proposed scheme is not degraded.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.6
• /
• pp.1325-1336
• /
• 2012

In the past about 10 different kinds of malicious code were found in one day on the average. However, the number of malicious codes that are found has rapidly increased reachingover 55,000 during the last 10 year. A large number of malicious codes, however, are not new kinds of malicious codes but most of them are new variants of the existing malicious codes as same functions are newly added into the existing malicious codes, or the existing malicious codes are modified to evade anti-virus detection. To deal with a lot of malicious codes including new malicious codes and variants of the existing malicious codes, we need to compare the malicious codes in the past and the similarity and classify the new malicious codes and the variants of the existing malicious codes. A former calculation method of the similarity on the existing malicious codes compare external factors of IPs, URLs, API, Strings, etc or source code levels. The former calculation method of the similarity takes time due to the number of malicious codes and comparable factors on the increase, and it leads to employing fuzzy hashing to reduce the amount of calculation. The existing fuzzy hashing, however, has some limitations, and it causes come problems to the former calculation of the similarity. Therefore, this research paper has suggested a new comparison method for malicious codes to improve performance of the calculation of the similarity using fuzzy hashing and also a classification method employing the new comparison method.

• Journal of the Korean Institute of Telematics and Electronics
• /
• v.15 no.6
• /
• pp.39-42
• /
• 1978

Orthorhombic yellow PbO thin films were prepared by evaporating PbO powder in vacuum and annealed in air. The evaporation was carried out by Hashing method. The energy gap, the type of electric conduction and the grain size of these films were 2.63eV, f type, and 670 nm respectively.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2001.11a
• /
• pp.503-507
• /
• 2001

최근 개발되고 있는 SAN 기반 리눅스 클러스터 파일 시스템들은 중앙에 파일 서버 없이 디스크를 공유하는 클라이언트들이 화이버 채널을 통하여 마치 파일 서버처럼 디스크에 자유롭게 접근할 수 있으므로, 유용성, 부하의 균형, 확장성 등에서 장점을 가진다. 본 논문에서는 ETRI에서 개발중인 SAN 기반 리눅스 클러스터 파일 시스템인 SANtopia를 위해 설계된 새로운 mode의 구조와 이 inode의 구조를 기반으로 확장 해싱(Extendible Hashing)을 이용한 새로운 디렉토리 구조의 설계에 대하여 기술하고,성능 평가를 통하여 제안된 방법의 우수성을 보인다.

• Proceedings of the Korean Operations and Management Science Society Conference
• /
• 1995.04a
• /
• pp.646-655
• /
• 1995

본 연구에서는 기저역행렬의 계산방법에 따른 효율적인 자료구조를 실험적으로 검토하고, 입력자료방식과 효율화 방법을 제안하여 구현하였다. 기저역행렬의 계산방법에 따른 효율적인 자료구조는 명시형에서는 연결리스트 방식이 유리하였으며, 상하분해형에서는 연결 리스트 방법과 Gustavson 방법이 비슷한 효율을 보였다. 새로운 비영요소의 도입이 많은 경우일수록 연결 리스트가 효율적인 자료구조인 것으로 분석된다. 그리고 MPS자료의 입력방식과 효율화 방안에서는 각 열별로 행 정렬을 실시하고 해싱(hashing)함수를 도입하여 효율화를 기하였다.