• Title/Summary/Keyword: 정보보호시장

Search Result 518, Processing Time 0.027 seconds

Classification of DJI Drones Based on Flight Log Decryption Method (비행 로그 복호화 방식에 따른 DJI 드론 분류)

  • Lee, Youngwoo;Kim, Juhwan;Yu, Jihyeon;Yun, Joobeom
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.32 no.1
    • /
    • pp.77-88
    • /
    • 2022
  • With the development and popularization of drone manufacturing technology, the drone market, which was mainly focused on industry, agriculture, and military, is also showing great growth in individual and commercial markets. Among them, DJI has a high share in the personal and commercial drone market, and accordingly, forensic analysis of DJI drones is drawing attention. In particular, when stealing and analyzing drones used in criminal acts, a technology to interpret flight logs recording drone flight paths and hardware information is needed, which inevitably applies drone models due to differences in decryption methods. Therefore, when an unidentified drone is acquired from the perspective of a digital forensic investigator, a clear classification of a drone model to which analysis can be applied is required. This paper proposes a method of extracting and analyzing artifacts of DJI drones through forensics, and analyzes media data analysis and flight log analysis results and decryption methods for three drone models with different release years of DJI. Finally, drones in the DJI product line are classified according to whether the commercialized DJI drone flight log is decrypted.

Information Security Job Skills Requirements: Text-mining to Compare Job Posting and NCS (정보보호 직무 수행을 위해 필요한 지식 및 기술: 텍스트 마이닝을 이용한 구인광고와 NCS의 비교)

  • Hyo-Jung Jun;Byeong-Jo Park;Tae-Sung Kim
    • Information Systems Review
    • /
    • v.25 no.3
    • /
    • pp.179-197
    • /
    • 2023
  • As a sufficient workforce supports the industry's growth, workforce training has also been carried out as part of the industry promotion policy. However, the market still has a shortage of skilled mid-level workers. The information security disclosure requires organizations to secure personnel responsible for information security work. Still, the division between information technology work and job areas is unclear, and the pay is not high for responsibility. This paper compares job keywords in advertisements for the information security workforce for 2014, 2019, and 2022. There is no difference in the keywords describing the job duties of information security personnel in the three years, such as implementation, operation, technical support, network, and security solution. To identify the actual needs of companies, we also analyzed and compared the contents of job advertisements posted on online recruitment sites with information security sector knowledge and skills defined by the National Competence Standards used for comprehensive vocational training. It was found that technical skills such as technology development, network, and operating system are preferred in the actual workplace. In contrast, managerial skills such as the legal system and certification systems are prioritized in vocational training.

Study on the AI Speaker Security Evaluations and Countermeasure (AI 스피커의 보안성 평가 및 대응방안 연구)

  • Lee, Ji-seop;Kang, Soo-young;Kim, Seung-joo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.28 no.6
    • /
    • pp.1523-1537
    • /
    • 2018
  • The AI speaker is a simple operation that provides users with useful functions such as music playback, online search, and so the AI speaker market is growing at a very fast pace. However, AI speakers always wait for the user's voice, which can cause serious problems such as eavesdropping and personal information exposure if exposed to security threats. Therefore, in order to provide overall improved security of all AI speakers, it is necessary to identify potential security threats and analyze them systematically. In this paper, security threat modeling is performed by selecting four products with high market share. Data Flow Diagram, STRIDE and LINDDUN Threat modeling was used to derive a systematic and objective checklist for vulnerability checks. Finally, we proposed a method to improve the security of AI speaker by comparing the vulnerability analysis results and the vulnerability of each product.

A Study and Design of IPTV DRM System for Playback of H.264/AVC Contents (IPTV에서 H.264/AVC 콘텐츠 재생을 위한 DRM 시스템 연구 및 설계)

  • Shin, Young-Rok;Na, Sang-Ho;Huh, Eui-Nam
    • Annual Conference of KIPS
    • /
    • 2009.11a
    • /
    • pp.693-694
    • /
    • 2009
  • 멀티미디어 기기의 발달과 인터넷의 확산 등의 영향으로 디지털 콘텐츠의 제작 및 유통이 일반화되면서 시장 활성화가 되었지만 불법복제로 인한 시장에 악영향도 미치고 있다. 그리하여 DRM이란 정보보호 기술이 일반화되고 그 기능이 중요하게 되었다. 본 논문에서는 기존의 데이터 전체를 암호화하는 방식의 DRM 시스템과는 달리 H.264/AVC의 특성을 이용하여 콘텐츠의 일부만을 암호화하여 서버에 최소한의 영향을 주면서 영상을 전송할 수 있는 효과적인 DRM 시스템을 제안하였다.

