• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.11 no.8
• /
• pp.1456-1464
• /
• 2007

The research of skin-tone detection has been conducting continuously to enlarge the importance in security, surveillance and administration of the information and 'Password Control System' for using face and skin recognition in airports, harbors and general companies. As well as tile rapid diffusion of the application range in image communications and an electron transaction using wide range of communication network, the importance of the accurate detection of skin color has been augmenting recently. In this paper, it will set up the boundaries of skin colors using the information of Cb and Cr in YCbCr color model of human skin color which is from hundreds compiled portrait images for each race, and suggest a efficient yet simple structure about the skin detection which has been followed by whether the comprehension of the boundaries of skin or not with adaptive skin-range set. With the possibility of the 1D Processes which does not use any memory, it is able to be applied to relatively small-sized hardware and system such as mobile apparatuses. To add the selective mode, it is not only available the improvement of tie skin detection, but also showing the correspondent results about previous face recognition technologies using complicated algorithm.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.6
• /
• pp.1475-1487
• /
• 2018

To verify remitter's identity when the remitter transfers money to a recipient using an electronic financial service provided by the financial institution, the remitter inputs the information; such as the withdrawal account number, the withdrawal amount, the password pre-registered with the financial company, or the information from authenticating medium that is previously distributed by the financial institution. However, the 1-Way transaction between the financial institution and the remitter is exposed to a great risk of accidents such as an anomaly remittance or a voice phishing fraud. Therefore, in this study, we propose a 2-WAY trade verification model for electronic financial transaction that can be mutually agreed by allowing the recipient to share the transaction information with the remitter and the financial company. We have improved the traditional electronic financial transaction's method by replacing it to 2-WAY trade method, and it is used for various purposes; such as preventing an error within the remittance or voice phishing fraud, enhancing loan transaction and contract transaction, etc. Through these variety of applications, we are expecting to reduce the inconveniences while improving the convenience of financial transaction and vitalizing the P2P transaction of financial institution.

• Smart Media Journal
• /
• v.8 no.3
• /
• pp.23-30
• /
• 2019

With the popularization of the Internet and smartphone uses, people in the modern era are living in a multi-channel environment in which they access the information system freely through various methods and media. In the process of utilizing such services, users must authenticate themselves, the typical of which is ID & password authentication. It is considered the most convenient method as it can be authenticated only through the keyboard after remembering its own credentials. On the other hand, modern web services only allow passwords to be set with high complexity by different combinations. Passwords consisting of these complex strings also increase proportionally, since the more services users want to use, the more user authentication information they need to remember is recommended periodically to prevent personal information leakage. It is difficult for the blind, the disabled, or the elderly to remember the authentication information of users with such high entropy values and to use it through keyboard input. Therefore, this paper proposes a user authentication method using Google Assistant, MFCC and DTW algorithms and speaker authentication to provide the handicapped users with an easy user authentication method in the login process.

• Journal of Practical Engineering Education
• /
• v.10 no.1
• /
• pp.1-7
• /
• 2018

The dual security system that manages user's account information and uses NFC and OTP has been proposed. It also enhances the security of the user authentication phase by using the features that recognize within the range of less than 1m of NFC and the high security of NFC itself. During the graduation work design process which was carried out for one year and six months in a group of two in the electronics engineering major of the four-year undergraduate system was conducted. In the interim results, we participated in the conferences and thesis contest at the Institute of related to major for three times. Finally passed the examination process for three times judged by 6 professors in the major. The results were published in a graduation thesis together with other people who passed and composed in thesis form. Through the experience gained through these stages of design and production, it has gained the confidence to gain employment opportunities and actively pursue the growth stage, and presented a methodology to practice engineering education through employment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.1
• /
• pp.135-141
• /
• 2011

Recent advances in mobile devices and development of various mobile applications dealing with private information of users made user authentication in mobile devices a very important issue. This paper presents a new user authentication method based on touch screen interfaces. This method uses for authentication the PIN digits as well as the exact locations the user touches to input these digits. Our method is fully compatible with the regular PIN entry method which uses numeric keypads, and it provides better usability than the behavioral biometric schemes because its PIN registration process is much simpler. According to our experiments, our method guarantees EERs of 12.8%, 8.3%, and 9.3% for 4-digit PINs, 6-digit PINs, and 11-digit cell phone numbers, respectively, under the extremely conservative assumption that all users have the same PIN digits and cell phone numbers. Thus we can guarantee much higher performance in identification functionality by applying this result to a more practical situation where every user uses distinct PIN and sell phone number. Finally, our method is far more secure than the regular PIN entry method, which is verified by our experiments where attackers are required to recover a PIN after observing the PIN entry processes of the regular PIN and our method under the same level of security parameters.

