• Journal of KIISE:Computer Systems and Theory
• /
• v.36 no.5
• /
• pp.396-403
• /
• 2009

An anonymous asymmetric fingerprinting protocol combined with watermarking techniques, is one of the copyright protection technologies keeping both right of a seller and that of a buyer, where a seller and an anonymous buyer perform such a protocol that employs various cryptographic tools in order that the seller does not know the exact watermarked copy that the buyer receives, while inserting an invisible non-removable fingerprint i.e., each different unique watermark, into each copy of the digital content to be sold. In such a protocol innocent buyers are kept anonymous during transactions, however, the unlawful reseller is unambiguously identified with a real identity as a copyright violator. In 2007, Yong and Lee proposed an anonymous asymmetric fingerprinting scheme with trusted third party. In this paper we point out the weakness of their scheme such as: the buyer with intention can remove the fingerprint in the watermarked content, because he/she can decrypt the encrypted fingerprint with a symmetric key using man-in-the-middle-attack; a real identity of a buyer can be revealed to the seller through the identification process even though he/she is honest. Furthermore, we propose an improved secure and efficient anonymous asymmetric fingerprinting scheme which enables to reduce the number of communication between the participants.

• Korean Journal of Optics and Photonics
• /
• v.16 no.4
• /
• pp.326-333
• /
• 2005

Phase-only encryption scheme using exclusive-OR rules in Fourier plane and a single path decryption system are presented. A zero-padded original image, multiplied by a random phase image, is Fourier transformed and its real-valued data is encrypted with key data by using XOR rules. A decryption is simply performed based on 2-1 setup with spatial filter by Fourier transform for multiplying phase-only encrypted data by phase-only key data, which are obtained by phase-encoding process, and spatial filtering for zero-order elimination in inverse-Fourier plane. Since the encryption process is peformed in Fourier plane, proposed encryption scheme is more tolerant to loss of key information by scratching or cutting than previous XOR encryption method in space domain. Compare with previous phase-visualization systems, due to the simple architecture without a reference wave, our system is basically robust to mechanical vibrations and fluctuations. Numerical simulations have confirmed the proposed technique as high-level encryption and simple decryption architecture.

• KIPS Transactions on Computer and Communication Systems
• /
• v.9 no.5
• /
• pp.101-106
• /
• 2020

Since computer became available, much effort has been made to achieve information security. Even though memory protection defense mechanisms were studied the most among of them, the problems of existing memory protection defense mechanisms were found due to improved performance of computer and new defense mechanisms were needed due to the advent of the side-channel attacks. In this paper, we propose JMP+RAND that embedding random values of 5 to 8 bytes per page to defend against memory sharing based side-channel attacks and bridging the gap of existing memory protection defense mechanism. Unlike the defense mechanism of the existing side-channel attacks, JMP+RAND uses static binary rewriting and continuous jmp instruction and random values to defend against the side-channel attacks in advance. We numerically calculated the time it takes for a memory sharing-based side-channel attack to binary adopted JMP+RAND technique and verified that the attacks are impossible in a realistic time. Modern architectures have very low overhead for JMP+RAND because of the very fast and accurate branching of jmp instruction using branch prediction. Since random value can be embedded only in specific programs using JMP+RAND, it is expected to be highly efficient when used with memory deduplication technique, especially in a cloud computing environment.

• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.12
• /
• pp.471-480
• /
• 2016

Recently, the damage of cyber attack toward infra-system, national defence and security system is gradually increasing. In this situation, military recognizes the importance of cyber warfare, and they establish a cyber system in preparation, regardless of the existence of threaten. Thus, the study of Intrusion Detection System(IDS) that plays an important role in network defence system is required. IDS is divided into misuse and anomaly detection methods. Recent studies attempt to combine those two methods to maximize advantagesand to minimize disadvantages both of misuse and anomaly. The combination is called Hybrid IDS. Previous studies would not be inappropriate for near real-time network environments because they have computational complexity problems. It leads to the need of the study considering the structure of IDS that have high detection rate and low computational cost. In this paper, we proposed a Hybrid IDS which combines C4.5 decision tree(misuse detection method) and Weighted K-means algorithm (anomaly detection method) hierarchically. It can detect malicious network packets effectively with low complexity by applying mutual information and genetic algorithm based efficient feature selection technique. Also we construct upgraded the the hierarchical structure of IDS reusing feature weights in anomaly detection section. It is validated that proposed Hybrid IDS ensures high detection accuracy (98.68%) and performance at experiment section.

• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.4
• /
• pp.95-102
• /
• 2016

Computer security incident such as confidential information leak and data destruction are constantly growing and it becomes threat to information in digital devices. To respond against the incident, digital forensic techniques are also developing to help digital incident investigation. With the development of digital forensic technology, a variety of forensic artifact has been developed to trace the behavior of users. Also, a diversity of forensic tool has been developed to extract information from forensic artifact. However, there is a issue that information from forensic tools has its own forms. To solve this problem, it needs to process data when it is output from forensic tools. Then it needs to compare and analyze processed data to identify how data is related each other and interpret the implications. To reach this, it calls for effective method to store and output data in the course of data processing. This paper aims to propose DFIOC (Digital Forensic Indicators Of Compromise) that is capable of transcribing a variety of forensic artifact information effectively during incident analysis and response. DFIOC, which is XML based format, provides "Evidence" to represent various forensic artifacts in the incident investigation. Furthermore, It provides "Forensic Analysis" to report forensic analysis result and also gives "Indicator" to investigate the trace of incidence quickly. By logging data into one sheet in DFIOC format for forensic analysis process, it is capable of avoiding unnecessary data processing. Lastly, since collected information is recorded in a normalized format, data input and output becomes much easier as well as it will be convenient to use for identification of collected information and analysis of data relationship.

