• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.5
• /
• pp.827-835
• /
• 2022

In order to use online financial services, user authentication technology is necessary. Password check through keyboard typing is the most common technique. However, since it became known that key stokes on the keyboard can be intercepted easily, many Internet banking services and easy payment services have adopted the virtual keyboard. However, contrary to the expectation that the virtual keyboard will be safe, there is a risk that key strokes on the virtual keyboard can be leaked. In this paper, we analyzed the possibility of password leaking on the virtual keyboard and presented a password leaking method using mouse event hooking and screen capture in PC operating system. In addition, we inspected the possibility of password leak attacks on several famous Korea Internet banking websites and simple payment services, and as a result, we verified that the password input method through the virtual keyboard in the PC operating system is not secure.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.183-191
• /
• 2023

Cryptographic algorithms require extensive computational resources and rely on complex mathematical principles for security. However, IoT devices have limited resources, leading to insufficient computing power. As a result, lightweight cryptography has emerged, which uses fewer computational resources. NIST organized a competition to standardize lightweight cryptography and TinyJAMBU, one of the algorithms in the competition, is a permutation-based algorithm that repeats many permutation operations. In this paper, we implement TinyJAMBU on an 8-bit AVR processor with a proposedtechnique that includes a reverse shift method and precomputing some operations in a fixed key and nonce environment. Our techniques showed a maximum performance improvement of 7.03 times in permutation operations and 5.87 times in the TinyJAMBU algorithm, improving up to 9.19 times in a fixed key and nonce environment.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.05a
• /
• pp.169-171
• /
• 2021

Image processing through cameras such as self-driving, CCTV, mobile phone security, and parking facilities is being used to solve many real-life problems. Simple classification is solved through image processing, but it is difficult to find images or in-image features of complexly mixed objects. To solve this feature point, we utilize deep learning techniques in classification, detection, and segmentation of image data so that we can think and judge closely. Of course, the results are better than just image processing, but we confirm that the results judged by the method of image segmentation using deep learning have deviations from the real object. In this paper, we study how to perform accuracy improvement through simple image processing just before outputting the output of deep learning image segmentation to increase the precision of image segmentation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.1
• /
• pp.87-97
• /
• 2023

Containers are an emerging virtualization technology that can build an isolated environment more lightweight and faster than existing virtual machines. For that reason, many organizations have recently adopted them for their services. Yet, the container architecture has also exposed many security problems since all containers share the same OS kernel. In this work, we focus on the fact that an attacker can abuse host resources to make them unavailable to benign containers-also known as host resource exhaustion attacks. Then, we analyze the impact of host resource exhaustion attacks through real attack scenarios exhausting critical host resources, such as CPU, memory, disk space, process ID, and sockets in Docker, the most popular container platform. We propose five attack scenarios performed in several different host environments and container images. The result shows that three of them put other containers in denial of service.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.6
• /
• pp.1055-1065
• /
• 2023

Recently, various studies using deep reinforcement learning (deep RL) technology have been conducted to solve complex problems using big data collected at industrial internet of things. Deep RL uses reinforcement learning"s trial-and-error algorithms and cumulative compensation functions to generate and learn its own data and quickly explore neural network structures and parameter decisions. However, studies so far have shown that the larger the size of the learning data is, the higher are the memory usage and search time, and the lower is the accuracy. In this study, model-agnostic learning for efficient federated deep RL was utilized to solve privacy invasion by increasing robustness as 55.9% and achieve 97.8% accuracy, an improvement of 5.5% compared with the comparative optimization-based meta learning models, and to reduce the delay time by 28.9% on average.

• Journal of the Korea Society of Computer and Information
• /
• v.28 no.12
• /
• pp.105-114
• /
• 2023

In this paper, we propose a deployment and operation scheme of UxNB network toward mobile IAB. By operating a UxNB network based on SDN(Software Defined Network), UxNBs are deployed in areas where mobile communication services are desired. After deploying UxNB in the service area, IAB can be set up to perform mobile communication services. For this purpose, this paper first proposes a UxNB Network Controller consisting of a UAV Controller and an SDN Controller, and proposes the necessary functions. Next, we present a scenario in which a UxNB network can be deployed and operated in detail step by step. We also discuss the location of the UxNB network controller, how to deliver control commands from the UAV controller to the UxNB, how to apply IAB for UxNB networks, optimization of UxNB networks, RLF(radio link failure) recovery in UxNB networks, and future research on security in UxNB networks. It is expected that the proposed UxNB Network Controller architecture and UxNB network deployment and operation will enable seamless integration of UxNB networks into Mobile IAB.

