• Journal of IKEEE
• /
• v.24 no.2
• /
• pp.665-668
• /
• 2020

When a node in automotive CAN bus is hacked, such node should be blocked to prevent severe danger in the car. In order to do that, such node should be uniquely identified. However, there is no way to identify individual nodes in a CAN bus. In this paper, a physical layer security method is proposed where individual nodes are identified by assigning unique ID to the nodes during booting process. The proposed method was implemented in a CAN controller using Verilog HDL, and it is verified that the node ID auto-setting and internal attack defense are successfully performed.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.05a
• /
• pp.425-426
• /
• 2017

Ransomware has caused a lot of damage by attacking disks of government agencies, financial institutions and corporations. This has been exploited for monetary damages and Taking personal information. In this paper, we describe the NTFS. Also describe Petya as the example of Ransomware. We used forensic techniques to analyze post-infection status and describes the method for MBR area recovery.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.10 no.9
• /
• pp.2300-2305
• /
• 2009

Recently, Telecommunication companies have introduced a new network architecture that assigns network resources consistent and protects their systems more secure. Now, they provide multimedia services through various types of access networks. In this study, I'd like to introduce IP address assignment method based on the Dynamic Host Configuration Protocol (DHCP) and find out how success or failure of Ip address assignment will be taken place according to the booting order of xDSL modem, AP and PC.

• Journal of the Korea Society of Computer and Information
• /
• v.19 no.12
• /
• pp.123-132
• /
• 2014

In this paper, we study the verification techniques for OS integrity that can be more fatal than applications in case of security issues. The dissemination of smartphones is rapidly progressing and there are many similarities of smartphones and PCs in terms of security risks. Recently, in mobile network environment, there is a trend of increasing damages and now, there are active researches on a system that can comprehensively respond to this. As a way to prevent these risks, integrity checking method on operation system is being researched. As most integrity checking algorithms are classified by verification from the levels before booting the OS and at the time of passing on the control to the OS, in which, there are minor differences in the definitions of integrity checking or its methods. In this paper, we suggests the integrity verification technique of OS using a boot loader and a physically independent storing device in the mobile device.

• Journal of Platform Technology
• /
• v.11 no.2
• /
• pp.39-53
• /
• 2023

Non-installation program (hereinafter referred to as "portable program") is a program that can be used without an installation process, unlike general software. Since there is no separate installation process, portable programs have high mobility and are used in various ways. For example, when initial setup of multiple PCs is required, a portable program can be stored on one USB drive to perform initial setup. Alternatively, when a problem occurs with the PC and it is difficult to boot normally, Windows PE can be configured on the USB drive and portable programs can be stored for PC recovery. And the portable program does not directly affect PC settings, such as changing registry values, and does not leave a trace. This means that the portable program has high security. If a portable program is deleted after using it, it is difficult to analyze behavior in a general way. If a user used a portable program for malicious behavior, analysis in a general way has limitations in collecting evidence. Therefore, portable programs must have a new way of behavioral analysis that is different from ordinary installation software. In this paper, after installing the Windows 10 operating system on a virtual machine, we proceed with the scenario with a portable program of Opera and Notepad++. And we analyze this in various ways such as file analysis of the operating system and memory forensics, collect information such as program execution time and frequency, and conduct specific behavioral analysis of user.