• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.11a
• /
• pp.715-718
• /
• 2013

단방향 통신을 하는 기존의 전력망에서 할 수 없었던 전력수요 모니터링, 신재생 에너지 활성화 등이 가능하도록 소비자와 전력 사업자간의 양방향 통신을 하는 스마트그리드의 관심이 증가하고 있다. 스마트그리드는 기존 전력망에 IT기술을 접목하여 전력 사업자와 소비자 간의 양방향 통신이 가능하기 때문에 전력 사용에 대한 실시간 모니터링을 하며 안정적인 전력을 공급할 수 있고 생산량이 불안정한 신재생 에너지를 효율적으로 관리 할 수 있는 장점을 갖고 있다. 하지만 양방향 통신을 위해 공개망과 연계되면서 기존의 공개망이 갖고 있는 정보 변조, 위장 공격 등의 보안위협이 그대로 발생할 수 있다. 따라서 본 논문에서는 스마트카드를 이용한 인증을 통해 스마트그리드 환경에서 전송되는 정보에 대한 위장이나 조작 등의 보안위협으로부터 보호할 수 있는 기법을 제안한다.

• Journal of Korea Multimedia Society
• /
• v.16 no.7
• /
• pp.841-851
• /
• 2013

The infectious information hiding system(IIHS) is proposed for secure distribution of high quality video contents by applying optimized watermark embedding and detection algorithms to video codecs. And the watermark as infectious information is transmitted while target video is displayed or edited by codecs. This paper proposes a fast and effective reversible watermarking and infectious information generation for IIHS. Our reversible watermarking scheme enables video decoder to control video quality and watermark strength actively for by adding control code and expiration date with the watermark. Also, we designed our scheme with low computational complexity to satisfy it's real-time processing in a video codec, and to prevent time or frame delay during watermark detection and video restoration, we embedded one watermark and one side information within a macro-block. Experimental results verify that our scheme satisfy real-time watermark embedding and detection and watermark error is 0% after reversible watermark detection. Finally, we conform that the quality of restored video contens is almost same with compressed video without watermarking algorithm.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.3
• /
• pp.603-613
• /
• 2015

Smart-phone Applications are consists of UI(User Interface). During using applications, UI events such as button click and scroll down are transmitted to Smart-phone system with many changes of UI. In these UI events, various information including user-input data are also involved. While Keylogging, which is a well-known user-input data acquisition technique, is needed a restrictive condition like rooting to obtain the user-input data in android environment, UI events have advantage which can be easily accessible to user-input data on user privileges. Although security solutions based keypad in several applications are applied, we demonstrate that these were exposed to vulnerability of application security and could be obtained user-input data using UI events regardless of presence of any security system. In this paper, we show the security threats related information disclosure using UI events and suggest the alternative countermeasures by showing the replay-attack example based scenarios.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.1
• /
• pp.97-101
• /
• 2007

The purpose of DRM is to protect the copyrights of content providers and to enable only designated users to access digital contents. From the consumers' point of view, they have a tendency to go against complex and confusing limitations. Moreover, consumers' rights of use of the content obtained legally were frequently harmed by arbitrary limitations. The concept of Authorized Domain (AD) was presented to remove such problems. However, the previous work on authorized domain has two problems. The first is that it requires a rather expensive revocation mechanism for withdraw process. The second is that the modules still can play contents which are previously obtained even though they are currently out of the authorized domain. On the contrary, our scheme presents the content from being played by modules which are out of the domain for better security. Furthermore our scheme does not need to maintain a revocation list and prevent replay attack.

• 한국신재생에너지학회:학술대회논문집
• /
• 2008.05a
• /
• pp.61-64
• /
• 2008

$Pr_{0.3}Sr_{0.7}Co_{0.3}Fe_{0.7}O_{3-\delta}$ (PSCF3737) was prepared and characterized as a cathode material for intermediate temperature-operating solid oxide fuel cell (IT-SOFC). X-ray diffraction (XRD), X-ray photoelectron spectroscopy (XPS), extended X-ray absorption fine structure (EXAFS), and electrical property measurement were carried out to study cathode performance of the material. XPS and EXAFS results proved that oxygen vacancy concentration was decreased and lattice constants of the perovskite structure material were increased by doping Fe up to 70 mol% at B-site of the crystal structure, which also extended the distance between oxygen and neighbor atoms. Thermal expansion coefficient (TEC) of PSCF3737 is smaller than that of $Pr_{0.3}Sr_{0.7}CoO_{3-\delta}$(PSC37) due to lower oxygen vacancy concentration. PSCF3737 showed better cathode performance than PSC37. It might be due good adhesion by a smaller difference of TEC between $Gd_{0.1}Ce_{0.9}O_2$ (CGO91) and electrode. Composite material PSCF3737-CGO91 showed better compatibility of TEC than PSCF3737. However, PSCF3737-CGO91 did not represent higher electrochemical property than PSCF3737 due to decreased reaction sites by CGO91.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.8
• /
• pp.77-84
• /
• 2011

