• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.3
• /
• pp.537-547
• /
• 2023

As Internet of Things (IoT) technology evolves, IoT devices are being utilized in a variety of fields. However, it has become a new surface of cyber attacks and is affecting industries that did not previously consider cyber breaches. After a intrusion occurs, post-processing and damage spread prevention are important, but it is difficult to respond due to the lackof standards and guidelines. Therefore, in order to respond to such incidents, this paper establishes an incident data collection procedure and presents the data that can be collected to improve the intrusion data acquisition method for general IoT devices. In addition, we proved the efficiency and feasibility of the data collection procedure through experiments.

• Convergence Security Journal
• /
• v.22 no.1
• /
• pp.3-9
• /
• 2022

The role of the integrated development environment is very important in software development of a development project. After many developers develop different modules, software product is completed through compile, debugging, integration, testing, and distribution. However, bugs and various issues in the development process cause problems such as quality deterioration of software product and dissatisfaction with requirements. So the need for automated testing to avoid these problems and improve quality has increased. In this study, we propose test automation modules of four perspectives to improve quality throughout the test automation in an integrated development environment. Each automation module operates through the tool chain of an integrated build framework implemented on the devops.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2022.06a
• /
• pp.167-168
• /
• 2022

선박을 운항함에 있어 최적항로를 결정하는 것은 항해시간과 연료 소모를 줄이는 중요한 요인 중의 하나이다. 기존에는 항로를 결정하기 위해 항해사의 전문적인 지식이 요구되지만 이러한 방법은 최적의 항로라고 판단하기 어렵다. 따라서 연료비 절감과 선박의 안전을 고려한 최적의 항로를 생성할 필요가 있다. 연료 소모량 혹은 항해시간을 최소화하기 위해서 에이스타 알고리즘, Dijkstra 알고리즘을 적용한 연구가 있다. 하지만 이러한 연구들은 최단거리만 구할 뿐 선박의 안전, 해상상태 등을 고려하지 못한다. 이를 보완하기 위해 본 연구에서는 강화학습 알고리즘을 적용하고자한다. 강화학습 알고리즘은 앞으로 누적 될 보상을 최대화 하는 행동으로 정책을 찾는 방법으로, 본 연구에서는 강화학습 알고리즘의 하나인 Q-learning을 사용하여 선박의 안전을 고려한 최적의 항로를 생성하는 기법을 제안 하고자 한다.

• Annual Conference of KIPS
• /
• 2023.11a
• /
• pp.115-118
• /
• 2023

IoT 장치들은 연구, 의료, 금융, 민생 분야 등에 지원하고 있으며 취약한 보안 메커니즘으로 인하여 IoT 네트워크의 개인정보 안전성이 중요해지고 있다. 안전한 다자간 계산은 서로 믿지 않는 참여자라도 데이터 수요자에게 원본 데이터를 누설하지 않는 범위 안에서 다자간 연합 계산 능력을 제공한다. 상업 네트워크나 산업 네트워크에서는 대량의 데이터는 다른 플랫폼들과 통신하기 때문에 기업이나 개인의 개인정보 데이터가 통신 과정에서 도청될 경우 데이터 보유자에게 막대한 경제적이나 잠재적인 손실이 발생한다. 본 논문에서 데이터 통신 과정을 계층별로 정의하여 블록체인에 기반의 안전한 다자간 계산 아키텍처를 제안한다. 제안하는 이키텍처에서 블록체인을 사용함으로써 데이터의 유효성 및 검증 가능성을 보장한다. 인증된 데이터로 안전한 다자간 계산 수행하기 때문에 통신과정의 보안성 및 기밀성도 확보한다. 암호학 및 블록체인 기술의 지속적 발전 및 활성화에 따라 제안하는 아키텍처가 지속적으로 개선할 잠재력이 있다.

• Annual Conference of KIPS
• /
• 2007.11a
• /
• pp.1010-1013
• /
• 2007

와이브로 서비스는 고속 이동 인터넷 환경 속에서 고속으로 무선 인터넷 서비스를 제공하는 기술이다. 기존의 무선인터넷 서비스와 달리 이동성을 제공한다는 점에서 차별화를 제공한다. 이렇게 이동하는 단말에게 양질의 데이터를 안전하게 전송하기 위해서는 보안기술이 중요한 요소로 작용한다. 서비스를 제공하기 전에 단말(Mobile Station)과 RAS(Radio Access Stations)간의 인증을 바탕으로 상호 키(TEK:Traffic Encryption Key)를 분배하고 TEK를 바탕으로 데이터를 암호화해서 전송하게 된다. 기존의 인증 프로토콜에서는 RAS에서 단독으로 키를 생성하는 방식이지만, 본 논문에서는 기존의 프로토콜의 문제점으로 지적된 Replay Attack에 대해 DH(Diffie-Hellman) 키 분배(Key Distribution) 방식을 적용하는 프로토콜을 제안함으로써 취약점에 대비 하였다. 이를 통해 RAS에 집중되는 키 생성에 대한 오버헤드를 단말에 분산 시킬 수 있다. 이로써 제안된 프로토콜을 사용해서 기존의 프로토콜을 사용했을 때보다 보안강도를 높일 수 있다.

