• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.1
• /
• pp.187-196
• /
• 2016

Android applications are inherently vulnerable to a repackaging attack such that malicious codes are easily inserted into an application and then resigned by the attacker. These days, it occurs often that such private or individual information is leaked. In principle, all Android applications are composed of user defined methods and APIs. As well as accessing to resources on platform, APIs play a role as a practical functional feature, and user defined methods play a role as a feature by using APIs. In this paper we propose a scheme to analyze sensitive APIs mostly used in malicious applications in terms of how malicious applications operate and which API they use. Based on the characteristics of target APIs, we accumulate the knowledge on such APIs using a machine learning scheme based on Naive Bayes algorithm. Resulting from the learned results, we are able to provide fine-grained numeric score on the degree of vulnerabilities of mobile applications. In doing so, we expect the proposed scheme will help mobile application developers identify the security level of applications in advance.

• Proceedings of the Korean Information Science Society Conference
• /
• 2006.10d
• /
• pp.370-374
• /
• 2006

Ad-hoc 환경의 응용은 재난구조나 회의실 또는 강의실에서의 정보 교환과 같은 그룹 통에서 이용된다. Ad-hoc 환경은 무선 채널을 이용하므로 상대적인 낮은 대역폭과 높은 오류 발생률을 가지게 된다. 따라서 Ad-hoc 네트워크에서는 신뢰적인 전송이 요구된다. 이동 노드는 상대적으로 낮은 성능과 에너지의 제한으로 인해 유선 환경과 같은 신뢰적인 전송 기법을 Ad-hoc 환경에 적용하기에는 문제가 발생한다. Ad-hoc 환경의 무선 채널이 가지는 보안적인 취약성과 높은 에러율을 극복하는 신뢰적인 그룹 키 전송을 위한 재전송 기법을 제안한다. 신뢰적인 트리 형성하기 위해 n차 트리 구조를 이용한다. 손실 감지를 위한 ACK 메시지를 이용하고 손실 복구를 위한 재전송 기법에 대해 연구를 한다. 제안한 신뢰적인 그룹 키 전송을 위한 재전송 기법은 트리의 깊이의 차수가 루트 관리 노드, 서브 관리 노드와 로컬 멤버 노드로 구성되기 때문에 손실 감지와 손실 복구에 대한 연산의 오버헤드가 적다. 루트 관리 노드는 멤버 노드로부터 받은 개인키 정보를 이용하여 그룹 키를 생성하고 그룹 키 부분 정보를 서브 관리 노드에게 전송하고 서브 관리 노드에 대한 신뢰성을 책임진다. 서브 관리 노드는 루트 관리 노드로부터 받은 그룹 키 부분 정보를 로컬 멤버 노드에게 전송하고 로컬 멤버 노드에 대한 신뢰성을 책임진다. 루트 관리 노드와 서브 관리 노드를 관리 노드라 한다. 관리 노드가 신뢰적인 전송을 위해 관리하는 멤버 노드는 전체 그룹에 독립적으로 유지 가능하므로 확장성 및 효율성이 좋다. 관리 노드는 동적인 그룹에 따른 타이머를 설정함으로써 손실 감지에 대한 시간을 줄임으로써 효율적인 손실 감지 및 손실 복구를 한다. 임계값 설정으로 인한 중복 수신에 대한 오버헤드를 줄일 수 있다.신뢰성을 향상 시킬 수 있는 Load Balancing System을 제안한다.할 때 가장 효과적인 라우팅 프로토콜이라고 할 수 있다.iRNA 상의 의존관계를 분석할 수 있었다.수안보 등 지역에서 나타난다 이러한 이상대 주변에는 대개 온천이 발달되어 있었거나 새로 개발되어 있는 곳이다. 온천에 이용하고 있는 시추공의 자료는 배제하였으나 온천이응으로 직접적으로 영향을 받지 않은 시추공의 자료는 사용하였다 이러한 온천 주변 지역이라 하더라도 실제는 온천의 pumping 으로 인한 대류현상으로 주변 일대의 온도를 올려놓았기 때문에 비교적 높은 지열류량 값을 보인다. 한편 한반도 남동부 일대는 이번 추가된 자료에 의해 새로운 지열류량 분포 변화가 나타났다 강원 북부 오색온천지역 부근에서 높은 지열류량 분포를 보이며 또한 우리나라 대단층 중의 하나인 양산단층과 같은 방향으로 발달한 밀양단층, 모량단층, 동래단층 등 주변부로 NNE-SSW 방향의 지열류량 이상대가 발달한다. 이것으로 볼 때 지열류량은 지질구조와 무관하지 않음을 파악할 수 있다. 특히 이러한 단층대 주변은 지열수의 순환이 깊은 심도까지 가능하므로 이러한 대류현상으로 지표부근까지 높은 지온 전달이 되어 나타나는 것으로 판단된다.의 안정된 방사성표지효율을 보였다. $^{99m}Tc$-transferrin을 이용한 감염영상을 성공적으로 얻을 수 있었으며, $^{67}Ga$-citrate 영상과 비교하여 더 빠른 시간 안에 우수한 영상을 얻을 수 있었다. 그러므로 $^{99m}Tc$-transierrin이 감염 병소의 영상진단에 사용될 수 있을 것으로 기대된다.리를 정량화 하였다. 특히 선조체에서의 도파민 유리에 의한 수용체 결합능의 감소는 흡연에 의한 혈중 니코틴의 축

