• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.4
• /
• pp.879-888
• /
• 2018

Along with the recent worldwide development of fintech, FIDO (Fast IDentity Online) using biometric technology is rapidly growing in the mobile payment market, replacing the existing password system. This FIDO authentication must be processed in a reliable environment that requires high level of security, as sensitive biometrics is being processed. However, this environment is currently dependent on the manufacturer as it is supported by certain hardware on the smartphone. Therefore, this thesis proposes a server-based authentication model using distributed management of compliance based biometric information that can be used universally safely without the need for specific hardware in mobile environments.

• International Journal of Computer Science & Network Security
• /
• v.21 no.11
• /
• pp.89-96
• /
• 2021

This work is an extension of my work presented a robust and economically efficient method for the Discrimination of four Mung-Beans [1] varieties based on quantitative parameters. Due to the advancement of technology, users try to find the solutions to their daily life problems using smartphones but still for computing power and memory. Hence, there is a need to find the best classifier to classify the Mung-Beans using already suggested features in previous work with minimum memory requirements and computational power. To achieve this study's goal, we take the experiments on various supervised classifiers with simple architecture and calculations and give the robust performance on the most relevant 10 suggested features selected by Fisher Co-efficient, Probability of Error, Mutual Information, and wavelet features. After the analysis, we replace the Artificial Neural Network and Deep learning with a classifier that gives approximately the same classification results as the above classifier but is efficient in terms of resources and time complexity. This classifier is easily implemented in the smartphone environment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.369-383
• /
• 2018

User authentication using PIN input or lock pattern is widely used as a user authentication method of smartphones. However, it is vulnerable to shoulder surfing attacks and because of low complexity of PIN and lock pattern, it has low security. To complement these problems, keystroke dynamics have been used as an authentication method for complex authentication and researches on this have been in progress. However, many studies have used imposter data in classifier training and validation. When keystroke dynamics authentications are actually applied in reality, it is realistic to use only legitimate user data for training, and using other people's data as imposter training data may result in problems such as leakage of authentication data and invasion of privacy. In response, in this paper, we experiment and obtain the optimal ratio of the thresholds for distance based classification. By suggesting the optimal ratio, we try to contribute to the real applications of keystroke authentications.

• Smart Media Journal
• /
• v.6 no.3
• /
• pp.29-40
• /
• 2017

Lately weight for smartphone mounted to function for NFC is increasing, rapidly. Because of this, NFC related technology is made by many companies. We developed Gallery-Auction for security enhancements and new services of NFC-based 2 factor electronic payment system. Enhanced security features development of user authentication module through fingerprint recognition to apply FIDO authentication technology and developed electronic contract voice service of Gallery-Auction using TTS(Text to Speech). Therefore we enhanced convenient and simple authentication method and security through NFC mobile electronic payment.

• International Journal of Advanced Culture Technology
• /
• v.7 no.2
• /
• pp.60-66
• /
• 2019

The purpose of this study was to compare the effect of educational smartphone app with the effect of learning using conventional paper material. We developed an educational app for nursing students to learn how to read blood pressure and how to take a pulse. Evaluated was the effect of the app-based education by measuring the short term memory (right after the education), the long term memory (a week later) and the satisfaction. 25 college nursing students participated for the experiment group using the app-based education and 25 for the control group using paper-based education. We applied for statistical analysis Fisher's exact test and Independent t-test. The satisfaction of the app user's appeared significantly higher than that of the paper material user's (t=2.322, p=0.024). The short term memory score was 0.23 points higher in the experimental group (6.46 points) than in the control group (6.23 points), which was not statistically significant (t =0.422, p =0.675). Similar result came for the long term memory (t=1.006, p=0.320). After adjusting for the effect of a college grade using ANCOVA, the effect on memory was significantly higher in the experiment group. There might be differences in learning ability between the experimental and the control groups.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.2
• /
• pp.301-308
• /
• 2017

