• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.43 no.5 s.311
• /
• pp.68-75
• /
• 2006

Multimedia fingerprinting protects multimedia content from illegal redistribution by uniquely marking every copy of the content distributed to each user. Differ from a symmetric/asymmetric scheme, fingerprinting schemes, only regular user can know the inserted fingerprint data and the scheme guarantee an anonymous before recontributed data. In this paper, we present a scheme which is the algorithm using LDPC(Low Density Parity Check) for detection of colluded multimedia fingerprint and correcting errors. This proposed scheme is consists of the LDPC block, Hopfield Network and the algorithm of anti-collusion code generation. Anti-collusion code based on BIBD(Balanced Incomplete Block Design) was made 100% collusion code detection rate about the linear collusion attack(average, AND and OR) and LD% block for the error bits correction confirmed that can correct error until AWGN 0dB.

• Journal of Information Processing Systems
• /
• v.8 no.2
• /
• pp.347-358
• /
• 2012

Recently, security researches have been processed on the method to cover a broader range of hacking attacks at the low level in the perspective of hardware. This system security applies not only to individuals' computer systems but also to cloud environments. "Cloud" concerns operations on the web. Therefore it is exposed to a lot of risks and the security of its spaces where data is stored is vulnerable. Accordingly, in order to reduce threat factors to security, the TCG proposed a highly reliable platform based on a semiconductor-chip, the TPM. However, there have been no technologies up to date that enables a real-time visual monitoring of the security status of a PC that is operated based on the TPM. And the TPB has provided the function in a visual method to monitor system status and resources only for the system behavior of a single host. Therefore, this paper will propose a m-TMS (Mobile Trusted Monitoring System) that monitors the trusted state of a computing environment in which a TPM chip-based TPB is mounted and the current status of its system resources in a mobile device environment resulting from the development of network service technology. The m-TMS is provided to users so that system resources of CPU, RAM, and process, which are the monitoring objects in a computer system, may be monitored. Moreover, converting and detouring single entities like a PC or target addresses, which are attack pattern methods that pose a threat to the computer system security, are combined. The branch instruction trace function is monitored using a BiT Profiling tool through which processes attacked or those suspected of being attacked may be traced, thereby enabling users to actively respond.

• KIPS Transactions on Computer and Communication Systems
• /
• v.3 no.3
• /
• pp.87-96
• /
• 2014

Hackers try to achieve their purpose in a variety of ways, such as operating own website and hacking a website. Hackers seize a large amount of private information after they have made a zombie PC by using malicious code to upload the website and it would be used another hacking. Almost detection technique is the use Snort rule. When unknown code and the patterns in IDS/IPS devices are matching on network, it detects unknown code as malicious code. However, if unknown code is not matching, unknown code would be normal and it would attack system. Hackers try to find patterns and make shellcode to avoid patterns. So, new method is needed to detect that kinds of shellcode. In this paper, we proposed a noble method to detect the shellcode by using Shannon's information entropy.

• Convergence Security Journal
• /
• v.8 no.2
• /
• pp.63-70
• /
• 2008

In order not to make the malwares be easily analyzed, the hackers apply various anti-reversing and obfuscation techniques to the malwares. However, as the more anti-revering techniques are applied to the malwares the more abnormal characteristics in the PE file's header which are not shown in the normal PE file, could be observed. In this letter, a new malware detection technique is proposed based on this observation. For the malware detection, we define the Characteristics Vector(CV) which can represent the characteristics of a PE file's header. In the learning phase, we calculate the average CV(ACV) of malwares(ACVM) and normal files(ACVN). To detect the malwares we calculate the 2 Weighted Euclidean Distances(WEDs) from a file's CV to ACVs and they are used to decide whether the file is a malware or not. The proposed technique is very fast and detection rate is fairly high, so it could be applied to the network based attack detection and prevention devices. Moreover, this technique is could be used to detect the unknown malwares because it does not utilize a signature but the malware's characteristics.

