• Convergence Security Journal
• /
• v.23 no.2
• /
• pp.47-54
• /
• 2023

The global popularity of K-content(Korean Wave) has led to a continuous increase in copyright infringement cases involving domestic works, not only within the country but also overseas. In response to this trend, there is active research on technologies for detecting illegal distribution sites of domestic copyrighted materials, with recent studies utilizing the characteristics of domestic illegal distribution sites that often include a significant number of advertising banners. However, the application of detection techniques similar to those used domestically is limited for overseas illegal distribution sites. These sites may not include advertising banners or may have significantly fewer ads compared to domestic sites, making the application of detection technologies used domestically challenging. In this study, we propose a detection technique based on the similarity comparison of links and text trees, leveraging the characteristic of including illegal sharing posts and images of copyrighted materials in a similar hierarchical structure. Additionally, to accurately compare the similarity of large-scale trees composed of a massive number of links, we utilize Graph Neural Network (GNN). The experiments conducted in this study demonstrated a high accuracy rate of over 95% in classifying regular sites and sites involved in the illegal distribution of copyrighted materials. Applying this algorithm to automate the detection of illegal distribution sites is expected to enable swift responses to copyright infringements.

• Journal of the Korea Society of Computer and Information
• /
• v.10 no.5 s.37
• /
• pp.217-226
• /
• 2005

In today's cyberworld, network performance is affected not only by an increased demand for legitimate content request, but also by an increase in malicious activity. In this Paper, we research that network performance was affected by an increase in malicious Hacker who make DoS Attack, DDoS Attack, SYN Flooding, IP Spoofing, etc. in using TCP/IP. We suggest that Packet filtering in Network Level, Gateway Level, Application Level against to Protect by Hacker's attack. Also, we suggest that content distribution in Web Server approaches to mitigate Hacker's activity using Cache Sever, Mirror Sever, CDN. These suggests are going to use useful Protection methode of Hacker's attack.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.14 no.6
• /
• pp.63-67
• /
• 2014

A distributed zero-beamforming based cooperative jamming technique is useless when an eavesdropper detects the sharing seed. In addition, the currently alternatives are very limited when the eavesdropper is located nearby a source for wiretapping. This letter presents a solution to this extreme case. Relay randomly generates and transmits a binary jamming message to both source and destination in the first phase. When these two receivers securely and correctly decode the message, the source creates and transmits another message based on the use of exclusive-or for its information message and the decoded message. Consequently, the next transmission can avoid the eavesdropping.

• Journal of Digital Convergence
• /
• v.14 no.7
• /
• pp.185-191
• /
• 2016

Recently, various medical services are provided with the advance of IT. However, there is a problem that a third party would exploit medical information when the information is sent and received through wired or wireless connection. In this paper, a patient information management scheme using group index information for the third party not to illegally exploit a patient's medical information without his consent is proposed. This proposed scheme creates index information in each hierarchical level to be used with access information so that not only medical staff can have access to patient's medical information hierarchically but also it can manage access level in groups. The scheme aims to enable the medical staff to minimize the time spent to analyze the type of disease and to prescribe for it so that they can improve patients' satisfaction. Plus, the scheme aims to improve work efficiency by minimizing the medical staff's workload according to the authority to access patients' medical information.

• The KIPS Transactions:PartC
• /
• v.18C no.3
• /
• pp.157-166
• /
• 2011

The virtualization layer is executed in higher authority layer than kernel layer and suitable for monitoring operating systems. However, existing virtualization monitoring systems provide simple information about the usage rate of CPU or memory. In this paper, the monitoring system using full virtualization technique is proposed, which can monitor virtual machine's dynamic kernel object as memory, register, GDT, IDT and system call table. To verify the monitoring system, the proposed system was implemented based on KVM(Kernel-based Virtual Machine) with full virtualization that is directly applied to linux kernel without any modification. The proposed system consists of KvmAccess module to access KVM's internal object and API to provide other external modules with monitoring result. In experiments, the CPU utilization for monitoring operations in the proposed monitering system is 0.35% when the system is monitored with 1-second period. The proposed monitoring system has a little performance degradation.

