• Journal of the Korea Society of Computer and Information
• /
• v.19 no.10
• /
• pp.107-115
• /
• 2014

In recent years, large companies and public institutions in the Smartphone business purposes has been used a lot. Personal Smartphone are worried about security of personal information only. But if you are a corporate or business purposes requires a more cautious approach. It can destroy an organization's network to hack Smartphones have very serious damage. For this purpose, the existing solution, and try to solve security issues with MDM or MAM. However, Smartphone users discomfort and there is a limit of organizational control. In this paper, we can propose with these issues more broadly would like to suggest. Secure mobile traffic management system enables companies or agencies the ease for users to use a Smartphone. And, for organizations that provide smart phones are more powerful and can provide a means of control. In addition, wired/wireless integration and security measures that can provide new services to offer.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.3
• /
• pp.591-603
• /
• 2018

Windows Event Log is a format that records system log in Windows operating system and methodically manages information about system operation. An event can be caused by system itself or by user's specific actions, and some event logs can be used for corporate security audits, malware detection and so on. In this paper, we choose actions related to corporate security audit and malware detection (External storage connection, Application install, Shared folder usage, Printer usage, Remote connection/disconnection, File/Registry manipulation, Process creation, DNS query, Windows service, PC startup/shutdown, Log on/off, Power saving mode, Network connection/disconnection, Event log deletion and System time change), which can be detected through event log analysis and classify event IDs that occur in each situation. Also, the existing event log tools only include functions related to the EVTX file parse and it is difficult to track user's behavior when used in a forensic investigation. So we implemented new analysis tool in this study which parses EVTX files and user behaviors.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.5
• /
• pp.937-941
• /
• 2016

This paper proposed an efficient multiple TCP mechanism using Android smartphones for remote control video Wi-Fi stream transmission via network communications in real time. The wireless video stream transmission mechanism can be applied in various area such as real time server stream transmissions, movable drones, disaster robotics and real time security monitoring systems. Moreover, we urgently need to transmit data in timely fashion such as medical emergency, security surveillance and disaster prevention. Our parallel TCP transmission system can play an important role in several area such as real time server stream transmissions, movable drones, disaster robotics and real time security monitoring systems as mentioned in the previous sentence. Therefore, we designed and implemented a parallel TCP transmission (parallel stream) for an efficient real time video streaming services. In conclusion, we evaluated proposed mechanism using parallel TCP transmission under various environments with performance analysis.

• Journal of KIISE:Computing Practices and Letters
• /
• v.15 no.11
• /
• pp.861-865
• /
• 2009

As the hospital environment has been increasingly changed into a ubiquitous environment, the application services for the hospital environment are also faced with new requirements. In particular, the emergence of various mobile devices and the introduction of a wireless sensor network technology have accelerated the realization of the u-healthcare. The multi-agent paradigm has been introduced for satisfying both the integration of information and the various application scenarios established from various environments. This paper describes the software structure and u-applications for u-hospital information system based on ubiquitous environments. And it suggested the construction of a multi agent based distributed framework for supporting u-hospital information system. The suggested framework includes the JADE and distributed object group framework. And it implemented u-application services for supporting doctors and nurses, which provides the patient's health information and ward environment information. Especially, it is using a dynamic security mechanism on the security situation, which has not been emphasized in existing researches, and this paper shows the results for each user through the GUI.

• KIISE Transactions on Computing Practices
• /
• v.23 no.8
• /
• pp.504-509
• /
• 2017

Preserving the integrity of the booting process is important. Recent rootkit attacks and subverting OS attacks prove that any post-OS security mechanism can be easily circumvented if the booting process is not properly controlled. Using an actual case as an example, the hacker of the Se-jong government office simply bypassed the user's password authentication by compromising the normal booting process. This paper analyzes existing pre-OS protection using secure boot and measured boot, and proposes another bootloader that overcomes the limitations. The proposed bootloader not only guarantees the integrity of all the pre-OS binaries, bootloaders, and kernel, it also makes explicit records of integrity in the booting process to the external TPM device, so that we can track modifications of BIOS configurations or unintended booting process modifications.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.20 no.4
• /
• pp.81-86
• /
• 2020

