• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.2
• /
• pp.243-252
• /
• 2020

Recently, the proportion of housing lease has been increasing to an overwhelming level in line with the increase of single-person households and the change in the form of housing. In the normal case, the use of rental-type housing is subject to a housing lease agreement through a licensed real estate agent. In the event of a transaction conclusion, licensed real estate agent shall issue a contract containing the personal information of the lessee, the renter, and the licensed real estate agent to the transaction party. In this case, it is necessary for the lessee to provide the contract to a third party. This paper analyzes relevant laws and regulations and the status of housing transactions, focusing on personal information processed between offline housing lease agreements. And when issuing a contract through IRTS, we propose a way to protect personal information by providing a third party in three forms: information Data Subject-based, Purpose of usage-based De-identification, and Certificate of Contract.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.1
• /
• pp.31-49
• /
• 2021

IoT devices refer to embedded devices that can communicate with networks. Since there are various types of IoT devices and they are widely used around us, in the event of an attack, damages such as personal information leakage can occur depending on the type of device. While the security team analyzes IoT devices, they should target firmware as well as software interfaces since IoT devices are operated by both of them. However, the problem is that it is not easy to extract and analyze firmware and that it is not easy to manage product quality at a certain level even if the same target is analyzed according to the analyst's expertise within the security team. Therefore, in this paper, we intend to establish a vulnerability analysis process for the firmware of IoT devices and present available tools for each step. Besides, we organized the process from firmware acquisition to analysis of IoT devices produced by various commercial manufacturers, and we wanted to prove their validity by applying it directly to drone analysis by various manufacturers.

• Journal of KIISE:Computing Practices and Letters
• /
• v.13 no.7
• /
• pp.540-544
• /
• 2007

Researches on Sensor Network has become much more active and is currently being applied to many different fields. However since sensor network is limited to only collecting and reporting information regarding a certain event, and requires human intervention with that given information, it is often difficult to react to an event or situation immediately and proactively. To overcome this kind of limitation, Wireless Sensor and Actor Networks (WSANs) with immediate-response Actor Nodes has been proposed which adds greater mobility and activity to exisiting sensor networks. Although WSANs shares many common grounds with sensor networks, it is difficult to apply exisiting security technologies due to the fact that WSAN contains Actor Nodes that are resource-independent and mobile. This research therefore seeks to demonstrate ways to provide security, integrity and authentication services for WSAN's secure operation, by separating networks into hierarchcial structure by each node's abilities and providing different encryption key-based secure protocols for each level of hierarchy: Pair-wise Key, Node Key, and Region Key for sensor levels, and Public Key for actor levels.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2015.01a
• /
• pp.73-76
• /
• 2015

최근 스마트 단말을 통한 유해 콘텐츠의 보급이 확산되면서 스마트 단말에서 유해 콘텐츠를 차단하기 위한 소프트웨어의 필요성이 증가하고 있다. 이에 본 논문에서는 안드로이드 기반 스마트 단말에서 실행 이벤트의 분석을 통하여 유해 콘텐츠를 탐지 할 수 있는 방법을 제안한다. 본 논문에서는 안드로이드기반 스마트 단말에서 스트리밍 서비스가 실행되는 구조 및 관련 실행 이벤트들의 연관성을 분석하였으며, 분석 결과를 토대로 스마트 단말에서 유해 콘텐츠의 실행 여부를 판단할 수 있는 소프트웨어를 개발하였다.

• Convergence Security Journal
• /
• v.19 no.4
• /
• pp.35-41
• /
• 2019

Considering North Korea's strategy, North Korea's top hitting target in the event of a war is likely to be the main goal of the air force runway to neutralize the air force. As a countermeasure, there are emergency runway construction and runway emergency recovery operations. However, emergency runway construction is mainly intended for emergency landing and fueling and rearmament. The emergency runway restoration operation has also several limitations considering North Korea's threatening missile level, recovery time, and so on, so it cannot respond quickly to the North's runway bombing. In this study, we first describe the threat of North Korea's missiles and their air defense capabilities. Then the concept and limitations of the mobile runway, which is the next generation countermeasure, are presented.

