• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.1
• /
• pp.73-81
• /
• 2021

When downloading files using an app or web-based application on the user's mobile phone, the path is set to be saved in the pre-defined default directory. Many applications requiring access to storage, including file managers, require a write or read permission of storage to provide numerous functions and services. This means that the application will have direct access to the download folder where the numerous files downloaded. In this paper, to prove our feasibility of attack using the security vulnerabilities mentioned above, we developed a file hacking function disguised as an encryption function in the file management application. The file that encrypted will be sent to hackers via E-mail simultaneously on the background. The developed application was evaluated from VirusTotal, a malicious analysis engine, was not detected as a malicious application in all 74 engines. Finally, in this paper, we propose a defense technique and an algorithm based on the Trusted Execution Environment (TEE) to supplement these storage vulnerabilities.

• Journal of Radiation Protection and Research
• /
• v.21 no.4
• /
• pp.329-338
• /
• 1996

최근에 우리나라가 공식 회원국으로 가입한 서방 경제협력개발기구(OECD)/원자력기구(NEA) 산하의 방사선 방호 및 보건위원회(CRPPH)에서는 유럽연합(EC)의 전문가그룹과 합동으로 국제방사선방호위원회(ICRP)의 권고 60의 방사선 방호 최적화 원칙에 공식적으로 도입된 이른 바 '선량제약(dose constraint)' 개념에 대한 위원회의 논의 및 검토결과를 OECD/NEA의 공식보고서로 발간하였다. 이 보고서는 선량제약의 개념과 의미를 논리적으로 합리화하기 위하여 발간된 것이다. 선량제약이란 용어와 개념은 새로워 보이지만 실상은 전혀 새로운 것이 아니다. 우리나라에서도 방사선 방호의 실무현장에서 용어나 의미는 조금 다르다 할 수 있어도 이 개념을 부분적으로 적용해왔다고 할 수 있다. 예를 들어, 선량한도 이하의 낮은 선량으로 작업자의 피폭을 제한하기 위하여 도입된 '연간 선량목표치' 또는 '방사성 물질의 방출목표관리치' 등이 여기에 해당될 것이다. 따라서, OECD/NEA의 공식보고서를 번역한 이 해설논문이 국내의 방사선 방호분야에서 활약하고 있는 정책 입안자, 연구자, 규제업무자, 방사선 관리실무자 등 방사선 방호 업무분야의 관련자들에게 도움이 되었으면 한다.

• Journal of Radiation Protection and Research
• /
• v.33 no.2
• /
• pp.77-86
• /
• 2008

This study attempted to provide reference materials for improving the behavior level in radiation safety managements by drawing a prediction model that affects the radiation safety management behavior because the radiation safety management of medical Cyclotrons, which can be used to produce radioisotopes, is an important factor that protects radiation caused diseases not only for radiological operators but average users. In addition, this study obtained follows results through the investigation applied from January 2 to January 30, 2008 for the radiation safety managers employed in 24 authorized organizations, which have already installed Cyclotrons, through applying a specific form of questionnaire in which the validity was guaranteed by reference study, site investigation, and focus discussion by related experts. The radiation safety management were configured as seven steps: Step 1 is a production preparation step, Step 2 is an RI production step, Step 3 is a synthesis step, Step 4 is a distribution step, Step 5 is a quality control step, Step 6 is a carriage container packing step, and Step 7 is a transportation step. it was recognized that the distribution step was the most exposed as 15 subjects (62.5%), the items of 'the sanction and permission related works' and 'the guarantee of installation facilities and production equipments' were the most difficult as 9 subjects (37.5%), and In the trouble steps in such exposure, the item of 'the synthesis and distribution' steps were 4 times, respectively (30.8%). In the score of the behavior level in radiation safety managements, the minimum and maximum scores were 2.42 and 4.00, respectively, and the average score was $3.46{\pm}0.47$ out of 4. Prosperity and well-being programs in the behavior and job in radiation safety managements (r=0.529) represented a significant correlation statistically. In the drawing of a prediction model based on the factors that affected the behavior in radiation safety managements, general characteristics, organization characteristics, and selfefficacy didn't show a significant path statistically in which the prosperity and well-being programs in job characteristics affected the behavior in radiation safety managements. Therefore, it is necessary to establish a strategy that improves the level of prosperity and well-being levels in job characteristics in order to increase the behavior in radiation safety managements. Thus, this study provides basic materials for the radiation safety management of Cyclotron through the full-scale investigation that is first applied in Korea.

• Journal of Internet Computing and Services
• /
• v.5 no.5
• /
• pp.49-60
• /
• 2004

Information Warfare(IW), a new aspect of war, is the field centralized the concern and research in the information security and national security, Both the defense and the offensive are important in the next generation IW, and so we need to do the various research to secure the network and system for gaining the superiority of IW. This paper proposes a model for IW based on software cruise to prepare the IW that is changing the offensive aspect. Software cruise is defined as a behavior of computer programs that travel toward specific destination from a source through the network. The proposed model have the cruise property and uses the cybermap to cruise toward the destination chosen in advance. Also, while self-movement, the model can function the predefined task.