• Journal of Software Assessment and Valuation
• /
• v.15 no.2
• /
• pp.111-119
• /
• 2019

The existing smart grid device authentication system is concentrated on DCU, meter reading FEP and MDMS, and the authentication system for smart meters is not established. Although some cryptographic chips have been developed at present, it is difficult to complete the PKI authentication scheme because it is at the low level of simple encryption. Unlike existing power grids, smart grids are based on open two-way communication, increasing the risk of accidents as information security vulnerabilities increase. However, PKI is difficult to apply to smart meters, and there is a possibility of accidents such as system shutdown by sending manipulated packets and sending false information to the operating system. Issuing an existing PKI certificate to smart meters with high hardware constraints makes authentication and certificate renewal difficult, so an ultra-lightweight password authentication protocol that can operate even on the poor performance of smart meters (such as non-IP networks, processors, memory, and storage space) was designed and implemented. As a result of the experiment, lightweight cryptographic authentication protocol was able to be executed quickly in the Cortex-M3 environment, and it is expected that it will help to prepare a more secure authentication system in the smart grid industry.

• Journal of Industrial Convergence
• /
• v.21 no.12
• /
• pp.55-62
• /
• 2023

Recent ransomware attacks employ various techniques and pathways, posing significant challenges in early detection and defense. Consequently, the scale of damage is continually growing. This paper introduces a machine learning-based approach for effective ransomware detection by focusing on file encryption and encryption patterns, which are pivotal functionalities utilized by ransomware. Ransomware is identified by analyzing password behavior and encryption patterns, making it possible to detect specific ransomware variants and new types of ransomware, thereby mitigating ransomware attacks effectively. The proposed machine learning-based encryption behavior detection technique extracts encryption and encryption pattern characteristics and trains them using a machine learning classifier. The final outcome is an ensemble of results from two classifiers. The classifier plays a key role in determining the presence or absence of ransomware, leading to enhanced accuracy. The proposed technique is implemented using the numpy, pandas, and Python's Scikit-Learn library. Evaluation indicators reveal an average accuracy of 94%, precision of 95%, recall rate of 93%, and an F1 score of 95%. These performance results validate the feasibility of ransomware detection through encryption behavior analysis, and further research is encouraged to enhance the technique for proactive ransomware detection.

• Smart Media Journal
• /
• v.12 no.11
• /
• pp.27-35
• /
• 2023

Fourth Industrial Revolution and COVID-19 pandemic have boosted the use of Government 24 app for public service complaints in the era of non-face-to-face interactions. there has been a growing influx of complaints and improvement demands from users of public apps. Furthermore, systematic management of public apps is deemed necessary. The aim of this study is to analyze the grievances of Government 24 app users, understand the current dissatisfaction among citizens, and propose potential improvements. Data were collected from the Google Play Store from May 2, 2013, to June 30, 2023, comprising a total of 6,344 records. Among these, 1,199 records with a rating of 1 and at least one 'thumbs-up' were used for topic modeling analysis. The analysis revealed seven topics: 'Issues with certificate issuance,' 'Website functionality and UI problems,' 'User ID-related issues,' 'Update problems,' 'Government employee app management issues,' 'Budget wastage concerns ((It's not worth even a single star) or (It's a waste of taxpayers' money)),' and 'Password-related problems.' Furthermore, the overall trend of these topics showed an increase until 2021, a slight decrease in 2022, but a resurgence in 2023, underscoring the urgency of updates and management. We hope that the results of this study will contribute to the development and management of public apps that satisfy citizens in the future.

• Korean Security Journal
• /
• no.21
• /
• pp.155-175
• /
• 2009

RFID that provide automatic identification by reading a tag attached to material through radio frequency without direct touch has some specification, such as rapid identification, long distance identification and penetration, so it is being used for distribution, transportation and safety by using the frequency of 125KHz, 134KHz, 13.56MHz, 433.92MHz, 900MHz, and 2.45GHz. Also it is one of main part of Ubiquitous that means connecting to net-work any time and any place they want. RFID is expected to be new growth industry worldwide, so Korean government think it as prospective field and promote research project and exhibition business program to linked with industry effectively. RFID could be used for access control of person and vehicle according to section and for personal certify with password. RFID can provide more confident security than magnetic card, so it could be used to prevent forgery of register card, passport and the others. Active RFID could be used for protecting operation service using it's long distance date transmission by application with positioning system. And RFID's identification and tracking function can provide effective visitor management through visitor's register, personal identification, position check and can control visitor's movement in the secure area without their approval. Also RFID can make possible of the efficient management and prevention of loss of carrying equipments and others. RFID could be applied to copying machine to manager and control it's user, copying quantity and It could provide some function such as observation of copy content, access control of user. RFID tag adhered to small storage device prevent carrying out of item using the position tracking function and control carrying-in and carrying-out of material efficiently. magnetic card and smart card have been doing good job in identification and control of person, but RFID can do above functions. RFID is very useful device but we should consider the prevention of privacy during its application.