• The Journal of the Korea Contents Association
• /
• v.20 no.2
• /
• pp.15-26
• /
• 2020

Secure boot is security technology that verifies the integrity of the computer system in boot stage and controls the boot process accordingly. The computer system can establish a secure execution environment from the threat of various malwares by security boot and also supports the recovery when system in emergency case. Recently, Secure boot has been adopted by various modern computer manufacturers to protect users' information from hacker attacks and to prevent abuse of their products by malicious users. In this paper, we classify security boot developed by various companies and organizations by platform, and analyze the design and development purpose of each security boot and investigate the limitation of design. It can be used as a reference for system security designers in various information of security boot development method and security design of system.

• The Journal of the Korea Contents Association
• /
• v.9 no.3
• /
• pp.28-38
• /
• 2009

Login process uses both ID and password information to authenticate someone and to permit its access privilege on system. However, an attacker can get those ID and password information by using existing packet sniffing or key logger programs. It cause privacy problem as those information can be used as a hacking and network attack on web server and web e-mail system. Therefore, a more secure and advanced authentication mechanism should be required to enhance the authentication process on existing system. In this paper, we propose a multi-factor authentication process by using software form of secure card system combined with existing ID/Password based login system. Proposed mechanism uses a random number generated from the his/her own handset with biometric information. Therefore, we can provide a one-time password function on web login system to authenticate the user using multi-factor form. Proposed scheme provide enhanced authentication function and security because it is a 'multi-factor authentication mechanism' combined with handset and biometric information on web login system.

• Journal of Internet Computing and Services
• /
• v.14 no.3
• /
• pp.15-21
• /
• 2013

Due to the widespread propagation of mobile platforms such as smartphones and tablets, financial and e-commercial transactions based on these mobile platforms are growing rapidly. Unlike PCs, almost all mobile platforms do not provide physical keyboards or mice but provide virtual keypads using touchscreens. For this reason, an attacker attempts to obtain the coordinates of touches on the virtual keypad in order to get actual key values. To tackle this vulnerability, financial applications for mobile platforms use secure keypads, which change position of each key displayed on the virtual keypad. However, these secure keypads cannot protect users' private information more securely than the virtual keypads because each key has only 2 or 3 positions and moreover its probability distribution is not uniform. In this paper, we analyze secure keypads used by the most financial mobile applications, point out the limitation of the previous research, and then propose a more general and accurate attack method on the secure keypads.

• Journal of KIISE:Computer Systems and Theory
• /
• v.33 no.8
• /
• pp.524-535
• /
• 2006

With rapid development of Internet technology, business management in an organization or an enterprise depends on Internet-based technology for the most part. Furthermore, as dependency and cohesiveness of network in the communication facilities are increasing, cyber attacks have been increased against vulnerable resource in the information system. Hence, to protect private information and computer resource, research for damage propagation is required in this situation. However the proposed traditional models present just mechanism for risk management, or are able to be applied to the specified threats such as virus or worm. Therefore, we propose the probabilistic model of damage propagation based on the Markov process, which can be applied to diverse threats in the information systems. Using the proposed model in this paper, we can predict the occurrence probability and occurrence frequency for each threats in the entire system.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.2
• /
• pp.109-117
• /
• 2010

Digital watermarking has drawn extensive attention for protecting digital contents from unauthorized copying. This paper proposes a new watermarking scheme in frequency domain for copyright protection of digital audio. In our proposed watermarking system, the original audio is segmented into non-overlapping frames. Watermarks are then embedded into the selected prominent peaks in the magnitude spectrum of each frame. Watermarks are extracted by performing the inverse operation of watermark embedding process. Simulation results indicate that the proposed scheme is robust against various kinds of attacks such as noise addition, cropping, resampling, re-quantization, MP3 compression, and low pass filtering. Our proposed watermarking system outperforms Cox's method in terms of imperceptibility, while keeping comparable robustness with the Cox's method. Our proposed system achieves SNR (signal-to-noise ratio) values ranging from 20 dB to 28 dB. This is in contrast to Cox's method which achieves SNR values ranging from only 14 dB to 23 dB.