• Journal of the Korea Convergence Society
• /
• v.12 no.5
• /
• pp.373-383
• /
• 2021

Our society is aging rapidly. In this super-aged society, the increase in healthcare costs are considered a national problem that undermines the sustainability of social security. Various services for healthcare for the elderly have been promoted to address this. However, most of them have focused on healthcare after the outbreak of chronic diseases and lack preventive healthcare. Most of the preventive healthcare projects are only pilots. In this paper, the current status of health care services for senior citizens at home and abroad was analyzed and based on this, the limitations and improvements were analyzed to propose the establishment of IoT-based Total Silver Care Center. IoT-based Total Silver Care Center may be conveniently monitored the health status of the elderly through various sensors, medical devices, and smart bands. And based on this, it can improve the quality of nursing services through time-saving and work efficiency of nursing providers. In addition, health care interventions may be provided in a timely manner if there is a change in the health status of users. And real-time imaging systems can help overcome mental difficulties.

• KIPS Transactions on Computer and Communication Systems
• /
• v.10 no.4
• /
• pp.117-122
• /
• 2021

In recent years, human damage and loss of money due to various disasters such as typhoons, earthquakes, forest fires, landslides, and wars are steadily occurring, and a lot of manpower and funds are required to prevent and recover them. In this paper, we designed and developed a disaster drone system based on artificial intelligence in order to monitor these various disaster situations in advance and to quickly recognize and respond to disaster occurrence. In this study, multiple disaster drones are used in areas where it is difficult for humans to monitor, and each drone performs an efficient search with an optimal path by applying a deep learning-based optimal path algorithm. In addition, in order to solve the problem of insufficient battery capacity, which is a fundamental problem of drones, the optimal route of each drone is determined using Ant Colony Optimization (ACO) technology. In order to implement the proposed system, it was applied to a forest fire situation among various disaster situations, and a forest fire map was created based on the transmitted data, and a forest fire map was visually shown to the fire fighters dispatched by a drone equipped with a beam projector. In the proposed system, multiple drones can detect a disaster situation in a short time by simultaneously performing optimal path search and object recognition. Based on this research, it can be used to build disaster drone infrastructure, search for victims (sea, mountain, jungle), self-extinguishing fire using drones, and security drones.

• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.1
• /
• pp.23-34
• /
• 2022

With the development of network technology, the application area has also been diversified, and protocols for various purposes have been developed and the amount of traffic has exploded. Therefore, it is difficult for the network administrator to meet the stability and security standards of the network with the existing traditional switching and routing methods. Software Defined Networking (SDN) is a new networking paradigm proposed to solve this problem. SDN enables efficient network management by programming network operations. This has the advantage that network administrators can flexibly respond to various types of attacks. In this paper, we design a threat level management module, an attack detection module, a packet statistics module, and a flow rule generator that collects attack information through the controller and switch, which are components of SDN, and detects attacks based on these attributes of SDN. It proposes a method to block denial of service attacks (DoS) of advanced attackers by programming and applying honeypot. In the proposed system, the attack packet can be quickly delivered to the honeypot according to the modifiable flow rule, and the honeypot that received the attack packets analyzed the intelligent attack pattern based on this. According to the analysis results, the attack detection module and the threat level management module are adjusted to respond to intelligent attacks. The performance and feasibility of the proposed system was shown by actually implementing the proposed system, performing intelligent attacks with various attack patterns and attack levels, and checking the attack detection rate compared to the existing system.

• Journal of the Institute of Convergence Signal Processing
• /
• v.22 no.4
• /
• pp.179-184
• /
• 2021

Along with the development of the fourth industry, the public sector has increasingly paid more attention to search using drones and real-time monitoring, for various goals. The drones are used and researched to complete a variety of searching and monitoring missions, including search for missing persons, security, coastal patrol and monitoring, speed enforcement, highway and urban traffic monitoring, fire and wildfire monitoring, monitoring of illegal fishing in reservoirs and protest rally monitoring. Police stations, fire departments and military authorities, however, concentrate on the hardware part, so there are little research on efficient communication systems for the real-time monitoring of data collected from high-performance resolution and infrared thermal imagining cameras, and analysis programs suitable for special missions. In order to increase the efficiency of drones with the searching mission, this paper, therefore, attempts to propose an image analysis technique to increase the precision of search by producing image data suitable for searching missions, based on images obtained from drones and provide the foundation for improving relevant policies and establishing proper platforms, based on actual field cases and experiments.

• Journal of Internet Computing and Services
• /
• v.23 no.6
• /
• pp.1-13
• /
• 2022

As the information and communication environment develops, the environment of military facilities is also development remarkably. In proportion to this, cyber threats are also increasing, and in particular, APT attacks, which are difficult to prevent with existing signature-based cyber defense systems, are frequently targeting military and national infrastructure. It is important to identify attack groups for appropriate response, but it is very difficult to identify them due to the nature of cyber attacks conducted in secret using methods such as anti-forensics. In the past, after an attack was detected, a security expert had to perform high-level analysis for a long time based on the large amount of evidence collected to get a clue about the attack group. To solve this problem, in this paper, we proposed an automation technique that can classify an attack group within a short time after detection. In case of APT attacks, compared to general cyber attacks, the number of attacks is small, there is not much known data, and it is designed to bypass signature-based cyber defense techniques. As an attack model, we used MITRE ATT&CK® which modeled many parts of cyber attacks. We design an impact score considering the versatility of the attack techniques and proposed a group similarity score based on this. Experimental results show that the proposed method classified the attack group with a 72.62% probability based on Top-5 accuracy.