• Journal of the Korea Society of Computer and Information
• /
• v.29 no.1
• /
• pp.111-119
• /
• 2024

In this paper, we propose a big data platform that can collect information from various sources collected at ocean. Currently operating ocean-related big data platforms are focused on storing and sharing created data, and each data provider is responsible for data collection and preprocessing. There are high costs and inefficiencies in collecting and integrating data in a marine environment using communication networks that are poor compared to those on land, making it difficult to implement related infrastructure. In particular, in fields that require real-time data collection and analysis, such as weather information, radar and sensor data, a number of issues must be considered compared to land-based systems, such as data security, characteristics of organizations and ships, and data collection costs, in addition to communication network issues. First, this paper defines these problems and presents solutions. In order to design a big data platform that reflects this, we first propose a data source, hierarchical MEC, and data flow structure, and then present an overall platform structure that integrates them all.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.12
• /
• pp.157-167
• /
• 2009

Recently, the leakage of confidential information and personal information is taking place on the Internet more frequently than ever before. Most of such online security incidents are caused by attacks on vulnerabilities in web applications developed carelessly. It is impossible to detect an attack on a web application with existing firewalls and intrusion detection systems. Besides, the signature-based detection has a limited capability in detecting new threats. Therefore, many researches concerning the method to detect attacks on web applications are employing anomaly-based detection methods that use the web traffic analysis. Much research about anomaly-based detection through the normal web traffic analysis focus on three problems - the method to accurately analyze given web traffic, system performance needed for inspecting application payload of the packet required to detect attack on application layer and the maintenance and costs of lots of network security devices newly installed. The UTM(Unified Threat Management) system, a suggested solution for the problem, had a goal of resolving all of security problems at a time, but is not being widely used due to its low efficiency and high costs. Besides, the web filter that performs one of the functions of the UTM system, can not adequately detect a variety of recent sophisticated attacks on web applications. In order to resolve such problems, studies are being carried out on the web application firewall to introduce a new network security system. As such studies focus on speeding up packet processing by depending on high-priced hardware, the costs to deploy a web application firewall are rising. In addition, the current anomaly-based detection technologies that do not take into account the characteristics of the web application is causing lots of false positives and false negatives. In order to reduce false positives and false negatives, this study suggested a realtime anomaly detection method based on the analysis of the length of parameter value contained in the web client's request. In addition, it designed and suggested a WAF(Web Application Firewall) that can be applied to a low-priced system or legacy system to process application data without the help of an exclusive hardware. Furthermore, it suggested a method to resolve sluggish performance attributed to copying packets into application area for application data processing, Consequently, this study provide to deploy an effective web application firewall at a low cost at the moment when the deployment of an additional security system was considered burdened due to lots of network security systems currently used.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.8
• /
• pp.1588-1596
• /
• 2015

In the Internet of Things (IoT), resource-constrained devices such as sensors are capable of communicating and exchanging data over the Internet. The IETF standard group has specified an application protocol CoAP, which uses UDP as a transport protocol, allows such a lightweight device to transmit data. Also, the IETF recommended the DTLS binding for securing CoAP. However, additional features should be added to the DTLS protocol to resolve several problems such as packet loss, reordering, fragmentation and replay attack. Consequently, performance of DTLS is worse than TLS. It is highly required for lightweight devices powered by small battery to design and implement a security protocol in an energy efficient manner. This paper thus discusses about DTLS performance in the perspective of energy consumption. To analyze the performance, we implemented IEEE 802.15.4 based test network consisting of constrained sensor devices in the Cooja simulator. We measured energy consumptions required for each of DTLS client and server in the test network. This paper compares the energy consumption and amount of transmitted data of each flight of DTLS handshake, and the processing and receiving time. We present the analyzed results with regard to code size, cipher primitive and fragmentation as well.

• The KIPS Transactions:PartC
• /
• v.16C no.2
• /
• pp.165-182
• /
• 2009

Mobile IPv6 spends considerable bandwidth considering that its signal volume is proportional to the mobile and also it should be strengthened to support the binding signal volume, the traffic, and effective mobility. So, the study in NEMO(Network Mobility), an extended version of Mobile IPv6, has been conducted. NEMO provides its mobility by putting several mobiles and more than one portable router into one unit called as mobile network. Because nodes access Internet via the portable router at this time, it receives transparency without any additional work and that much reduces binding signal while solving binding storm. By supporting mobility, NEMO is able to have various mobile structures which realize several networks hierarchically and it is necessary to improve its safety and security by authenticating among the upper networks or the lower ones while moving. Also, it is extremely required to begin a study in the device to improve efficiency accompanied with mobility, which is executed by the fast hand-off as well as the safe authentication. For those reasons, this paper not only classifies various NEMO mobile scenarios into 7 ways, but also provides AAA authentication of each scenario, the authentication through the safety authentication and fast handoff authentication using F+HMIPv6 and the way to reduce both signaling volume and packet delays efficiently during the handoff.

• Convergence Security Journal
• /
• v.14 no.6_2
• /
• pp.35-44
• /
• 2014

Private Security Guard Certification Exam that initiated as the eligibility of private in 2006, has been requested more fulfilling management because that becomes to be recognized at the national certified qualification system in 2013. The findings of this study were as follows: First, it is necessary to expand more exemptions, currently some are mainly police officers. Secondly, it is needed to make to announce the final successful candidates through the opposition proceedings by publishing assumptions answer of the problem and by improving the procedure for determining the successful candidates, and so forth.