• Journal of Internet Computing and Services
• /
• v.18 no.2
• /
• pp.1-11
• /
• 2017

There are two kinds of wireless network access to a certain place by using smart devices - 1) open (anonymous) - access and 2) user-authorized access. The open-access is a non-authorization connection method which does not need to require Smart device's user authorized information. It means open-access use only user's SSID (Service Set Identifier) information to access the wireless AP devices following public wireless network standard. This access mechanism is not suitable to use all of public wireless networks because users have to get all wireless network information around them. As a result, huge data for smart devices should be one of the most critical overload problems for them. Secondly, the user-authorized access method uses wireless network information (SSID and password) chosen by the users. So, the users have to remember and use the network access information data manually whenever accessing the network. Like open-access, this access method also has the operational and inconvenient problem for the users - manually inputting access information whenever connecting to the network. To overcome this problem in both schemes, we propose two improved wireless network access methods: 1) the implementation of automatic AP connection mechanism using user-authorization and iBeacon messages, and 2) SSID registration form for public wireless networks.

• The KIPS Transactions:PartC
• /
• v.15C no.2
• /
• pp.111-118
• /
• 2008

A wireless router is a device which allows several wireless clients to share an internet line using NAT (Network Address Translation). In a school or a small office environment where many clients use multiple wireless routers, a client may select any one of wireless routers so that most clients can be clustered to a small set of the wireless routers. In such a case, there exists load unbalancing problem between clients and wireless routers. One of its result is that clients using the busiest router get poor service. The other is that the resource utilization of the whole wireless routers becomes very low. In order to resolve the problems, we propose a load sharing scheme to maximize network bandwidth utilization based on SSID(Service Set IDentifier) hiding. The proposed scheme keeps checking the available bandwidth of all the possible wireless routers in a time interval and select the most available one. If a new client appears, the most available router is visible to him or her whereas the others are not visible. This is handled by SSID hiding in the proposed scheme. We implemented the proposed scheme with ASUS WL 500G wireless router and performed experiments. Experimental results show the bandwidth utilization improvement compared to the existing method.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.11a
• /
• pp.427-428
• /
• 2009

무선 네트워크 환경에서 합법적인 AP(Access Point)의 MAC 주소, SSID(Service Set Identifier), 채널등의 정보를 이용하여 복제된 AP(Cloned Access Point)를 만들 수 있다. 복제된 AP는 합법적인 AP와 연결되어 있는 무선 스테이션들의 연결 설정을 끊고 자신과 연결 설정을 하게 한다. 무선 스테이션들이 복제된 AP와 통신을 하게 되면서 많은 공격으로부터 노출되게 된다. 본 연구에서는 복제된 AP가 설치되었을 때 무선 스테이션들이 합법적이 AP의 비콘 프레임과 복제된 AP 비콘 프레임의 시퀀스 번호를 이용하여 복제된 AP을 판별하였다. 시뮬레이터 NS-2를 이용하여 실험한 결과 본 논문에서 제안하는 메커니즘을 통해 무선 스테이션들이 복제된 AP의 등장을 판별할 수 있게 되어 보다 안전한 무선랜 환경을 구축할 수 있게 되었다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.04a
• /
• pp.1086-1089
• /
• 2009

UPnP(Universal Plug and Play) 홈네트워크에서 무선랜은 위치에 상관없이 쉽게 설치하여 사용할 수 있어 사용자에게 편의성을 제공 하지만, AP(Access Point)는 해킹을 통한 MAC 주소 및 SSID(Service Set Identifier), WEP(Wired Equivalent Privacy)의 암호를 쉽게 알 수 있어 보안에 취약하다. 또한 UPnP 는 TCP/IP 를 사용하는 인터넷 표준과 기술을 기반으로 하고 있고 HTTP, UDP, SSDP, GENA 등의 표준 프로토콜을 사용하기에 보안 대책에 취약점을 가지고 있다. 본 논문에서는 댁외에서 UPnP 홈네트워크에 사용되는 AP 를 해킹하고, 해킹한 AP 정보를 이용하여 UPnP 홈네트워크의 디바이스 정보를 취득하고, 댁내 컨트롤 포인트(Control Point)를 해킹하여 MAC 주소 및 IP 주소를 댁외 컨트롤 포인터로 변조하여 UPnP 홈네트워크 디바이스를 제어하는 실험으로 UPnP 홈네트워크 보안의 취약점에 대해 분석한다.

• Journal of Broadcast Engineering
• /
• v.13 no.4
• /
• pp.528-543
• /
• 2008

Internet Protocol Television (IPTV) provides an interactive and personalized service for realizing integrated broadcasting and telecommunication services. Set-top box (SIB) connected to TV is an essential component required for IPTV and has a unique hardware identifier used in identification and authentication. It means that subscriber authentication based on box-level identification is inconsistent with IPTV's main intention of providing personalized services. The proposed solution is to provide an opportunity to use the flexible user-centric authentication mechanism through Java Card applets in IPTV application server and 3G networks. This paper suggests personalized services by moving the user's private data and authentication management beyond the STB to a truly personalized device, the ubiquitous mobile phone. In addition, this paper presents effectiveness and security analysis for verifying the proposal.