With the development of the intelligent Internet of Things AIoT that goes beyond the IoT of the Internet of Things, the industry is changing overall. In addition, with the advent of the 4th Industrial Revolution, revolutionary changes and developments are also taking place in the automobile industry. A representative example is "autonomous driving vehicle". Because the domestic and foreign interests in autonomous vehicles have increased, many developments have been made, and although limited, they have developed into the commercialization stage. However, the structure of the autonomous vehicle that collects, analyzes, and controls data using various sensors installed in the vehicle, not the driver, is often insufficiently exposed to hacking due to the lack of multiplexed devices for security. In this case, as this can be a threat not only to the driver, but also to the surrounding environment, this paper proposes a new data processing function to improve the system security of autonomous vehicles.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.05a
• /
• pp.327-330
• /
• 2017

In recent years, Drone(lightweight unmanned aerial vehicle) is used for broadcast shooting, disaster scene, leisure, observation and military purposes. However, as the use of drones increases the threat of hacking is also rising. Especially when a flying drone is seized, a dangerous situation can occur which is abused regardless of the driver's intention. Already in Iran and China, there is a case of hacking and stealing the drones of other countries under reconnaissance. In this paper, we analyze the security vulnerabilities of Wi-Fi and Bluetooth communication in wireless network which are used in drones for stealing the commercial drones. The results provide a countermeasure to safeguard the drones against attempts by the unauthorized attacker to take out the drones.

• Convergence Security Journal
• /
• v.15 no.5
• /
• pp.3-8
• /
• 2015

Most mobile cloud computing system use public key cryptography to provide data security and mutual authentication. A variant of traditional public key technologies called Identity-Based Cryptography(IBC) has recently received considerable attention. The certificate-free approach of IBC may well match the dynamic qualities of cloud environment. But, there is a need for a lightweight secure framework that provides security with minimum processing overhead on mobile devices. In this paper, we propose to use hierarchical ID-Based Encryption in mobile cloud computing. It is suitable for a mobile network since it can reduce the workload of root Public Key Generators by delegating the privilege of user authentication and private key generation. The Identity-Based Encryption and Identity-Based Signature are also proposed and an ID-Based Authentication scheme is presented to secure data processing. The proposed scheme is designed by one-way hash functions and XOR operations, thus has low computation costs for mobile users.

• Convergence Security Journal
• /
• v.19 no.3
• /
• pp.71-79
• /
• 2019

The demand of smart cars is increasing rapidly. International stand organize such as 3GPP and 5GAA are proposing standard communication protocvols for connected-car, and automotive network infrastructure. But Smart car network have many security threats and more dangerous against the existed wire communication network. Typically, peripheral devices of a smart car may disguise their identity and steal location information and personal information about the vehicle. In addition, the infrastructure elements around smart cars can conspire and put driving cars in danger, threatening lives. This is a very serious security threat. Therefore, in order to solve these problems, we proposed a system that is secure from collusion and tampering attacks using attribute-based authorize delegation method and threshold encryption algorithms. We have demonstrated using a semantic safety model that the proposed system can be safe from collusion attack.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.3
• /
• pp.379-388
• /
• 2020

As the use of credit cards increases, security threats increase. In particular, despite being vulnerable to related crimes, such as fraudulent use of credit cards and theft of names, there are virtually no security procedures to authenticate the validity of user while paying with the credit card. In order to overcome these limitations of current credit card payments, we add a process of signing payment using a stylus pen with built-in acceleration sensor in the existing transaction method, and classifying and comparing the image of the signature and signature information measured by the sensor through the convolutional neural network. we propose a method to improve security in financial transactions by performing the user authentication process through the possession of the stylus pen and the characteristic values of the signature.