• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.6
• /
• pp.1519-1534
• /
• 2017

Data de-identification is the one of the technique that preserves individual data privacy and provides useful information of data to the analyst. However, original de-identification techniques like k-anonymity have vulnerabilities to background knowledge attacks. On the contrary, differential privacy has a lot of researches and studies within several years because it has both strong privacy preserving and useful utility. In this paper, we analyze various models based on differential privacy and formalize a differentially private model on financial data. As a result, we can formalize a differentially private model on financial data and show that it has both security guarantees and good usefulness.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.14 no.3
• /
• pp.1409-1415
• /
• 2013

With the development of Internet communication and the use of a variety of online services has been greatly expanded. Therefore, the importance of authentication techniques for users of online services has increased. The most commonly used methods for user authentication is a technique that utilizes a prearranged password. However, the existing password scheme for authentication must use the same password every time. Therefore, the password being leaked by attackers, it can be used maliciously. In this paper, we proposed the Variable Password Generation Method in Internet Authentication System that generates a new password using information such as the access date, time, and IP address when user logs in. The method proposed in this paper prevents disclosure of personal information due to password exposure and improves the reliability and competitiveness in the field of security systems.

• Proceedings of the Korea Water Resources Association Conference
• /
• 2012.05a
• /
• pp.479-483
• /
• 2012

최근 국내외에서 기상이변에 따른 물 부족에 대응하고 먹는 물의 생산과 공급 효율성 향상을 위하여 스마트워터그리드에 대한 연구가 활발히 진행되고 있는 경향으로 이는 상수도 인프라시설의 운영오류, 자연재해, 사이버를 통한 의도적 공격 등에 대해 안전하고 신뢰성이 높은 시스템을 구축하기 위한 것이다. 또한 상수도 분야에서는 스마트 미터링 개념을 도입하여 상수관망에서 발생되는 각종 사고나 물 손실을 저감하기 위한 노력이 시도되고 있는 실정이다. 일반적으로 누수량이 많을 경우에는 누수의 징후가 지표면에서 확인이 가능하나 미세한 경우 탐사장비의 운영이나 인력의 투입을 통해 가능하다. 물 공급계통인 상수관망에서 물 손실을 저감시키기 위한 방법중 하나로서 수도미터로부터 기록되는 물 사용량 데이터를 이용하여 누수패턴을 추출함으로써 누수감시가 가능하도록 하는 모형을 개발하고자 하였다. 이는 탐사장비에 의한 누수감지와 상호 보완적을 활용할 수 있는 것으로서 사용량 자료를 분석하여 사전에 처리된 자료의 노이즈와 결함 있는 계측값을 필터링시키는 기법이 도입된 것이며 신속한 감지를 통해 누수 지속시간을 감소시킴으로서 누수량의 저감을 목표로 한다. 물 공급 네트워크를 보다 더 효율적 만들 수 있는 누수 감시모형은 상수관망의 운영에 필요한 정보를 도출하기 위하여 보다 정확하고 다양한 수학적 및 통계적 분석을 기반으로 구성되어 누수 외에도 각종 결함을 찾아내는 역할을 수행할 수 있다. 향후 다양한 지역을 이러한 수용가의 물 사용량 미터링 결과를 토대로 실제 사용량과 누수량을 분리하여 분석함으로써 국내 실정에 적합한 누수감시 기술배발 토대를 마련할 수 있을 것으로 판단되며, 누수저감을 위한 실질적인 상수관망의 운영관리 효율향상의 정보로서 활용이 가능할 것으로 판단된다.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.4
• /
• pp.75-85
• /
• 2017

This study investigated the effect of loving-kindness meditation intervention on the mindfulness, resilience and stress of college students. Thirty students not receiving any training in meditation intervention were randomly divided into meditation (15 subjects) and control (15 subjects)groups. The meditation group underwent meditation for 10 weeks, once a week, about 80 minutes each time. The results revealed that the experimental group showed significant improvement effect on mindfulness, resilience, and stress compared to the control group. It was concluded that loving-kindness meditation can effectively improve mindfulness, resilience and stress for college students.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.2
• /
• pp.347-363
• /
• 2019

