• Journal of the Korea Convergence Society
• /
• v.8 no.12
• /
• pp.15-22
• /
• 2017

This paper analyzes vulnerability of each service protocol used in ICT convergence industry, smart factory, smart grid, smart home, smart traffic, smart health care, and suggests technologies that can overcome security vulnerabilities. In addition, we design a service-oriented protocol security framework that allows us to quickly and easily develop security functions in an open environment by defining a security element common to protocols and designing a security module for each protocol layer including the corresponding elements. Service protocol independent security module and specialized security module, it will be possible to develop flexible and fast security system in ICT convergence industry where various protocols are used. The overall security level of the ICT service network can be improved by installing the necessary security modules in the operating system, and the productivity can be improved in the industrial security field by reusing each security module.

• Convergence Security Journal
• /
• v.6 no.1
• /
• pp.45-53
• /
• 2006

It has been proposed that several RFID authentication protocols based on hash chain. Status based authentication protocol and challenge-response based authentication protocol are secured against location tracking attacks, spoofing attacks, replay attacks, traffic analysis attacks but are vulnerable to Dos attacks. RFID authentication protocol with strong resistance against traceability and denial of service attack is secured against location tracking attack, spoofing attacks, replay attacks, DoS attacks but are vulnerable to traffic analysis attacks. The present study suggests a more secure and lightweight RFID authentication protocol which is combining the advantages of hash-chain authentication protocol and RFID authentication protocol with strong resistance against traceability and denial of service attack. The results of the secure analysts for a proposed protocol are illustrated that it is secured against location tracking attacks, spoofing attacks, replay attacks, traffic analysis attacks, Dos attacks and is a lightweight operation between server and tag.

• Journal of the Korea Convergence Society
• /
• v.5 no.4
• /
• pp.93-99
• /
• 2014

Cloud computing refers to borrow IT resources as needed by leveraging Internet technology and pay as much as you used by supporting real-time scalability depending on the service load. Virtualization which is the main technology of cloud computing is a technology that server, storage and hardware are regarded as not separate system but one system area and are allocated as needed. However, the security mechanisms provided by virtualized environments are difficult to cope with the traditional security mechanisms, having basic levels of visibility, control and audit function, on which the server is designed to monitor the traffic between the servers. In this paper, the security vulnerabilities of virtualization are analysed in the cloud computing environment and cloud virtualization security recommendations are proposed.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.10a
• /
• pp.708-709
• /
• 2015

최근 선박의 연안 선박의 안전사고가 증가함에 따라 기존 항만 중심으로 운영되고 있던 해상교통관제센터의 관제 범위가 연안까지 확대되고 있다. 이에 따라 해상교통관제센타(Vessel Traffic Service Center, VTS) 간에 데이터 교환의 필요성도 증가하고 있다. 국제항로표지협회 IALA(International Association of Lighthouse Authorities, IALA)는 이러한 필요성을 인지하고 해상교통관제센터간 데이터 교환 프로토콜인 IVEF(Inter-VTS Exchange Format)를 제정하였다. 그러나 IVEF 프로토콜 특성상 외부 해상교통관제센터간 데이터가 전송됨으로 데이터 변조등의 위험성이 있다. 하지만 IVEF 프로토콜은 보안 관련 요소들이 미미한 실정이다. 본 논문에서는 IVEF 데이터의 무결성을 보장하는 방법을 제안한다.

• Convergence Security Journal
• /
• v.15 no.2
• /
• pp.63-68
• /
• 2015

Current ICT(Information & Communication Technology) infrastructures (Internet and server/client communication) are struggling for a wide variety of devices, services, and business and technology evolution. Cloud computing originated simply to request and execute the desired operation from the network of clouds. It means that an IT resource that provides a service using the Internet technology. It is getting the most attention in today's IT trends. In the distributed cloud environments, management costs for the network and computing resources are solved fundamentally through the integrated management system. It can increase the cost savings to solve the traffic explosion problem of core network via a distributed Micro DC. However, traditional flooding methods may cause a lot of traffic due to transfer to all the neighbor DCs. Restricted Path Flooding algorithms have been proposed for this purpose. In large networks, there is still the disadvantage that may occur traffic. In this paper, we developed Lightweight Path Flooding algorithm to improve existing flooding algorithm using hop count restriction.

