• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.327-331
• /
• 2004

The new cyber world has created by Internet that is prosperous rapidly. But with the expansion of Internet the hacking and intrusion are also increased very much. Actually there were many incidents in Internet, but the damage was restricted within a local area and local system. However, the Great 1.25 Internet Disturbance has paralyzed the national wide Internet environment. It because the Slammer Worm. The worm is a malformed program that uses both of the hacking and computer virus techniques. It autonomously attacks the vulnerability of Windows system, duplicates and spreads by itself. Jus like the Slammer Worm, almost every worms attack the vulnerability of Windows systems that installed in personal PC. Therefore, the vulnerability in personal PC could destroy the whole Internet world. So, in this paper we propose a Internet Worm Expanding Prevention System that could be installed in personal PC to prevent from expanding the Internet Worm. And we will introduce the results of developed system.

• Journal of the Korea Convergence Society
• /
• v.10 no.12
• /
• pp.63-69
• /
• 2019

Using a smartphone allows quick and easy authentication and payment. However, smartphone security threats are evolving into a variety of new hacking technologies, and are changing to attacks specific to the mobile environment. Therefore, there is a demand for an authentication method suitable for a mobile environment. In order to solve security weaknesses in knowledge-based authentication, many companies provide two-step authentication services such as OTP(One Time Password) to provide authentication services such as finance, games, and login. Although OTP service is easy to use, it is easy to duplicate random number table and has a disadvantage that can be reused because it is used as valid value within time limit. In this paper, we propose a mechanism that enables users to quickly and easily authenticate with high security using the authentication method that recognizes special characters through smartphone's dedicated application.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.2
• /
• pp.109-117
• /
• 2010

Digital watermarking has drawn extensive attention for protecting digital contents from unauthorized copying. This paper proposes a new watermarking scheme in frequency domain for copyright protection of digital audio. In our proposed watermarking system, the original audio is segmented into non-overlapping frames. Watermarks are then embedded into the selected prominent peaks in the magnitude spectrum of each frame. Watermarks are extracted by performing the inverse operation of watermark embedding process. Simulation results indicate that the proposed scheme is robust against various kinds of attacks such as noise addition, cropping, resampling, re-quantization, MP3 compression, and low pass filtering. Our proposed watermarking system outperforms Cox's method in terms of imperceptibility, while keeping comparable robustness with the Cox's method. Our proposed system achieves SNR (signal-to-noise ratio) values ranging from 20 dB to 28 dB. This is in contrast to Cox's method which achieves SNR values ranging from only 14 dB to 23 dB.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.43 no.5 s.311
• /
• pp.57-67
• /
• 2006

Intellectual property rights are gathering strength theses days. Because digital contents are easily reproduced and distributed by advanced computers and networks. Digital watermarking is one of the best solutions for this problem. Generally, frequency-domain watermarking algorithms are preferred since they are more robust than spatial-domain algorithms. However, coefficients in the frequency domain are floating-point numbers. Thus, it is not easy to manipulate those floating-point coefficients and frequency-domain watermarking algorithms have some limitations in their applications. In order to overcome this difficulty, we employ an integer transform in this paper. In addition, our proposed algerian can extract the watermark from both the spatial and frequency domains. We embed the watermark into a specific bit-plane of mid-frequency coefficients. This is equivalent to the differential energy watermarking (DEW) in the spatial domain. Our simulation results show that the proposed algorithm is imperceptible, good for the watermark payload, and robustness against various attacks. Moreover, it is more efficient than any other algorithm working in only one domain.

• Journal of Korea Multimedia Society
• /
• v.10 no.5
• /
• pp.569-582
• /
• 2007

Digital watermarking technique for copyright protection and prevention of illegal copy and distribution can provide the reliable transaction to both buyer and seller in e-commerce through the cryptographic protocol such as 'Buyer-seller watermarking protocol'. Recently there has been researched about some cryptographic protocols for watermarking system but there has no yet mentioned about the implementation of practical watermarking technique in protocol. This paper presents the watermark embedding technique based on POCS in buyer-seller watermarking protocol. The proposed method designs the robust convex set based on EZW and the invisible convex set using PSNR and then projects into two sets until the convergence condition is satisfied. Experimental results verified that BER of watermark that is embedded by the proposed method has lower 0.02-0.10 than BER of the conventional method.