With the popularization of smart phones and the development of the Internet, many people use smart phones to conduct identity verification procedures. smart phones are easier and faster to authenticate than personal desktop computers. However, as Internet hacking technology and malicious code distribution technology rapidly evolve and attack types become more diverse, authentication methods suitable for mobile environment are required. As authentication methods, there are methods such as possessive-based authentication, knowledge-based authentication, biometric-based authentication, pattern-based authentication, and multi-element authentication. In this paper, we propose a user authentication mechanism that uses collected information as authentication factor using smart phone. Using the proposed authentication mechanism, it is possible to use the smart phone information and environment information of the user as a hidden authentication factor, so that the authentication process can be performed without being exposed to others. We implemented the user authentication system using the proposed authentication mechanism and evaluated the effectiveness based on applicability, convenience, and security.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.10a
• /
• pp.363-365
• /
• 2014

Internet baking, e-commerce, business processing, etc on smartphone handing could be possible in present days. Ambiguity between cyber and real life has made vulnerability on infrastructure, Gov't Service and National security by cyber terrorism. Especially, Lots of Infrastructure and Gov't Service based on Information Technology were exposed by Cyber terror. Legal system should be improved to keep from these threats. This paper proposed needs of cyber legal system by analyzing proposed cyber related code on Korean National Assembly, issue on Cyber Control Tower, National Cyber Security Industry and Human resource.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.6
• /
• pp.893-906
• /
• 2023

Awareness that smartphones can be used as tools for criminal activity is prevalent in many organizations, but the functionally smartphone-like smartwatch's potential as a criminal tool is being overlooked. Considering this situation, this research verifies the possibility of information leakage through an insider's smartwatch in a situation where smartphones are controlled by security regulations and technologies, but smart watch are not. By analyzing information related application usage and Wi-Fi connection generated in the smartwatch during the verification process, forensic information and limitations are identified. Finally, this research proposes preventive methods to prepare for potential smartwatch-related crimes, and reconsiders awareness of the possibility of using smartwatches as criminal tools.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.8
• /
• pp.2124-2139
• /
• 2023

In this article, the authors focus on the use of smart CCTV, a combnation of biometric recognition technology and AI algorithms. In fact, the advancements in relevant technologies brought a significant increase in the use of biometric information - fingerprint, retina, iris or facial recognition - across diverse sectors. Both the public and private sectors, with the developments of biometric technology, widely adopt and use an individual's biometric information for different reasons. For instance, smartphone users highly count on biometric technolgies for the purpose of security. Public and private orgazanitions control an access to confidential information-controlling facilities with biometric technology. Biometric infomration is known to be unique and immutable in the course of one's life. Given the uniquness and immutability, it turned out to be as reliable means for the purpose of authentication and verification. However, the use of biometric information comes with cost, posing a privacy issue. Once it is leaked, there is little chance to recover damages resulting from unauthorized uses. The governments across the country fully understand the threat to privacy rights with the use of biometric information and AI. The EU and the United States amended their data protection laws to regulate it. South Korea aligned with them. Yet, the authors point out that Korean data aprotection law still requires more improvements to minimize a concern over privacy rights arising from the wide use of biometric information. In particular, the authors stress that it is necessary to amend Section (2) of Article 23 of PIPA to reflect the concern by changing the basis for permitting the processing of sensitive information from 'the Statutes' to 'the Acts'.

• International Journal of Computer Science & Network Security
• /
• v.21 no.7
• /
• pp.205-210
• /
• 2021

In this paper, the possibility of using a contactless smart card as a cache for geocaching is analyzed. Geocaching is an outdoor game in which players search for hidden boxes, or caches based on geographical coordinates. The problems with this game are the possibility of players cheating and the need to maintain the caches. And then there is the problem of the ignorant public accidentally discovering a cache and considering it an explosive device. This paper proposes a concept for a possible solution to the above problems by replacing the boxes with conventional contactless smart cards. Also, this concept makes geocaching more attractive by using various games. This paper proposes a system architecture as well as the cryptographic protocol required for secure communication between the player's smartphone and the card.