• Journal of Korea Multimedia Society
• /
• v.21 no.5
• /
• pp.599-608
• /
• 2018

As natural disasters are increasing due to the unusual weather and the modern society is getting complicated, the rapid change of the urban environment has increased human disasters. Thus, citizens are becoming more anxious about social safety. The importance of preparation for safety has been suggested by providing the disaster safety services such as regional safety index, life safety map, and disaster safety portal application. In this paper, we propose an application framework to predict the urban safety index based on user's location with realtime weather/atmosphere data after creating a predication model based on the machine learning using number of occurrence cases and weather/atmosphere history data. Also, we implement an application to provide traffic safety index with executing preprocessing occurrence cases of traffic and weather/atmosphere data. The existing regional safety index, which is displayed on the Si-gun-gu area, has been mainly utilized to establish safety plans for districts vulnerable to national policies on safety. The proposed system has an advantage to service useful information to citizens by providing urban safety index based on location of interests and current position with realtime related data.

• Spatial Information Research
• /
• v.15 no.1
• /
• pp.15-23
• /
• 2007

Recently, Korea became the first country which started Terrestrial-DMB service. The DMB service is still at a very early stage throughout the world. At this stage, it is an important issue to develop DMB contents which distinguish DMB from traditional broadcasting by utilizing DMB's mobility. In this paper, we will propose outline of map service through DMB along with related services such as traffic and location information. This outline includes the map service protocol and map data structure for DMB. There is little research at the moment related to it, and this preliminary research enables map service through DMB. A map service would bring DMB a distinct advantage over traditional broadcasting. Moreover, further services based on broadcasting network and mobility would contribute to rapid growth of DMB.

• Convergence Security Journal
• /
• v.8 no.2
• /
• pp.41-50
• /
• 2008

Recently amount of traffic into the network rapidly increase since multimedia streaming services is generally adopted for application. In addition, various network management systems have been suggested for providing a stable service and QoS guarantee. It is necessary for such systems to have QoS monitoring module in order to evaluate acceptance or violation of QoS requirements by analogizing a state information of each node within network. In this paper, we suggest a network management system to evaluate QoS level between end-to-end agents and analysis traffics transmitted between them. The proposed system is implemented for the purpose of collecting network traffic information and monitoring of the view. The proposed system makes user easily understand information of QoS parameters such as throughput, delay and jitter by adopting a method of visual and numerical representation. To achieve this, we purportedly generate test packet into network for confirming acceptance or violation of QoS requirements from point of view of multimedia application service.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.66 no.3
• /
• pp.575-580
• /
• 2017

In these days, the big-size and high resolution multimedia file is widely used through networks. To transfer and service effectively, the internet network technology is necessary to substitute broadcasting. Normally Content Delivery Network(CDN) is widely used in conventional internet for multimedia services. But it has a small bandwidth to service. So to solve this problems, many researchers have suggest the protocol for download, content distribution/saving, server synchronization, caching, pushing rate, and streaming etc. But all of these has some defects like low resolution, packets loss and delay, real application implementations etc. So, this paper suggests a new method of network protocol based on P2P collaboration and user's content using information. And it evaluated the performance of suggested method. As the results, it showed the effectiveness of 4 performances indices : download speed, decreasing rate of connected user in same time, adaptive hit ratio, traffic decreasing rate.

• Convergence Security Journal
• /
• v.23 no.5
• /
• pp.73-79
• /
• 2023

Cyber threats are evolving and becoming more sophisticated with the development of new technologies, and consequently the number of service failures caused by DDoS attacks are continually increasing. Recently, DDoS attacks have numerous types of service failures by applying a large amount of traffic to the domain address of a specific service or server. In this paper, after generating the data of the Syn Flooding attack, which is the representative attack type of bandwidth exhaustion attack, the data were compared and analyzed using Random Forest, Decision Tree, Multi-Layer Perceptron, and KNN algorithms for the effective detection of attacks, and the optimal algorithm was derived. Based on this result, it will be useful to use as a technique for the detection policy of Syn Flooding attacks.