• Journal of Advanced Navigation Technology
• /
• v.13 no.6
• /
• pp.884-893
• /
• 2009

Recently, malicious attacks for Windows operate through Window API hooking in the Windows Kernel. This paper presents the API hooking attack and protection techniques based on Windows kernel. Also this paper develops a detection tool for Windows API hooking that enables to detect dll files which are operated in the kernel. Proposed tool can detect behaviors that imports from dll files or exports to dll files such as kernel32.dll, snmpapi.dll, ntdll.dll and advapidll.dll, etc.. Test results show that the tool can check name, location, and behavior of API in testing system.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.10a
• /
• pp.947-950
• /
• 2014

The recent APT attacks including cyber terror are caused by a high level of malicious codes and hacking techniques. This implies that essentially, advanced security management is required, from the perspective of 5A. The changes of IT environment are represented by Mobile, Cloud and BYOD. In this situation, the security model needs to be changed, too into the Airport model which emphasizes prevention, and connection, security and integration of functions from the existing Castle model. This study suggested an application method of the risk-based Airport model to the cyber security environment.

• The Journal of the Korea Contents Association
• /
• v.12 no.3
• /
• pp.190-205
• /
• 2012

The purpose of the paper is to provide policy suggestions for effectively tackling subway crimes, based on the UK and USA's crime control strategies and systems of subway crimes. The paper attempts to analyze the characteristics of subway crimes in Seoul Subways, and discovers that many of the crimes on the subways are basically 'opportunistic' crimes. In particular, crime statistics of Seoul Subways clearly show that sexual-related crimes are on the sharp increase. In this context, it is of great essence that official vigilance functions should be strengthened in order to eliminate crime opportunities in Seoul Subways. Based on such an analysis - in particular, focusing on official surveillance and response capabilities of subway passengers - the paper finally presents policy recommendations as follows: 1) an increase in the number of police officers of the Subway Police Squad, 2) an increase in the number of CCTV cameras and their effective use, 3) the development of subway riders' defence abilities, 4) strong law enforcement against minor disorder offences based on zero-tolerance policing, and 5) the reinforcement of community partnerships.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.1
• /
• pp.55-63
• /
• 2006

Recently, there is much abnormal traffic driven by several worms, such as Nimda, Code Red, SQL Stammer, and so on, making badly severe damage to networks. Meanwhile, diverse prevention schemes for defeating abnormal traffic have been studied in the academic and commercial worlds. In this paper, we present the structure of a stepwise intrusion prevention system that is designed with the feature of putting limitation on the network bandwidth of each network traffic and dropping abnormal traffic, and then compare the proposed scheme with a pre-existing scheme, which is a True/False based an anomaly prevention scheme for several worm-patterns. There are two criteria for comparison of the schemes, which are Normal Traffic Rate (NTR) and False Positive Rate (FPR). Assuming that the abnormal traffic rate of a specific network is $\beta$ during a predefined time window, it is known that the average NTR of our stepwise intrusion prevention scheme increases by the factor of (1+$\beta$)/2 than that of True/False based anomaly prevention scheme and the average FPR of our scheme decrease by the factor of (1+$\beta$)/2.

• Convergence Security Journal
• /
• v.20 no.1
• /
• pp.41-47
• /
• 2020

In the corporate information system environment, detecting and controlling suspicious behaviors occurring at the end point of the actual business application is the most important area to secure the organization's business environment. In order to accurately detect and block threats from inside and outside, it is necessary to be able to monitor all areas of all terminals in the organization and collect relevant information. In other words, in order to maintain a secure business environment of a corporate organization from the constant challenge of malicious code, everything that occurs in a business terminal such as a PC beyond detection and defense-based client security based on known patterns, signatures, policies, and rules that have been universalized in the past. The introduction of an EDR solution to enable identification and monitoring is now an essential element of security. In this study, we will look at the essential functions required for EDR solutions, and also study the design and development plans of smart EDR systems based on active and proactive detection of security threats.

• Industry Promotion Research
• /
• v.9 no.2
• /
• pp.127-135
• /
• 2024

This study is an instrumental case study based on a theoretical proposition on animal phobia as a single case, Six categories were derived for the purpose of psychological analysis of the father of a female research participant suffering from the earthworm phobia. They are 'a fearful existence', 'problems with the woman who is always by her father's side', 'secret adultery and shock', 'fear of punishment', 'symbol for earthworm and fear displacement', and 'earthworm phobia'. Anxiety about punishment from a fearful father was the cause of the phobia. For the study participant, the earthworm phobia was the displacement of her father's fear of earthworm, and the earthworm phobia was interpreted as a substitute for her father. In other words, earthworm phobia should be understood as an escape and defense process as it replaces the re-emergence of long-repressed fearful feeling toward her father, and its symbolism can be seen as a metaphorical transformation of the pathological family atmosphere.