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.11 no.4
• /
• pp.19-33
• /
• 2012

Ministry of Land, Transport and Maritime Affairs prepared the method to update traffic connection system by amending "National Transport System Efficiency Act(hereinafter Act)". The key is a development of Intermodal Transfer Center. The law and guideline related with Intermodal Transfer Center requires the installation and operation of transfer information guide facility to improve user's convenience. However, there are no sufficient studies that can be used as references for the method to construct transfer support information system related with user's preference. The study performed the research about user's service satisfaction in relation with transfer support information service, which was embodied in model operation process, on the basis of transfer support information system of Intermodal Transfer Center applied to Gimpo Airport. The analysis result about service preference, importance of each supplied information, service satisfaction and consideration for service embodiment can be used as a guideline to embody the user information service of Intermodal Transfer Center. In addition, through CVM, the study estimated and proposed the service valuation of smart intermodal transfer service that provides customized information to cope with user's situation and traffic means operation status among transfer support information service. It is determined that the study will measure the benefit of Intermodal Transfer Center user by using monetary value when smart intermodal transfer service is supplied and provide the ground to expand high-tech transfer information service with high usefulness and convenience.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.1
• /
• pp.153-166
• /
• 2011

Recent trends in mobile device market whose services are rapidly expanding to provide wireless internet access are drawing people's attention to mobile security. Especially, since threats to information leakage are reaching to the critical level due to the frequent interchange of important data such as personal and financial information through wireless internet, various encryption algorithms has been developed to protect them. The encryption algorithms confront the serious threats by the appearance of side channel attack (SCA) which uses the physical leakage information such as timing, and power consumption, though the their robustness to threats is theoretically verified. Against the threats of SCA, researches including the performance and development direction of SCA should precede. Among tile SCA methods, the power analysis (PA) attack overcome this misalignment problem. The conventional methods require large computational power and they do not effectively deal with the delay changes in a power trace. To overcome the limitation of the conventional methods, we proposed a novel alignment method using peak matching. By computer simulations, we show the advantages of the proposed method compared to the conventional alignment methods.

• Journal of the Korea Society for Simulation
• /
• v.30 no.4
• /
• pp.9-19
• /
• 2021

Electronic voting has been recognized as an alternative to complement the limitations of existing paper voting. At the same time, security concerns are being raised. This paper presents a blockchain-based electronic voting and survey system that can guarantee reliability. Our smart contract was created using Solidity on Ethereum which is a blockchain-based distributed computing platform, and the system was implemented in connection with the Javascript based user interface. In addition, in order to protect the personal information of participants, the system is generating hash of the personal data and storing the hash of users for the contract data. Since we exploited different kinds of languages for the system, we derived items of functionality testing and presented the functionality testing result. Moreover, we made use of the Chrome's performance evaluation functionality to see the response time of the blockchain-based system. In addition, we compared the performance with the system which has the same functionality on database. The contribution of this research is design and implementation of blockchain-based electronic voting system and presentation of the functionality and performance simulation result.

• Journal of Broadcast Engineering
• /
• v.28 no.1
• /
• pp.145-148
• /
• 2023

Open-loop Octonion space-time block code for 4 transmit antenna system is considered and random phases are applied to 4 transmit antennas for physical layer security. When an illegal hacker estimates the random phases of 1 through 4 transmit antennas with maximum likelihood (ML), this letter analyzes the bit error rate (BER) performances versus signal-to-noise ratio (SNR). And the Octonion code in the literature[1] does not have full orthogonality so, this letter employs the perfect orthogonal Octonion code. When the hacker knows that the random phases are 2-PSK constellations and he should estimate all the 4 random phases, the hacking is impossible until 100dB. When the hacker possibly know that some of the random phases, bit error rate goes down to 10^-3 so, the transmit message could be hacked.

