• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.5
• /
• pp.793-801
• /
• 2022

Most Bluetooth devices are commonly used in various ways these days, but they can be often lost due to small-size devices. However, most Bluetooth protocol do not provide authentication functions to legitimate owners, and thus someone who obtains the lost Bluetooth device can easily connect to their smart devices to use it. In this paper, we propose NBAS can authenticates legitimate owners using NFT on lossy Bluetooth devices.NBAS generates a digital wallet on the blockchain using the decentralized network Ethereum blockchain and facilitating the MAC address of the Bluetooth device in the digital wallet. The owner of the wallet uses a private key to certify the Bluetooth device using NFT. The initial pairing time of NBAS was 10.25 sec, but the reconnection time was 0.007 sec similar to the conventional method, and the pairing rejection time for unapproved users was 1.58 sec on average. Therefore, the proposed NBAS effectively shows the device authentication over the conventional Bluetooth.

• Journal of Korea Society of Industrial Information Systems
• /
• v.29 no.4
• /
• pp.35-42
• /
• 2024

In this study, we propose a method for real-time recognition and analysis of dog behavior using a motion sensor and deep learning techonology. The existing home CCTV (Closed-Circuit Television) that recognizes dog behavior has privacy and security issues, so there is a need for new technologies to overcome them. In this paper, we propose a system that can analyze and care for a dog's behavior based on the data measured by the motion sensor. The study compares the MLP (Multi-Layer Perceptron) and CNN (Convolutional Neural Network) models to find the optimal model for dog behavior analysis, and the final model, which has an accuracy of about 82.19%, is selected. The model is lightened to confirm its potential for use in embedded environments.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.7 no.2
• /
• pp.287-293
• /
• 2012

It has been only few years that various contents information subject for information processing system has been remarkably increased in online. If we say the year 2000 is the technology based year when deluge of information and data such as real time sharing, the time since after 2000 until 2011 has been a period plentiful of application based functions and solutions. Also, as the applicable range of these information process systems extends, individual information effluence has been social issues twice in 2009 and 2010. Thus now there are continuous efforts made to develop technologies to secure and protect information. However, the range problem has been extended from the illegal access from outside to the legal access from internal user and damages by agents hidden in internal information process system and client system. Therefore, this study discusses the necessity for the studies on efficiency based information security by control of access to internal information and authority setting for administrator and internal users. Based on the result of this study, it provides data that can be used from SOHO class network to large scale for information security method.

• The Journal of the Korea Contents Association
• /
• v.4 no.1
• /
• pp.55-66
• /
• 2004

Recently, as the personal computers are supplied rapidly, they formed the nucleus of the computer system. But, because of the easiness that anyone uses them to go near easily, it is the fact that the security of personal computer is weakness. So, in the paper, 1 propose the technical method that minimizes the loss and leakage of important data. This paper implemented a crypto system for security of data file on personal computer and assistance storage medium. The way of encryption/decryption is applied by complexity method which mixed Diffie-Hellman key exchange protocol, a typical RC4(Rivest Cipher version 4) algorithm of stream cipher and a typical MD5(Message Digest version 5) of Hash Function. For valuation implemented crypto system, three criteria is presented, which are crypto complexity, processing time and pattern matching. And according to analysis the three criteria the crypto system is verified the security, efficiency and usefulness. The crypto system is programmed with Visual C++ language of Microsoft. And so, as this is software system, we shall have a technical security system at a minimum cost for all personal computer.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.53 no.2
• /
• pp.76-86
• /
• 2016

SQL Injection attacks are the most widely used and also they are considered one of the oldest traditional hacking techniques. SQL Injection attacks are getting quite complicated and they perform a high portion among web hacking. The big data environments in the future will be widely used resulting in many devices and sensors will be connected to the internet and the amount of data that flows among devices will be highly increased. The scale of damage caused by SQL Injection attacks would be even greater in the future. Besides, creating security solutions against SQL Injection attacks are high costs and time-consuming. In order to prevent SQL Injection attacks, we have to operate quickly and accurately according to this data analysis techniques. We utilized data analytics and machine learning techniques to defend against SQL Injection attacks and analyzed the execution plan of the SQL command input if there are abnormal patterns through checking the web log files. Herein, we propose a way to distinguish between normal and abnormal SQL commands. We have analyzed the value entered by the user in real time using the automated SQL Injection attacks tools. We have proved that it is possible to ensure an effective defense through analyzing the execution plan of the SQL command.

