• Journal of Digital Convergence
• /
• v.20 no.5
• /
• pp.637-642
• /
• 2022

Self-authentication technology using electrocardiogram (ECG) signals is drawing attention as a self-authentication technology that can replace existing bio-authentication. A device that recognizes a digital electronic key can be mounted on a vehicle to wirelessly exchange data with a car, and a function that can lock or unlock a car door or start a car by using a smartphone can be controlled through a smartphone. However, smart keys are vulnerable to security, so smart keys applied with bio-authentication technology were studied to solve this problem and provide driver convenience. A personal authentication algorithm using electrocardiogram was mounted on a watch-type wearable device to authenticate bio, and when personal authentication was completed, it could function as a smart key of a car. The certification rate was 95 per cent achieved. Drivers do not need to have a smart key, and they propose a smart key as an alternative that can safely protect it from loss and hacking. Smart keys using personal authentication technology using electrocardiogram can be applied to various fields through personal authentication and will study methods that can be applied to identification devices using electrocardiogram in the future.

• Journal of the Institute of Convergence Signal Processing
• /
• v.23 no.2
• /
• pp.91-96
• /
• 2022

At the current camera-based technology level, sensor-based basic life pattern recognition technology has to suffer inconvenience to obtain accurate data, and commercial band products are difficult to collect accurate data, and cannot take into account the motive, cause, and psychological effect of behavior. the current situation. In this paper, radar technology for life pattern recognition is a technology that measures the distance, speed, and angle with an object by transmitting a waveform designed to detect nearby people or objects in daily life and processing the reflected received signal. It was designed to supplement issues such as privacy protection in the existing image-based service by applying it. For the implementation of the proposed system, based on TI IWR1642 chip, RF chipset control for 60GHz band millimeter wave FMCW transmission/reception, module development for distance/speed/angle detection, and technology including signal processing software were implemented. It is expected that analysis of individual life patterns will be possible by calculating self-management and behavior sequences by extracting personalized life patterns through quantitative analysis of life patterns as meta-analysis of living information in security and safe guards application.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.12
• /
• pp.169-180
• /
• 2009

Generally home networks are based on wired network and wireless network. This makes customers be capable of using electric home appliances and full-duplex multimedia services and controlling the machines without any restrictions of place or time. Now that the scope of home security is being extended, the home networks can be formed with not only personal computer but also home automation, electric home appliances, and etc. But this causes many of attacks of invasion and damages. Therefore in this paper we suggest the SSIP(Secure Session Initiate protocol) model for solving those problems. The SSIP model is able to provide an efficient authentication and reduce the time of session re-establishment and set-up by adding ability of SIP authentication to Cluster-to-Cluster environment performed on home gateway.

• Journal of IKEEE
• /
• v.27 no.4
• /
• pp.548-555
• /
• 2023

With the advancement of the internet, the use of personal information in online interactions has increased, underscoring the significance of data protection. Breaches of personal data due to unauthorized access can result in psychological and financial damage to individuals, and may even enable wide-ranging societal attacks aimed at those associated with the victims. In response to such threats, there is active research into security measures using blockchain to safeguard personal information. This study proposes a system that uses middleware and IAM (Identity and Access Management) services to protect personal information in a BaaS (Blockchain as a Service) environment where blockchain is provided via the Internet. The middleware operates on servers where IAM roles and policies are applied, authenticates users, and performs access control to allow only legitimate users to access blockchain data existing in the cloud. Additionally, to understand the impact of the proposed personal information protection method on the system, we measure the response time according to the time taken and the number of users under three assumed scenarios, and compare the proposed method and research related to personal information protection using blockchain in terms of security characteristics such as idea, type of blockchain, authentication, and confidentiality.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.5
• /
• pp.961-972
• /
• 2024

As IT and OT systems become integrated into ship operations, the security of propulsion, control, communication, and navigation systems has become increasingly critical. In response, the International Association of Classification Societies (IACS) will enforce cybersecurity requirements starting from July 2024. IACS No. 171 (Recommendations on Incorporating Cyber Risk Management into Safety Management Systems) presents quantitative assessment methods; however, there is room for improvement. This study aims to address these issues by applying the TARA framework, outlined in ISO/SAE 21434 for connected vehicles, to identify attack surfaces and conduct risk assessments of the Ballast Water Treatment System(BWTS), which is crucial for navigational safety. Moreover, the study conducts a comparative analysis of the quantitative risk assessments of IACS No. 171 and the TARA framework, proposing the need for and considerations of a new risk assessment framework, VeTARA, specifically tailored for ships. This research is expected to contribute to the enhancement of cyber risk management in maritime operations.