• Journal of Platform Technology
• /
• v.12 no.2
• /
• pp.45-57
• /
• 2024

Smart cities are the product of modern urban planning that seeks to innovate information and communication technology and improve the quality of urban life. For the efficient operation of smart cities, data collected, stored, and processed in real time is a key resource. Therefore, data from smart cities collected in various fields must be managed safely, and personal information protection is paramount. In this study, a smart city data security model using blockchain technology was proposed to safely manage smart city data. The proposed model integrates IPFS into the blockchain network to distribute and store data to ensure data confidentiality and integrity, and encrypts data using CP-ABE to efficiently control access to data from users. In addition, privacy was guaranteed while enhancing the usability of data by using Homomorphic Encryption with data access control policies.

• Convergence Security Journal
• /
• v.24 no.3
• /
• pp.203-208
• /
• 2024

The identification and classification of victims in the county border area is one of the important issues. The personnel that can appear in the military border area are comprised of North Korean soldiers, U.S. soldiers, South Korean soldiers, and the general public, and are currently being confirmed through CCTV. They were classified into true categories and learned through transfer learning. The PyTorch machine learning library was used, and the dataset was utilized by crawling images corresponding to each item shared on Google. The experimental results show that each item is classified with an accuracy of 98.7500%. Future research will explore ways to distinguish more systematically and specifically by going beyond images and adding video or voice recognition.

• The KIPS Transactions:PartC
• /
• v.10C no.3
• /
• pp.281-286
• /
• 2003

Nowadays, a patient's private medical data which is exposed to the outside world has a severe effect on not only the patient's private life but also his/her social activities and environment. So, it is important to securely protect the patient's private medical data from the illegal manipulation. This paper studies the method to store the electronic prescription information in an IC card. For that, an access control for users, such as a doctor, a nurse, a medical institute member, a pharmacy, a pharmacist, or a patient, is proposed to access the data stored in an IC card. The certificate is issued using the Crypto API of a certificate management model supported by Windows 2000. The public/private key is created by the Cryptographic Service Provider program, and the electronic prescription is signed using the digital signature. The proposed system, therefore, can improve the quality of medical services by securing the safety and integrity of the electronic prescription, stored in an IC card.

• Journal of Korea Multimedia Society
• /
• v.16 no.8
• /
• pp.914-926
• /
• 2013

Among the recent security systems, security system with fingerprint recognition gets many people's interests through the strengths such as exclusiveness, convenience, etc, in comparison with other security systems. The most important matters for fingerprint recognition system are reliability of matching between the fingerprint in database and user's fingerprint and rapid process of image processing algorithms used for fingerprint recognition. The existing fingerprint recognition system reduces the processing time by removing some processes in the feature extraction algorithms but has weakness of a reliability. This paper realizes the fingerprint recognition algorithm using MAMS(Multi-Access Memory System) for both the rapid processing time and the reliability in feature extraction and matching accuracy. Reliability of this process is verified by the correlation between serial processor's results and MAMS-PP64's results. The performance of the method using MAMS-PP64 is 1.56 times faster than compared serial processor.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.42 no.4 s.304
• /
• pp.25-32
• /
• 2005

The spread of mobile devices, PDAs and sensors has enabled the construction of ubiquitous computing environments, transforming regular physical spaces into 'Smart space' augmented with intelligence and enhanced with services. However, the deployment of this computing paradigm in real-life is disturbed by poor security, particularly, the lack of proper authentication and authorization techniques. Also, it is very important not only to find security measures but also to preserve user privacy in ubiquitous computing environments. In this Paper, we propose efficient user authentication and authorization model with anonymity for the privacy-preserving for ubiquitous computing environments. Our model is suitable for distributed environments with the computational constrained devices by using MAC-based anonymous certificate and security association token instead of using Public key encryption technique. And our Proposed Protocol is better than Kerberos system in sense of cryptographic computation processing.