• Journal of Software Assessment and Valuation
• /
• v.17 no.2
• /
• pp.91-99
• /
• 2021

In the current business environment where dependence on IT has increased rapidly, the risk from disasters or cyber-attacks is also increasing. Business continuity, the ability to continue to provide service in the event of a business disruption caused by a disaster, is essential. In other words, you need to have a plan in place to keep your core business functions uninterrupted with rapid recovery within a predetermined Recovery Time Objective (RTO) and Recovery Point Objective (RPO) time frame. In this paper, we propose a disaster recovery system construction method that can minimize RTO and RPO to ensure business continuity. The system configuration adopts Tier 7 disaster recovery model, synchronous storage replication, hot disaster recovery site, and operation management automation solution. This ensures continuity of core business with virtually no data loss and minimal RTO and RPO.

• Journal of Korea Society of Industrial Information Systems
• /
• v.28 no.5
• /
• pp.41-54
• /
• 2023

Smart grid that supports efficient energy production and management is used in various fields and industries. However, because of the environment in which services are provided through open networks, it is essential to resolve trust issues regarding security vulnerabilities and privacy preservation. In particular, the identification information of smart meter is managed by a centralized server, which makes it vulnerable to security attacks such as device stolen, data forgery, alteration, and deletion. To solve these problems, this paper proposes a blockchain based authentication protocol for a smart meter. The proposed scheme issues an unique decentralized identifiers (DIDs) for individual smart meter through blockchain and utilizes a random values based on physical unclonable function (PUF) to strengthen the integrity and reliability of data. In addition, we analyze the security of the proposed scheme using informal security analysis and AVISPA simulation, and show the efficiency of the proposed scheme by comparing with related work.

• The KIPS Transactions:PartC
• /
• v.15C no.3
• /
• pp.157-166
• /
• 2008

The ubiquitous service environment is poor in reliability of connection and also has a high probability that the intrusion against a system and the failure of the services may happen. Therefore, It is very important to guarantee that the legitimate users make use of trustable services from the viewpoint of security without discontinuance or obstacle of the services. In this paper, we point out the problems in the standard Jini service environment and analyze the Jgroup/ARM framework that has been developed in order to help fault tolerance of Jini services. In addition, we propose a secure Jini service architecture to satisfy the security, availability and quality of services on the basis of the analysis. The secure Jini service architecture we propose in this paper is able to protect a Jini system not only from faults such as network partition or server crash, but also from attacks exploiting flaws. It provides security mechanism for dynamic trust establishment among the service entities. Moreover, our secure Jini service architecture does not incur high computation costs to merge the user service states because of allocation of the replica based on each session of a user. Through the experiment on a test-bed, we have confirmed that proposed secure Jini service architecture is able to guarantee the persistence of the user service states at the level that the degradation of services quality is ignorable.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.12
• /
• pp.944-953
• /
• 2013

Recently, a storage media is becoming smaller and storage capacity is also becoming larger than before. However, important data was leaked through a small storage media. To solve these serious problem, many security companies manufacture secure USBs with secure function, such as data encryption, user authentication, not copying data, and management system for secure USB, etc. But various attacks, such as extracting flash memory from USBs, password hacking or memory dump, and bypassing fingerprint authentication, have appeared. Therefore, security techniques related to secure USBs have to concern many threats for them. The basic components for a secure USB are secure authentication and data encryption techniques. Though existing secure USBs applied password based user authentication, it is necessary to develop more secure authentication because many threats have appeared. And encryption chipsets are used for data encryption however we also concern key managements. Therefore, this paper suggests mutual device authentication based on PUF (Physical Unclonable Function) between USBs and the authentication server and key management without storing the secret key. Moreover, secure USB is systematically managed with metadata and authentication information stored in authentication server.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.49 no.2
• /
• pp.123-133
• /
• 2012

This paper discuss about DNA watermarking using coding DNA sequence (CDS) for the authentication, the privacy protection, or the prevention of illegal copy and mutation of DNA sequence and propose a DNA watermarking scheme with the mutation robustness and the animo acid preservation. The proposed scheme selects a number of codons at the regular singularity in coding regions for the embedding target and embeds the watermark for watermarked codons and original codons to be transcribed to the same amino acids. DNA base sequence is the string of 4 characters, {A,G,C,T} ({A,G,C,U} in RNA). We design the codon coding table suitable to watermarking signal processing and transform the codon sequence to integer numerical sequence by this table and re-transform this sequence to floating numerical sequence of circular angle. A codon consists of a consecutive of three bases and 64 codons are transcribed to one from 20 amino acids. We substitute the angle of selected codon to one among the angle range with the same animo acid, which is determined by the watermark bit and the angle difference of adjacent codons. From in silico experiment by using HEXA and ANG sequences, we verified that the proposed scheme is more robust to silent and missense mutations than the conventional scheme and preserve the amino acids of the watermarked codons.