• The KIPS Transactions:PartC
• /
• v.13C no.1 s.104
• /
• pp.83-94
• /
• 2006

This paper describes ATM cell encipherment method using Rijndael Algorithm adopted as an AES(Advanced Encryption Standard) by NIST in 2001. ISO 9160 describes the requirement of physical layer data processing in encryption/decryption. For the description of ATM cell encipherment method, we implemented ATM data encipherment equipment which satisfies the requirements of ISO 9160, and verified the encipherment/decipherment processing at ATM STM-1 rate(155.52Mbps). The DES algorithm can process data in the block size of 64 bits and its key length is 64 bits, but the Rijndael algorithm can process data in the block size of 128 bits and the key length of 128, 192, or 256 bits selectively. So it is more flexible in high bit rate data processing and stronger in encription strength than DES. For tile real time encryption of high bit rate data stream. Rijndael algorithm was implemented in FPGA in this experiment. The boundary of serial UNI cell was detected by the CRC method, and in the case of user data cell the payload of 48 octets (384 bits) is converted in parallel and transferred to 3 Rijndael encipherment module in the block size of 128 bits individually. After completion of encryption, the header stored in buffer is attached to the enciphered payload and retransmitted in the format of cell. At the receiving end, the boundary of ceil is detected by the CRC method and the payload type is decided. n the payload type is the user data cell, the payload of the cell is transferred to the 3-Rijndael decryption module in the block sire of 128 bits for decryption of data. And in the case of maintenance cell, the payload is extracted without decryption processing.

• The Journal of Society for e-Business Studies
• /
• v.20 no.4
• /
• pp.1-17
• /
• 2015

A river water level monitoring system which prevents salt water damages and effectively excludes floods has been developed to contribute efficient operation of Nakdong river estuary barrage. The system can be used for monitoring upstream conditions more quickly and do appropriate responses over changes. Telemetry and telecontrols using PLCs have been built at the three sites that directly influence on the operation of barrage gates, and are linked to Nakdong river estuary barrage's IOS (Integrated Operation System) through public communication networks. By using PLC, the system can achieve even higher reliability and versatility than before as well as easy management. By power control devices, we can remotely control the power of PLCs to treat the minor troubles instantly without going on-sites. The power control devices also save data in preparation for the cases of communication failures. The system uses ADSL (FTTH) as a main network between SCADA server and PLCs, and CDMA (M2M) as a secondary network. In order to compensate security vulnerabilities of public communication network, we have installed the VPNs for secure communication between center and the observation stations, just like a dedicated network. Generally, river water level observations have been used custom-manufactured remote terminals to suit their special goals. However, in this case, we have established a system with open architecture considering the interface between different systems, the ease of use and maintenance, security, price, etc.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.04a
• /
• pp.265-267
• /
• 2002