In this paper we implement a 6LoWPAN protocol on the MICAz sensor platform, which could minimize packet re-transmission, and support security primitives for packet integrity and confidentiality. And we also present a performance evaluation of the implemented protocol calculated according to the cryptographic algorithms. In the re-transmission method, time stamp, nonce, and checksum are considered to protect replay attacks. As cryptographic algorithms, AES, 3DES, SHA2, and SHA1 are implemented. If transmission errors (thus, packet losses) and the number of hops are increase then, packet re-transmissions are increase exponentially from the experimental results. Also, the result shows that cryptographic operations take more time than packet re-transmission time.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.3
• /
• pp.43-52
• /
• 2005

MIPv4 supports node mobility, manages MN's binding list and provides seamless communication through registration protocol. Since the registration protocol usually operating in the wireless environment involves authenticating MNs, it is a general approach to introduce the AAA infrastructure as key distribution center for the purpose of authentication. In this paper, we propose an efficient registration protocol with lightweight AAA based on domain key. Proposed protocol also withstands various replay attacks, and provides non-repudiation service for the accounts of the usage of the network service.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.1
• /
• pp.31-37
• /
• 2015

As the forms of cyberattacks become diverse, there has been reported another case of exploiting vulnerabilities revealed while processing either a document or multimedia file that was distributed for attacking purpose, which would replace the traditional method of distributing malwares directly. The attack is based upon the observation that the softwares such as document editer or multimedia player may reveal inherent vulnerabilities on some specific inputs. The fuzzing methods that provide invalid random inputs for test purpose could discover such exploits. This paper suggests a new fuzzing method on document applications that could work in mobile environments, in order to resolve the drawback that the existing methods run only in PC environments. Our methods could effectively discover the exploits of mobile applications, and thus could be utilized as a means of dealing with APT attacks in mobile environments.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.9B
• /
• pp.923-930
• /
• 2009

Digital Rights Management(DRM) is a term that refers technologies for imposing limitations on the use of digital content for protecting media copyright holders. This paper proposes a generic scheme for digital media copy protection that can be applied to any digital media such as audio, video, etc. The scheme will make it very hard to play a copied content on a foreign platform and to guess secret content encryption keys. Unlike other DRM techniques, the scheme uses the stream cipher HC-256 only for encrypting media content and it allows a client to start content playback immediately following its streamed decryption. As to the encryption, it requires to generate several secret keys for each new client(player copy), rather than for each media content, which makes it scalable in terms of managed keys. Also, for simplicity, the scheme supports the popular unlimited-play-after-download policy only, which would eliminate the necessity for deploying separate server or process for licensing.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2001.10b
• /
• pp.965-968
• /
• 2001

최근 초고속 통신망을 이용한 인터넷의 대중화와 더불어 인터넷을 기반으로 하는 전자상거래가 활발해지고 있다. 특히 인터넷을 통한 MP3 데이터 등의 멀티미디어 컨텐츠의 유통은 많은 연구의 대상이 되고 있다. 하지만 기존의 AOD(Audio On Demand) 시스템들은 실질적인 불법복제방지와 저작권 보호에 미흡한 단점이 있다. 따라서 본 논문에서는 에이전트를 이용하여 실질적인 불법복제방지와 저작권을 보호하는 AOD 시스템을 제안한다. 제안된 기법은 사용자의 시스템에 에이전트를 설치하여 정식 사용자를 인증하고 해당 사용자키로 암호화되어 전송된 MP3 데이터를 재생함으로써 전송 도중 제 3 자로부터의 공격에 대응할 수 있고, 정당한 사용자 외에는 MP3 데이터를 사용하지 못하도록 함으로써 사용자와 판매자의 권리를 보장한다.