• Journal of the Korea Society of Computer and Information
• /
• v.29 no.6
• /
• pp.77-87
• /
• 2024

In this paper, we propose a study applying the Delphi technique to domestic blockchain experts to determine urgent and pivotal conditions for NFT proliferation. We examine these conditions from a PEST (Political, Economic, Social, and Technological Analysis of the Macro Environment) perspective, as well as the functions of digital assets (measurement, storage, and exchange). Through two rounds of expert surveys on the seven NFT perspectives, we identify 6 activating factors that can help guide future policy-making for the NFT market. These factors have broad implications for the development of new industries using blockchain technology and tokens. The Delphi method employed in this study is a group discussion technique that gathers opinions from experts anonymously through two rounds and to address drawbacks related to expert selection bias and opinion alignment, additional opinion collection and review of projections were conducted in each round.

• Journal of Korea Society of Industrial Information Systems
• /
• v.29 no.4
• /
• pp.35-42
• /
• 2024

In this study, we propose a method for real-time recognition and analysis of dog behavior using a motion sensor and deep learning techonology. The existing home CCTV (Closed-Circuit Television) that recognizes dog behavior has privacy and security issues, so there is a need for new technologies to overcome them. In this paper, we propose a system that can analyze and care for a dog's behavior based on the data measured by the motion sensor. The study compares the MLP (Multi-Layer Perceptron) and CNN (Convolutional Neural Network) models to find the optimal model for dog behavior analysis, and the final model, which has an accuracy of about 82.19%, is selected. The model is lightened to confirm its potential for use in embedded environments.

• Journal of Platform Technology
• /
• v.11 no.6
• /
• pp.89-105
• /
• 2023

With the development of information technology, most of the information has been converted into digital information, leading to the Big Data era. The demand for search platform has increased to enhance accessibility and usability of information in the databases. Big data search software platforms consist of two main components: (1) an indexing component to generate and store data indices for a fast and efficient data search and (2) a searching component to look up the given data fast. As an amount of data has explosively increased, data indexing performance has become a key performance bottleneck of big data search platforms. Though many companies adopted big data search platforms, relatively little research has been made to improve indexing performance. This research study employs Elasticsearch platform, one of the most famous enterprise big data search platforms, and builds physical clusters of 3 nodes to investigate optimal indexing performance configurations. Our comprehensive experiments and studies demonstrate that the proposed optimal Elasticsearch configuration achieves high indexing performance by an average of 3.13 times.

• Information Systems Review
• /
• v.18 no.1
• /
• pp.57-78
• /
• 2016

Hacking has raised many critical issues in the modern world, particularly because the size and cost of the damages caused by this disruptive activity have steadily increased. Accordingly, many significant studies have been conducted by behavioral scientists to understand hackers and their practices. Nonetheless, only qualitative methods, such as interviews, meta-studies, and media studies, have been employed in such studies because of hacker sampling limitations. Existing studies have determined that intrinsic motivation was the dominant factor influencing hackers, and that their techniques were mainly acquired from online hacking communities. However, such results have yet to be causally proven. This study attempted to identify the causal factors influencing the motivational and environmental factors encouraging hackers to learn hacking skills. To this end, hacker community members using the theory of planned behavior were observed to identify the causal factors of their learning of hacking skills. We selected a group of students who were developing their hacking skills. The survey was conducted over a two-week period in May 2015 with a total of 227 students as respondents. After list-wise deletion, 215 of the responses were deemed usable (94.7 percent). In summary, the hackers were aware that hacking skills are considered socially unethical, and their attitudes toward the learning of hacking skills were affected by both intrinsic and extrinsic motivations. In addition, the characteristics of the online hacking community affected their perceived behavioral control. This study introduced new concepts in the process of conducting a causal relationship analysis on a hacker sample. Moreover, this research expanded the discussion on the causal direction of subjective norms in unethical research, and empirically confirmed that both intrinsic and extrinsic motivations affect the learning of hacking skills. This study also made a practical contribution by raising the educational and policy response issues for ethical hackers and demonstrating the necessity to intensify the punishment for hacking.