인터넷에서 멀티미디어 응용들이 증가함에 따라 서비스 품질(QoS: Quality of Service)을 보장해 줄 수 있는 여러 가지 방안이 제안되어 왔는데, 일반적으로 이들 방안은 확장성과 종단간 QoS 보장 간에 상호 모순이 발생하는 경향을 가지고 있다. 본 논문에서는 이와 같은 상호 모순을 피할 수 있는 QoS 지원 방안으로서 DQSP(Dynamic QoS Support Protocol)를 제안한다. DQSP는 도메인 내에서의 자원 예약과 연결 수락 제어 메커니즘을 정의한다. DQSP는 링크 자원을 각 에지 라우터로부터의 트래픽 클래스별로 동적으로 할당하고 에지 라이투가 자신에게 할당된 링크 자원에 관한 정보를 유지하도록 한다. DQSP는 목적지로의 연결 수락 제어를 위한 QoS 신호 프로토콜이 필요 없이 에지 라우터에서 매 사용자 플로우별로 직접적으로 연결 수락 결정을 내리므로 확장성 문제 및 코어 라우터의 복잡한 기능 요구 사항 문제를 해결한다. 또한 UQSP는 에지 라우터가 트래픽 부하에 따라 자신에게 할당되어 있는 자원을 반납하거나 추가적인 자원을 제공받을 수 있도록 해 자원 오버 프로비져닝으로 인해 발생할 수 있는 비효율적인 자원 활용 문제를 해결한다. 또한 DQSP는 경로 재계산을 수행하여 라우팅을 조정해 나감으로써 효율적일 네트워크 자원 활용이 가능하다. 시뮬레이션을 통하여 DQSP와 기존의 자원 할당 및 공유 방식들을 비교한 결과 DQSP가 시그널링과 상태 정보 유지를 위한 오버헤드 면에서 기존의 종단간 QoS 보장을 제공하는 구조인 IntServ에서와 같은 확장성 문제를 발생시키지 않으면서도 효율적으로 네트워크 자원을 활용할 수 있음을 확인할 수 있었다.재 상용화 되어있는 Bellcore 의 S/KEY 시스템과의 비교를 수행하였다. 분석에서는 제품의 효율성뿐만 아니라 보안성을 중요하게 생각하였으며, 앞으로 보안 관련 소프트웨어 개발에 사용될 수 있는 도구들이 가이드 라인에 대한 정보를 제공한다.용할 수 있는지 세부 설계를 제시한다.다.으로서 hemicellulose구조가 polyuronic acid의 형태인 것으로 사료된다. 추출획분의 구성단당은 여러 곡물연구의 보고와 유사하게 glucose, arabinose, xylose 함량이 대체로 높게 나타났다. 점미가 수가용성분에서 goucose대비 용출함량이 고르게 나타나는 경향을 보였고 흑미는 알칼리가용분에서 glucose가 상당량(0.68%) 포함되고 있음을 보여주었고 arabinose(0.68%), xylose(0.05%)도 다른 종류에 비해서 다량 함유한 것으로 나타났다. 흑미는 총식이섬유 함량이 높고 pectic substances, hemicellulose, uronic acid 함량이 높아서 콜레스테롤 저하 등의 효과가 기대되며 고섬유식품으로서 조리 특성 연구가 필요한 것으로 사료된다.리하였다. 얻어진 소견(所見)은 다음과 같았다. 1. 모년령(母年齡), 임신회수(姙娠回數), 임신기간(姙娠其間), 출산시체중등(出産時體重等)의 제요인(諸要因)은 주산기사망(周産基死亡)에 대(對)하여 통계적(統計的)으로 유의(有意)한 영향을 미치고 있어 $25{\sim}29$세(歲)의 연령군에서, 2번째 임신과 2번째의 출산에서 그리고 만삭의 임신 기간에, 출산시체중(出産時體重) $3.50{\sim}3.99kg$사이의 아이에서 그 주산기사망률(周産基死亡率)이 각각

• Journal of Internet Computing and Services
• /
• v.21 no.1
• /
• pp.179-190
• /
• 2020

In the Unix-like system environment, the GOT overwrite attack is one of the traditional control flow hijacking techniques for exploiting software privileges. Several techniques have been proposed to defend against the GOT overwrite attack, and among them, the Full Relro(Relocation Read only) technique, which blocks GOT overwrites at runtime by arranging the GOT section as read-only in the program startup, has been known as the most effective defense technique. However, it entails loading delay, which limits its application to a program sensitive to startup performance, and it is not currently applied to the library due to problems including a chain loading delay problem caused by nested library dependency. Also, many compilers, including LLVM, do not apply the Full Relro technique by default, so runtime programs are still vulnerable to GOT attacks. In this paper, we propose a GOT protection scheme using the Control Flow Integrity(CFI) technique, which is currently recognized as the most suitable technique for defense against code reuse attacks. We implemented this scheme based on LLVM and applied it to the binutils-gdb program group to evaluate security, performance and compatibility. The GOT protection scheme with CFI is difficult to bypass, fast, and compatible with existing library programs.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.6
• /
• pp.129-140
• /
• 2003

Recently viruses and various hacking tools that threat hosts on a network becomes more intelligent and cleverer, and so the various security mechanisms against them have ken developed during last decades. To detect these network attacks, many NIPSs(Network-based Intrusion Prevention Systems) that are more functional than traditional NIDSs are developed by several companies and organizations. But, many previous NIPSS are hewn to have some weakness in protecting important hosts from network attacks because of its incorrectness and post-management aspects. The aspect of incorrectness means that many NIPSs incorrectly discriminate between normal and attack network traffic in real time. The aspect of post-management means that they generally respond to attacks after the intrusions are already performed to a large extent. Therefore, to detect network attacks in realtime and to increase the capability of analyzing packets, faster and more active responding capabilities are required for NIPS frameworks. In this paper, we propose a framework for real-time intrusion prevention. This framework consists of packet filtering component that works on netfilter in Linux kernel and traffic control component that have a capability of step-by-step control over abnormal network traffic with the CBQ mechanism.