• Journal of Information Processing Systems
• /
• v.16 no.3
• /
• pp.541-556
• /
• 2020

Wireless networks have become integral to society as they provide mobility and scalability advantages. However, their disadvantage is that they cannot control the media, which makes them vulnerable to various types of attacks. One example of such attacks is the evil twin access point (AP) attack, in which an authorized AP is impersonated by mimicking its service set identifier (SSID) and media access control (MAC) address. Evil twin APs are a major source of deception in wireless networks, facilitating message forgery and eavesdropping. Hence, it is necessary to detect them rapidly. To this end, numerous methods using clock skew have been proposed for evil twin AP detection. However, clock skew is difficult to calculate precisely because wireless networks are vulnerable to noise. This paper proposes an evil twin AP detection method that uses a multiple-feature-based machine learning classification algorithm. The features used in the proposed method are clock skew, channel, received signal strength, and duration. The results of experiments conducted indicate that the proposed method has an evil twin AP detection accuracy of 100% using the random forest algorithm.

• The Journal of the Korea Contents Association
• /
• v.9 no.10
• /
• pp.32-39
• /
• 2009

Semantically-operated services, which is different from Web services or semantic Web services with semantic markup, can be defined as the services providing search function or reasoning function using ontologies. It performs a pre-defined task by exploiting URI, ontology classes, and ontology properties. This study introduces a method for pipelining semantically-operated services based on a semantic broker which refers to ontologies and service description stored in a service manager and invokes by user constraints. The constraints consist of input instances, an output class, a visualization type, service names, and properties. This method provides automatically-generated service pipelines including composit services and a simple workflow to the user. The pipelines provided by the semantic broker can be executed in a fully-automatic manner to find a set of meaningful semantic pipelines. After all, this study would epochally contribute to develop a portal service by ways of supporting human service planners who want to find specific composit services pipelined from distributed semantically-operated services.

• Journal of Korean Society of Occupational and Environmental Hygiene
• /
• v.19 no.4
• /
• pp.347-362
• /
• 2009

The United Nation agreed to adopt the Globally Harmonized System of Classification and Labelling of Chemicals (GHS) until 2008 to solve the significant differences enough to result in different labels or MSDS for the same chemical in different jurisdictions. Though the GHS is an ideal solution in the respect of pursuing only one format of a MSDS throughout the world, it may cause confusion at the beginning due to lack of information. So the Korean Ministry of Labor (MOL) revised the Industrial Safety and Health Act (ISHA) and related public notice on the classification & labelling of chemicals according to the GHS in 2006. The transition period for the implementation of the GHS for substances was set until Jun 30, 2010, and for mixtures until Jun 30, 2013. To promote the implementation of the GHS in Korea, we developed an application program for constructing MSDS database and a management program for providing MSDS contents on the web in accordance with the GHS. We analyzed the sixteen sections of MSDS by the GHS guideline, and the result showed the necessity to construct logically connected DB for chemical identifier, hazard classification, label, standard phrases and regulatory information. Each section of a MSDS was divided into sub-databases to update the database efficiently. According to Relational Database Management System (RDBMS), the sub-databases were automatically assembled and subsequently a full MSDS is produced. At present, MSDS database for 6,314 substances has been built and provided through internet as the MSDS Editing program. During the service period from January 1 to March 31, 13,666 users have searched MSDSs for 33,401 substances. During program review, some comments about the classification results and other MSDS element sources were reported but no technical bug reported. We expect that the MSDS DB management system in accordance with GHS will accelerate the implementation of the GHS in Korea.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.3
• /
• pp.497-505
• /
• 2015

Existing Wi-Fi networks require users to follow network settings of the AP (Access Point), resulting in inconveniences for users, and the password of the AP is shared by all users connected to the AP, causing security information leaks as time goes by. We propose, in this work, a personalized secure Wi-Fi network, in which each user is assigned her own virtual Wi-Fi network. One virtual Wi-Fi per user makes the user-centric network configuration possible. A user sets a pair of her own SSID and password on her device a priori, and the AP publishes its public key in a suitable way. The AP also maintains an open Wi-Fi channel, to which users can connect anytime. On user's request, the user device sends a connection request message containing a pair of SSID and password encrypted with the AP's public key. Receiving the connection request message, the AP instantiates a new virtual AP secured with the pair of SSID and password, which is dedicated to that single user device. This virtual network is securer because the password is not shared among users. It is more convenient because the network adapts itself to the user device. Experiments show that these advantages are obtained with negligible degradation in the throughput performance.

• Journal of the Korea Institute of Building Construction
• /
• v.21 no.6
• /
• pp.677-687
• /
• 2021

If a fire breaks out in a building, occupants can evacuate more rapidly if they are able to identify the location of the fire, the exits, and themselves. This study derives the requirements of system development, such as distance non-limitation, a non-additional device, a non-centralized server system, and low power for an emergency, to identify information about the fire and the location of evacuees. The objective is to receive and transmit information and reduce the time and effort of the database for location tracking. Accordingly, this study develops a server-independent system that collects information related to a building fire and an evacuee's location and provides information to the evacuee on their mobile device. The system is composed of a transmitting unit to disseminate fire location information and a mobile device application to determine the locations of the fire and the evacuee. The developed system can contribute to reducing the damage to humans because evacuees can identify the location of the fire, exits, and themselves regardless of the impaired server system by fire, the interruption of power source, and the evacuee's location. Furthermore, this study proposes a theoretical basis for reducing the effort required for database construction of the k-nearest neighbor fingerprint.