Malware has its own unique behavior characteristics, like DNA for living things. To respond APT (Advanced Persistent Threat) attacks in advance, it needs to extract behavioral characteristics from malware. To this end, it needs to do classification for each malware based on its behavioral similarity. In this paper, various similarity of Windows malware is estimated; and based on these similarity values, malware's family is predicted. The similarity measures used in this paper are as follows: 'TF-IDF cosine similarity', 'Nilsimsa similarity', 'malware function cosine similarity' and 'Jaccard similarity'. As a result, we find the prediction rate for each similarity measure is widely different. Although, there is no similarity measure which can be applied to malware classification with high accuracy, this result can be helpful to select a similarity measure to classify specific malware family.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.18 no.6
• /
• pp.33-41
• /
• 2018

The idea of the Internet of Things as a platform on the Smart Campus has become increasingly popular. It requires an infrastructure consisting of communication networks, sensor nodes and gateways to connect to the Internet. Each sensor node is responsible for gathering data from the environment. This document outlines a network of wireless sensors on the Internet for the application of Smart Campus monitoring. Wireless sensor network Monitoring have become a complete solution to using a low power implementation and integrated systems. The numerous restrictions however result from the low communication range, the limited computing power, the lack of availability of the network protocol, the lack of programming security and the security failures in the areas of confidentiality, integrity and availability. A new security technique and its functionality for WSNM nodes developed. Development in the research of a secure network and suggestions for avoiding denial of service (DOS) and complexity attacks. These systems if properly implemented can provide an energy efficiency mechanism through pre-allocation and a new key from key management models with a secure routine algorithm.

• Journal of Internet Computing and Services
• /
• v.20 no.5
• /
• pp.9-18
• /
• 2019

Android Application Package (APK) is vulnerable to repackaging attacks. Therefore, obfuscation technology was applied inside the Android APK file to cope with repackaging attack. However, as more advanced reverse engineering techniques continue to be developed, fake Android APK files to be released. A new approach is needed to solve this problem. A blockchain is a continuously growing list of records, called blocks, which are linked and secured using cryptography. Each block typically contains a cryptographic hash of theprevious block, a timestamp and transaction data. Once recorded, the data inany given block cannot be altered retroactively without the alteration of all subsequent blocks. Therefore, it is possible to check whether or not theAndroid Mobile APK is forged by applying the blockchain technology. In this paper, we construct a discrimination DApp (Decentralized Application) against forgery Android Mobile APK by recording and maintaining the legitimate APK in the consortium blockchain framework like Hyperledger Fabric by Composer. With proposed DApp, we can prevent the forgery and modification of the appfrom being installed on the user's Smartphone, and normal and legitimate apps will be widely used.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.3
• /
• pp.101-108
• /
• 2007

We follow the promising recent results of deploying the public key cryptography in sensor networks. Recent results have shown that the public key algorithms are computationally feasible on the typical sensor nodes. However, once the public key cryptography is brought to the sensor network, security services such like key authentication will be critically required. In this paper we investigate the public key authentication problem in the sensor network and provide several authentication protocols. Our protocols are mainly based on the non-solvable overhearing in the wireless environment and a distributed voting mechanism. To show the value of our protocols, we provide an extensive analysis of the used resources and the resulting security level. As well, we compare our work with other existing works. For further benefit of our protocols, we list several additional applications in the sensor network where our protocols provide a sufficient authentication under the constrained resources.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.3
• /
• pp.73-82
• /
• 2009

This paper proposes an efficient and secure user authentication and key agreement scheme instead of the HTTP digest and TLS between the SIP UA and server. Although a number of security schemes for authentication and key exchange in SIP network are proposed, they still suffer from heavy computation overhead on the UA's side. The proposed scheme uses the HTIP Digest authentication and employs the Diffie-Hellman algorithm to protect user password against dictionary attacks. For a resource-constrained SIP UA, the proposed scheme delegates cryptographically computational operations like an exponentiation operation to the SIP server so that it is more efficient than the existing schemes in terms of energy consumption on the UA. Furthermore, it allows the proposed scheme to be easily applied to the deployed SIP networks since it does not require major modification to the signaling path associated with current SIP standard.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.2
• /
• pp.280-285
• /
• 2021

When VNDN technology is used as a communication technology for infotainment application services of connected vehicles, it is possible to realize data-centric networking technology in which data is the subject of communication.Vehicle security attacks and hacks, performance degradation during long-distance data transmission, and frequent data loss It is possible to innovate the limitations of the current host-oriented Internet-based infotainment application service technology of connected vehicles. The data packet forwarding issue to deliver critical information data that is very sensitive to delay in the VNDN on a push-based basis to RSU (Road Side Unit), etc. is one of the issues to be solved for realizing VNDN-based application services. We comprehensively analyze existing forwarding techniques to support push-based data traffic under the environment, and compare and analyze each technique in terms of performance.