• Journal of the Korean Society for Railway
• /
• v.12 no.5
• /
• pp.641-648
• /
• 2009

Concrete structures become more common in railway systems with an advancement of high speed train technologies. As the service life of concrete structures increases, structural strengthening for concrete structures may be necessary. There are several typical strengthening techniques using steel plate and fiber reinforced polymer (FRP) materials, which have their own inherent shortcomings. In order to enhance greater durability and resistance to fire and other environmental attacks, basalt fiber material attracts engineer's attention due to its characteristics. This study investigates bonding performance of basalt fiber sheet as a structural strengthening material. Experimental variables include bond width, length and number of layer. From the bonding tests, there were three different types of bonding failure modes: debonding, rupture and rip-off. Among the variables, bond width indicated more significant effect on bonding characteristics. In addition the bond length did not contribute to bond strength in proportion to the bond length. Hence this study evaluated effective bond length and effective bond strength. The effective bond strength was compared to those suggested by other researches which used different types of FRP strengthening materials such as carbon FRP.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.43 no.2 s.308
• /
• pp.81-92
• /
• 2006

This paper proposes a robustness watermarking for 3D mesh model based on projection onto convex sets (POCS). After designing the convex sets for robustness and invisibility among some requirements for watermarking system, a 3D-mesh model is projected alternatively onto two constraints convex sets until the convergence condition is satisfied. The robustness convex set are designed for embedding the watermark into the distance distribution of the vertices to robust against the attacks, such as mesh simplification, cropping, rotation, translation, scaling, and vertex randomization. The invisibility convex set are designed for the embedded watermark to be invisible. The decision values and index that the watermark was embedded with are used to extract the watermark without the original model. Experimental results verify that the watermarked mesh model has invisibility and robustness against the attacks, such as translation, scaling, mesh simplification, cropping, and vertex randomization.

• The Journal of Korean Institute of Electromagnetic Engineering and Science
• /
• v.26 no.4
• /
• pp.404-413
• /
• 2015

The target classification for ballistic target(BT) is one of the most critical issues of ballistic defence mode(BDM) in multi-function radar(MFR). Radar responds to the target according to the result of classifying BT and air breathing target(ABT) on BDM. Since the efficiency and accuracy of the classification is closely related to the capacity of the response to the ballistic missile offense, effective and accurate classification scheme is necessary. Generally, JEM(Jet Engine Modulation), HRR(High Range Resolution) and ISAR(Inverse Synthetic Array Radar) image are used for a target classification, which require specific radar waveform, data base and algorithms. In this paper, the classification method that is applicable to a MFR system in a real environment without specific waveform is proposed. The proposed classifier adopts kinematic data as a feature vector to save radar resources at the radar time and hardware point of view and is implemented by fuzzy logic of which simple implementation makes it possible to apply to the real environment. The performance of the proposed method is verified through measured data of the aircraft and simulated data of the ballistic missile.

• Journal of Digital Convergence
• /
• v.11 no.7
• /
• pp.215-223
• /
• 2013

As cloud computing is activated, a variety of cloud services are being distributed. However, to use each different cloud service, you must perform a individual user authentication process to service. Therefore, not only the procedure is cumbersome but also due to repeated authentication process performance, it can cause password exposure or database overload that needs to have user's authentication information each cloud server. Moreover, there is high probability of security problem that being occurred by phishing attacks that result from different authentication schemes and input scheme for each service. Thus, when you want to use a variety of cloud service, we proposed OpenID based user authentication scheme that can be applied to a multi-cloud environment by the trusted user's verify ID provider.

• Journal of Digital Convergence
• /
• v.17 no.12
• /
• pp.235-241
• /
• 2019

The structure of the IoT can be divided into devices, gateways, and servers. First, the gateway collects data from the device, and the gateway sends data to the server through HTTP protocol, Websocket protocol, and MQTT protocol. The processing server then processes, analyzes, and transforms the data, and the database makes it easy to store and use this data. These IoT services are basically centralized structures with servers, so attacks on the entire platform are concentrated only on the central server, which makes hacking more successful than distributed structures. One way to solve this problem is to develop IoT that combines blockchain. Therefore, the proposed research suggests that the blockchain is a distributed structure, in which blocks containing small data are connected in a chain form, so that each node agrees and verifies the data with each other, thereby increasing reliability and lowering the probability of data forgery.