• Convergence Security Journal
• /
• v.22 no.5
• /
• pp.21-35
• /
• 2022

The use of digital information according to the development of information and communication technology and the 4th industrial revolution is continuously increasing and diversifying, and in proportion to this, crimes using digital information are also increasing. However, there are few cases of establishing an environment for processing and analysis of digital evidence in Korea. The budget allocated for each organization is different and the digital forensics laboratory built without solving the chronic problem of securing space has a problem in that there is no standard that can be referenced from the initial configuration stage. Based on this awareness of the problem, this thesis conducted an exploratory study focusing on tools and equipment necessary for building a digital forensics laboratory. As a research method, focus group interviews were conducted with 15 experts with extensive practical experience in the digital forensic laboratory or digital forensics field and experts' opinions were collected on the following 9 areas: network configuration, analyst computer, personal tools·equipment, imaging devices, dedicated software, open source software, common tools/equipment, accessories, and other considerations. As a result, a list of tools and equipment for digital forensic laboratories was derived.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.19 no.1
• /
• pp.317-326
• /
• 2024

Biometric recognition is a technology that determines whether a person is identified by extracting information on a person's biometric and behavioral characteristics with a specific device. Cyber threats such as forgery, duplication, and hacking of biometric characteristics are increasing in the field of biometrics. In response, the security system is strengthened and complex, and it is becoming difficult for individuals to use. To this end, multiple biometric models are being studied. Existing studies have suggested feature fusion methods, but comparisons between feature fusion methods are insufficient. Therefore, in this paper, we compared and evaluated the fusion method of multiple biometric models using fingerprint, face, and iris images. VGG-16, ResNet-50, EfficientNet-B1, EfficientNet-B4, EfficientNet-B7, and Inception-v3 were used for feature extraction, and the fusion methods of 'Sensor-Level', 'Feature-Level', 'Score-Level', and 'Rank-Level' were compared and evaluated for feature fusion. As a result of the comparative evaluation, the EfficientNet-B7 model showed 98.51% accuracy and high stability in the 'Feature-Level' fusion method. However, because the EfficietnNet-B7 model is large in size, model lightweight studies are needed for biocharacteristic fusion.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.8 no.12
• /
• pp.1959-1970
• /
• 2013

Attempts were made in this paper to compare the practice of protective actions for information of patients' medical treatment between hospital administrators who do not make direct contact with patients and occupational therapists who usually do. The comparison between jobs in charge showed that occupational therapists did not practice much protective actions for information of patients' medical treatment ($3.52{\pm}.809$) compared to hospital administrators ($3.92{\pm}.724$), even though the former had received regular education about protection, management and supervision of patients' medical information more often ($3.17{\pm}1.129$) than the latter ($3.16{\pm}1.037$). In spite of the fact that occupational therapists were exposed frequently to the danger of revealing medical information in the process of their job performance through talks and communications with patients, they displayed relatively little concern for and awareness of keeping information of medical treatment from being leaked by them. It is thus suggested to promote awareness of medical staff to protect medical information by means of flexible educational system for each occupational group, periodical monitoring, continuing public relation, training and quality control for protection of medical information, as well as routine self-examination of such practice.

• Knowledge Management Research
• /
• v.25 no.3
• /
• pp.73-98
• /
• 2024

Chatbots are becoming increasingly popular as interactive communication tools that provide not only convenience but also a friendly and humanized experience. Due to the interactive nature of chatbots, they can exchange information with users to perform various tasks, and users sometimes intentionally provide inaccurate information. Considering social presence of conversational agents, perceived risk of providing personal information, and trust in algorithms as key influencing factors, this study explores the effects of those factors on the intention to provide inaccurate information in the context of online dating services and examine whether these effects vary across types of conversational agents. We conducted an analysis of structural equation model using data collected from Amazon Mechanical Turk (MTurk). The analysis results showed significant relationships between factors related to the intention to provide inaccurate information and empirically confirmed that those relationships vary by types of conversational agents. Out findings have academic implications for the behavior of providing inaccurate information in online environments and practical implications for designing chatbots to reduce such intentions. We also discuss the ethical implications of the consequences of inaccurate information online.

• Journal of KIISE:Software and Applications
• /
• v.34 no.10
• /
• pp.918-928
• /
• 2007

The goal of this paper is to propose a new way to register CDA documents in CDR (Clinical Document Repository) that is proposed by the author earlier. One of the methods is to use a manifest archiving for seamless references and visualization of CDA related files. Another method is to enhance the CDA security level for supporting pseudonymization of CDA. The former is a useful method to support the bundled registration of CDA related files as a set. And it also can provide a seamless presentation view to end-users, once downloaded, without each HTTP connection. The latter is a new method of CDA registration which can supports a do-identification of a patient. Usually, CDA header can be used for containing patient identification information, and CDA body can be used for diagnosis or treatment data. So, if we detach each other, we can get good advantages for privacy protection. Because even if someone succeeded to get separated CDA body, he/she never knows whose clinical data that is. The other way, even if someone succeeded to get separated CDA header; he/she doesn't know what kind of treatment has been done. This is the way to achieve protecting privacy by disconnecting association of relative information and reducing possibility of leaking private information. In order to achieve this goal, the method we propose is to separate CDA into two parts and to store them in different repositories.