• Journal of Digital Convergence
• /
• v.13 no.5
• /
• pp.205-211
• /
• 2015

Recently, a mobile communication network and the wireless terminal is suddenly develop, mobile office service is more and more the sportlight. However, the user may receive an attack from a malicious third party if the up/download the data in the remote to perform the work in a mobile office environment. In this paper, we propose scheme to manage the information lost due to theft smartphone that contain spill prevention personal information and company information from the mobile office environment (call history, incoming messages, phonebook, calendar, location information, banking information, documents, etc.). The proposed scheme using the number of triangular fuzzy information about the state of the personal information and business intelligence to implement a pair-wise comparison matrix. In particular, the proposed scheme is to prevent the value obtained by constructing a pair-wise comparison matrix for personal information and business intelligence and pair your smartphone is lost when a third party not allow access to personal information and corporate information is leaked to the outside.

• Journal of the Korea Society for Simulation
• /
• v.20 no.4
• /
• pp.21-29
• /
• 2011

Wireless sensor nodes operate in open environments. The deployed sensor nodes are very vulnerable to physical attacks from outside. Attackers compromise some sensor nodes. The compromised nodes by attackers can lead to false data injection into sensor networks. These attacks deplete the limited energy of sensor nodes. Ye et al. proposed the Statistical En-Route Filtering (SEF) as a countermeasure of the attacks. The sensor node in SEF examines the event reports based on certain uniform probability. Thus, the same energies are consumed in both legitimate reports and false reports. In this paper, we propose a method that each node controls the probability of attempts to verify a report to reduce energy consumption of sensor nodes. The probability is determined in consideration of the remaining energy of the node, the number of hops from the node to SINK node, the ratio of false reports. the proposed method can have security which is similar with SEF and consumes lower energy than SEF.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.277-280
• /
• 2011

VoIP is a technology of voice communication, using the existing internet network which sends and receives voice packets. VoIP has an advantage that VoIP is cheaper than an existing telephony, and the tech is vitalized lately. But recently you can download Volp Application in the Market that have a vulnerability(Anyone Can Upload). This weakness is wrongfully used that People are downloaded by encouraging about malignant code is planted. Signal intercepts indicates from this case. and paralysis by DDoS Attack, bypass are charged for hacking. Judging from, security threat of VolP analysis and take countermeasures. In the thesis we analyze the VoIP security caused on 'Soft Phone' and 'Smart Phone', and figure out security policies and delineate those policies on the paper.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.2
• /
• pp.394-402
• /
• 2010

At a recent, enterprises based on online-service are established because of rapid growth of information network. These enterprises collect personal information and do customer management. If customers use a paid service, company send billing information to customer and customer pay it. Such circulation and management of information is big issue but most companies don't care of information security. Actually, personal information that was managed by largest internal open-market was exposed. For safe customer information management, this paper proposes the method that decrease load of RSA cryptography algorithm that is commonly used for preventing from illegal attack or hacking. The method for decreasing load was designed by Binary NAF Method and it can operates modular Exponentiation rapidly. We implemented modular Exponentiation algorithm using existing Binary Method and Windows Method and compared and evaluated it.

• Journal of KIISE:Computer Systems and Theory
• /
• v.32 no.7
• /
• pp.333-340
• /
• 2005

One of the most important core technologies required for the design of the ITS (Intrusion Tolerance System) that performs continuously minimal essential services even when the network-based computer system is partially compromised because of the external or internal intrusions is the quantitative dependability analysis of the ITS. In this paper, we applied self-healing mechanism, the core technology of autonomic computing to secure the protection power of the ITS. We analyzed a state transition diagram of the ITS composed of a Primary server and a backup server utilizing two factors of self-healing mechanism (fault model and system response) and calculated the availability of ITS through simulation experiments and also performed studies on two cases of vulnerability attack.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.8 no.6
• /
• pp.1519-1523
• /
• 2007

In this paper, we propose the fast and secure binding update protocol as handoff or handover in the micro and pico environment based on mobile IPv6. The nodes or routers on participating in this protocol generate their addresses from cryptographically generated addresses (CGAs) method unlike previous address generation method. The mobile node (MN) includes in home network or home link has limited power and computational abilities. So the home agent (HA) of the MN executes key agreement protocol with the correspondent node (CN) on behalf of the MN. The CN then creates a ticket on including session key, lifetime of ticket. and so on. It then transmits it to the MN via the HA of the MN. The ticket is used to communicate directly between the MN and its CN. In performance analysis, we analyze security of proposed binding update protocol under various attack scenarios and efficiency by comparing proposed protocol with prior binding update protocols. Finally we make a conclusion of this paper and present future works.