• International Journal of Computer Science & Network Security
• /
• v.24 no.5
• /
• pp.79-88
• /
• 2024

The information retrieval domain deals with the retrieval of unstructured data such as text documents. Searching documents is a main component of the modern information retrieval system. Locality Sensitive Hashing (LSH) is one of the most popular methods used in searching for documents in a high-dimensional space. The main benefit of LSH is its theoretical guarantee of query accuracy in a multi-dimensional space. More enhancement can be achieved to LSH by adding a bit to its steps. In this paper, a new Dynamic Locality Sensitive Hashing (DLSH) algorithm is proposed as an improved version of the LSH algorithm, which relies on employing the hierarchal selection of LSH parameters (number of bands, number of shingles, and number of permutation lists) based on the similarity achieved by the algorithm to optimize searching accuracy and increasing its score. Using several tampered file structures, the technique was applied, and the performance is evaluated. In some circumstances, the accuracy of matching with DLSH exceeds 95% with the optimal parameter value selected for the number of bands, the number of shingles, and the number of permutations lists of the DLSH algorithm. The result makes DLSH algorithm suitable to be applied in many critical applications that depend on accurate searching such as forensics technology.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1181-1190
• /
• 2013

The GOOSE(Generic Object Oriented Substation Event) is used as a network protocol to communicate between IEDs(Intelligent Electronic Devices) in international standard IEC 61850 of substation automation system. Nevertheless, the GOOSE protocol is facing many similar threats used in TCP/IP protocol due to ethernet-based operation. In this paper, we develop a IDS(Intrusion Detection System) for secure GOOSE Protocol using open software-based IDS Snort. In this IDS, two security functions for keyword search and DoS attack detection are implemented through improvement of decoding and preprocessing component modules. And we also implement the GOOSE IDS and verify its accuracy using GOOSE packet generation and communication experiment.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.10
• /
• pp.175-183
• /
• 2011

Performance of digital video watermarking is an assessment that hides a lot of information in digital videos. Therefore, it is required to find a way that enables to store lots of bits of data into a high quality video of the frequency area of digital contents. Hence, this paper designs a watermarking system improving security with an enhancing watermarking based on invisible watermarking and embedding an watermarking on LH and HL subband and its subband by transforming wavelet after the extraction of luminance component from the frames of video by compromising robustness and invisible of watermarking elements. The performance analysis of security of watermarking is carried out with a statistic method, and makes an assessment of robustness against variety of attacks to invisible watermarking. We can verify the security of watermarking against variety of attacks by testing robustness and invisible through carrying out general signal processing like noise addition, lossy compression, and Low-Pass filtering.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2002.05a
• /
• pp.477-480
• /
• 2002

Transparency of position that provide quick service regardless of physical position to users in distribution computing environment is getting into prominence and is developed in component form that many application softwares take advantage of distributed object technology. Because design object in distribution computing environment and OMG introduces OMA for embody, defined CORBA by standard of distributed object technology on OMA's abstract picture object model. Security service in CORBA platform is very important. Present object security service in distribution computing environment that refer standard of sorority and security models of distribution computing platform in CORBA in this treatise and follow in CORBA security service rules.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.6
• /
• pp.1045-1053
• /
• 2014

In this paper, we assume that the information leakage through side-channel signal may occur from the card payment terminal and newly introduce a real application attack model. The attack model is a side channel attack based on vibration signals, which are detected by a small sensor attached on card terminal by attacker. This study is similar to some other studies regarding side channel attack. However, this paper is different in that it is based on the non-language model. Because the financial transaction information such as a card number, password, mobile phone number and etc cannot have a constant pattern. In addition, there was no study about card terminal. Therefore, this new study is meaningful. We collected vibration signals on card terminal with a small wireless sensor and analyzed signal data with statistical signal processing techniques using spectrum of frequency domain and principal component analysis and pattern recognition algorithms. Finally, we evaluated the performances by using real data from the sensor.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.3
• /
• pp.568-574
• /
• 2015

Recently RFID not only is widely utilized in various fields such as inventory management, merchandize logistics, etc., but also, has evolved as an important component of the Internet of Things (IoT). According to increasing the utilization field of RIFD, studies for security and privacy for RFID system have been made diverse. Among them, the ownership transfer protocols for RFID tags have also been proposed in connection with the purchase of products embedded with RFID tag. Recently, Kapoor and Piramuthu proposed a RFID ownership transfer protocol to solve the problems of security weakness of the previous RFID ownership transfer protocols. In this paper, we show that Kapoor-Piramuthu's protocol also has security problems and provide a new protocol to resolve them. Security analysis of newly proposed protocol shows the security concerns are resolved.

• Journal of the Institute of Convergence Signal Processing
• /
• v.10 no.4
• /
• pp.256-261
• /
• 2009

While .NET and J2EE bisects recent distributed environment, .NET displays "Remoting" as a technology to call remote object. Remoting is frequently used as a protocol in OLTP's WEB program development in form of RPC that exchange data in XML form under HTTP environment. Purpose of this research is to draw problems when applying security to .NET remoting technology that is recently used in web programming, and to find effective application plan by implementing. The main discussion is following. First, network layer security should be replaced to application layer security for better performance and flexibility. Second, the serialization procedure that is repeated in both remoting and encryption module should take place once. Lastly, implementation of "Surrogate" and "Compress" will be discussed that enables to eliminate unnecessary data(table relations, keys, etc) that is used in dataset object of .NET in order to reduce the size of data. It is possible to achieve improvement in speed by two times through immediate implementation in these cases. In order for easier use, component based framework should be supplied hereafter.

• Journal of information and communication convergence engineering
• /
• v.5 no.2
• /
• pp.136-139
• /
• 2007

In this paper we will discuss a general idea about an information system which provides information a user really needs in user's authentication. We will discuss how RFID could be applied for this kind of system especially from the standpoint of using RFID as a way to collect information of personal belongings. Also we will discuss security issues of using RFID as a component of the proposed system because while RFID could provide usefulness, it could also be very dangerous for revealing private information without user's awareness.

• Proceedings of the IEEK Conference
• /
• 2001.06c
• /
• pp.221-224
• /
• 2001

Role-Based Access Control(RBAC) is a flexible and policy-neutral access control technology. But, for large systems, managing roles, users, permissions and their interrelationships is a formidable task that cannot be centralized in a small team of security administrators. Using RBAC to manage RBAC provides addition히 administrative convenience. In this paper we demonstrate the implementation of one of the components of ARBAC99 which deals with permission-role assignment and is called PRA99. We implement it by using EJB component and use Oracle stored procedures to implement it.

• Journal of the Korean Society for Industrial and Applied Mathematics
• /
• v.3 no.1
• /
• pp.17-29
• /
• 1999

The reliable authentication of a communicating party and a network component is an essential factor to achieve the security in a computer network. The Kerberos Authentication Services has been the most successful solution which is widely used today but its requirement for synchronized clocks has been a serious limitation to use it. In this paper we presented an extended Kerberos method which avoids the synchronization requirement for a single-time ticket user. We modified the Kerberos protocol minimally by replacing the synchronization requirement with the challenge-response method.