• Convergence Security Journal
• /
• v.15 no.6_2
• /
• pp.121-127
• /
• 2015

In this study, we try to present the evolutionary direction with respect to the issue of police martial arts education. First, the facilities for martial arts training and modernization of its proper area $8.5m^2/1$ person should be over. There is a need for facilities that can be trained in various martial arts event takes place. Second, if you look from the perspective of the education program of the police martial arts, martial arts and physical fitness is to be carried out in the separation subject, there is a need for expansion of classes. Third, technical, due to the high learning effect is education, it is necessary to develop a police martial arts materials. Fourth, it is necessary to expand a variety of martial arts professor, appointment of external experts should also try to take into account.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2018.10a
• /
• pp.208-211
• /
• 2018

과학기술, 정보통신과 같은 기술들이 발전함에 따라 혁신적인 기술들 또한 대거 등장하였다. 이러한 기술들을 기반으로 새로운 서비스들이 등장하여 사람들의 삶의 질 또한 꾸준히 향상되고 있다. 그러나 기술발전 이면에는 해킹, 바이러스, 취약점 공격과 같은 역기능들의 기술 또한 지속해서 발전하고 있다. 공격자들은 이러한 기술들을 이용하여 정보자산의 침해, 사이버 테러, 금전적인 피해와 같은 사회 문제를 꾸준히 일으키고 있으며, 기업적으로는 개인정보 유출 및 산업 기밀 유출과 같은 정보보안 사고 또한 꾸준히 발생하고 있다. 이와 같은 이유로 SIEM(Security Information & Event Management)은 24시간 365일 네트워크와 시스템에 대한 지속적인 모니터링을 통해 외부로부터의 침입이나 각종 바이러스 등에 대해 적절한 대책을 통해 고객의 자산을 보호한다. 따라서 본 논문에서는 과거에서부터 현재까지의 내부 네트워크 기술의 발전을 살펴본 후 정보보안 사고 및 이상징후 탐지를 위한 통합 보안시스템 로그 관리 솔루션인 SIEM의 시대적 변화와 솔루션 동향에 대해 살펴 보고자 한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.5
• /
• pp.889-899
• /
• 2021

This paper proposes a reliable data sharing scheme on the internet of vehicles (IoV) by utilizing blockchain technology for constructing a decentralized system approach. In our model, to maintain the credibility of the information messages sent by the vehicles to the system, we propose a reputation rating mechanism, in which neighboring vehicles validate every received information message. Furthermore, we incorporate an incentive mechanism based on smart contracts, so that vehicles will get certain rewards from the system when they share correct traffic information messages. We simulated the IoV network using a discrete event simulator to analyze network performance, whereas the incentive model is designed by leveraging the smart contract available in the Ethereum platform.

• Journal of the Korea Society of Computer and Information
• /
• v.24 no.2
• /
• pp.111-118
• /
• 2019

Recent trends in modern warfare are increasing in importance for air warfare, information warfare, and warfare. The technology of the weapon system software is rapidly developing, and the silent information war to hack it is still going on. Currently, the FA-50 aircraft has a function that can be initialized by a simple switch operation to protect the main military information in the event of an emergency. However, there are limitations in the existing Zeroize function, and this study was carried out to supplement this. First, we compare and analyze the memory structure of aircraft operating in our military, and examined the currently implemented Zeroize function. Second, we reviewed various methods to overcome the limitation of existing Zeroize function. Third, we implement the existing Zeroize function without additional manipulation. In this paper, we propose that the implementation of this feature will enable us to protect our military data more securely and suggest that we should continue to look for ways to enhance security for our technology in the future.

• International Journal of Computer Science & Network Security
• /
• v.21 no.4
• /
• pp.123-130
• /
• 2021

A novel approach for the detection of cheating during e-Exams is presented here using convolutional neural networks (CNN) based systems. This system will help the proctors to identify any kind of uncertain event at the time of online exams, for which most of the government's across the globe are recommending due to the Covid-19 pandemic. Most of the institutions and students across the globe are badly affected by their academic programs and it is a challenging task for universities to conduct examinations using the traditional methods. Therefore, the students are attending most of their classes using different types of third party applications that are available online. However, to conduct online exams the universities cannot rely on these service providers for a long time. Therefore, in this work, a complete setup of the software tools is provided for the students, which can be used by students at their respective laptops/personal computers with strict guidelines from the university. The proposed approach helps most of the universities in Saudi Arabia to maintain their database of different events/activities of students at the time of E-Exams. This method proved to be more accurate and CNN based detection proved to be more sensitive with an accuracy of 97% to detect any kind of uncertain activity of the students at the time of e-Exam.