• Journal of The Korean Association of Information Education
• /
• v.11 no.1
• /
• pp.21-28
• /
• 2007

Along with the development of telecommunication technology, educational role has been considerably changed and NEIS is introduced and operated for the digital educational administration. However, the function of NEIS is so limited when operated in each school. As a result, Korean government prepares the plan to install and operate a new School Affairs System by separating 3 areas from 27 areas of NEIS. School Affairs System has been used in schools since March, 2006. In this regard, this study attempts to analyze the current status and tasks of using the system in elementary schools. The result of the study shows that about 67% teachers use the system once or twice a day. Most of teachers answer that they get help from other teachers if they have any problem in operating the system. Many teachers affirmatively answer to the design and function of the system, and they are satisfied with the convenience and efficiency of the system. However, they feel difficulty to be familiar with the system sue to the frequent change. The importance of electronic certificate and personal information is well recognized and managed in terms of the security of the system. Facilities need to be well equipped, and information exchange system need to be developed to accept each school's request to improve the function of the system. In addition, applicable laws need to be arranged, clear guideline of educational administration agency and principal's strong intention are required to relieve teachers' work load.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.1
• /
• pp.133-146
• /
• 2015

Ever sophisticated e-finance fraud techniques have led to an increasing number of reported phishing incidents. Financial authorities, in response, have recommended that we enhance existing Fraud Detection Systems (FDS) of banks and other financial institutions. FDSs are systems designed to prevent e-finance accidents through real-time access and validity checks on client transactions. The effectiveness of an FDS depends largely on how fast it can analyze and detect abnormalities in large amounts of customer transaction data. In this study we detect fraudulent transaction patterns and establish detection rules through e-finance accident data analyses. Abnormalities are flagged by comparing individual client transaction patterns with client profiles, using the ruleset. We propose an effective flagging method that uses decision trees to normalize detection rules. In demonstration, we extracted customer usage patterns, customer profile informations and detection rules from the e-finance accident data of an actual domestic(Korean) bank. We then compared the results of our decision tree-normalized detection rules with the results of a sequential detection and confirmed the efficiency of our methods.

• Journal of the Korea Convergence Society
• /
• v.12 no.8
• /
• pp.229-243
• /
• 2021

As systematic information protection and management is recognized as an organization's core value, organizations are pursuing a shift from an individual-centered information management method to an organization-oriented information management method. The Enterprise content management system(ECMS) is a solution that supports document security and information sharing by insiders and is being introduced by many organizations due to recent technological developments. The purpose of this study is to present a method of improving performance through continuous use of the ECMS from the user's point of view and also suggest a method to improve the intention of continuous use through the expansion of the technology acceptance model. This study surveyed the employees of organizations that adopted the ECMS and verified the research hypothesis derived from previous studies through structural equation modeling. As a result of the analysis, usefulness, and ease of use affected on the intention of continuous use of the ECMS, and the knowledge sharing culture and the ECMS quality factors affected the technology acceptance model factors. The results of this study have academic and practical significance in terms of suggesting a plan to increase the usability of the ECMS from the user's point of view.

• Journal of radiological science and technology
• /
• v.32 no.3
• /
• pp.335-341
• /
• 2009

Purpose : The medical imaging issuance is changed from conventional film method to Digital Compact Disk solution because of development on IT technology. However other medical record department's are undergoing identification check through and through whereas medical imaging department cannot afford to do that. So, we examine present applicant's recognition of private intelligence safeguard, and medical imaging issuance condition by CD & DVD medium toward various medical facility and then perform comparative analysis associated with domestic and foreign law & recommendation, lastly suggest standard for medical imaging issuance and process relate with internal environment. Materials and methods : First, we surveyed issuance process & required documents when situation of medical image issuance in the metropolitan medical facility by wire telephone between 2008.6.1$\sim$2008.7.1. in accordance with the medical law Article 21$\sim$clause 2, suggested standard through applicant's required documents occasionally - (1) in the event of oneself $\rightarrow$ verifying identification, (2) in the event of family $\rightarrow$ verifying applicant identification & family relations document (health insurance card, attested copy, and so on), (3) third person or representative $\rightarrow$ verifying applicant identification & letter of attorney & certificate of one's seal impression. Second, also checked required documents of applicant in accordance with upper standard when situation of medical image issuance in Kyung-hee university medical center during 3 month 2008.5.1$\sim$2008.7.31. Third, developed a work process by triangular position of issuance procedure for situation when verifying required documents & management of unpreparedness. Result : Look all over the our manufactured output in the hospital - satisfy the all conditions $\rightarrow$ 4 place(12%), possibly request everyone $\rightarrow$ 4 place(12%), and apply in the clinic section $\rightarrow$ 9 place(27%) that does not medical imaging issuance office, so we don't know about required documents condition. and look into whether meet or not the applicant's required documents on upper 3month survey - satisfy the all conditions $\rightarrow$ 629 case(49%), prepare a one part $\rightarrow$ 416 case(33%), insufficiency of all document $\rightarrow$ 226case(18%). On the authority of upper research result, we are establishing the service model mapping for objective reception when image export situation through triangular position of issuance procedure and reduce of friction with patient and promote the patient convenience. Conclusion : The PACS is classified under medical machinery that mean indicates about higher importance of medical information therefore medical information administrator's who already received professional education & mind, are performer about issuance process only and also have to provide under ID checking process exhaustively.