Detection Technique of Suspected Piracy Sites based on Image Black List (이미지 블랙리스트 기반 저작권 침해 의심 사이트 탐지 기법)

  • Kim, Eui-Jin;Jung, In-Su;Song, Yu-Rae;Kwak, Jin
    • Annual Conference of KIPS
    • /
    • 2021.05a
    • /
    • pp.148-150
    • /
    • 2021
  • 저작권 콘텐츠의 해외 진출과 함께, 국내·외 저작권 시장 규모가 증가하고 있다. 이와 동시에 등장한 저작권 침해사이트는 메인 페이지에 저작권 침해사이트를 대표하는 이미지를 게시하는 특징이 있다. 이러한 저작권 침해사이트는 음악, 영화, 드라마 등의 저작권 콘텐츠를 불법 유통시키며 저작권 시장에 피해를 입히고 있다. 공공기관에서는 저작권 침해를 방지하기 위해 저작권 침해사이트를 차단하는 등의 대응을 하고 있지만, 저작권 침해사이트의 생성 속도에 비해 침해 여부 판단 속도가 상대적으로 느려서 차단에 어려움이 존재한다. 따라서, 본 논문에서는 저작권 침해사이트의 대표 이미지를 활용한 이미지 블랙리스트에 기반하여 저작권 침해 의심 사이트 탐지 기법을 제안하고자 한다.

Prediction of solar power generation for power brokerage based on Federated Learning (연합학습 기반 전력 중개용 태양광 발전 예측)

  • Lee, Mirinae;Yeom, Sungwoong;Kim, Kyungbaek
    • Annual Conference of KIPS
    • /
    • 2022.11a
    • /
    • pp.577-579
    • /
    • 2022
  • 최근 대두된 환경문제로 인해 다양한 재생 에너지의 실리적인 활용 방법에 귀추가 주목되고 있다. 특히 '그린뉴딜', 'K-RE100' 등 정부 주도의 정책으로 태양광 발전 시장 규모가 확대되면서, 소규모 발전 사업자의 태양광 발전 참여율도 매년 증가 추세를 보이고 있다. 이로 인해 소규모 발전 사업자의 수익을 산정하는 전력 중개 시스템의 태양광 발전 예측은 에너지 시장의 핵심요소로 부각되었다. 하지만 전력 중개용 태양광 발전 예측에는 기후의 간헐성으로 인한 예측 정확도 감소, 소규모 발전 사업자의 개인정보 보호 등 제약이 존재한다. 이 논문에서는 전력 중개용 태양광 발전 예측의 제약을 해소하고, 전력 중개 활성화를 지원키 위한 CNN-LSTM 기반 연합학습 기법을 제안한다.

Priority Assessment of Cyber Threat Indicators (사이버 위협 지표 간 중요도 비교 분석 연구)

  • Lee, Ro-woon;Kwon, Hun-yeong
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.31 no.5
    • /
    • pp.951-958
    • /
    • 2021
  • With the growing cyber threat to information assets, it has become important to share threat information quickly. This paper examines the sharing of cyber threat information and presents a method to determine the importance of threat indicators in the information sharing market by calculating weights. The analysis was conducted using AHP techniques, with a pairwise comparison of the four factors(attacker & infected system indicators, role indicators, malicious file indicators, technique & spread indicators) and the details of each factor. Analysis shows that malicious file indicators are the most important among the higher evaluation factors and infected system IP, C&C and Smishing are the most important factors in comparison between detailed items. These findings could be used to measure the preference of consumers and the contribution of information provider for facilitating information sharing.

An Empirical Study on the Relationships among Safeguarding Mechanism, Relationship Learning, and Relationship Performance in Technology Cooperation Network by Applying Resource Based Theory (자원기반이론을 적용한 기술협력 네트워크에서 보호 메커니즘, 관계학습, 관계성과의 관계에 대한 실증연구)

  • Kang, Seok-Min
    • Management & Information Systems Review
    • /
    • v.35 no.2
    • /
    • pp.45-66
    • /
    • 2016
  • Firms can make scale of economy and scope of economy by internalizing and using new advanced technology and knowledge from technology cooperation network, decrease risk and cost with partner firm of technology cooperation network, and increase market advantage of product & strengthen firms' position in the market. Due to the advantages of technology cooperation network, the related studies have focused on the positive effect of technology cooperation network. However, the related studies investigating the relationship between technology cooperation network and firm performance have only examined the role of technology cooperation network. Safeguarding mechanism, relationship learning, and relationship performance are categorized into the process of technology cooperation network, and this categorization is applied as resources, capability, and performance by resource based view. The empirical results are reported as belows. First, relationship specific investment and relationship capital positively affect on relationship learning as capability. Second, information sharing, common information understanding, and relationship specific memory development positively affect on long-term orientation, but information sharing has no impact on efficiency and effectiveness. Third, relationship specific investment positively affects on relationship capital and efficiency and effectiveness have positive effects on long-term orientation. Applying technology cooperation network in asymmetric technology dependency with resource based theory, this study suggested the importance of both safeguarding and relationship learning by investigating the relationship among safeguarding, relationship learning, and relationship performance. And it is worthy that this study investigated how firms' behavior change affects relationship performance in the relationship of technology cooperation partner.

  • PDF

ZigBee Authentication Protocol with Enhanced User Convenience and Safety (사용자 편의성 및 안전성이 강화된 ZigBee 인증 프로토콜)

  • Ho-jei Yu;Chan-hee Kim;Sung-sik Im;Soo-hyun Oh
    • Convergence Security Journal
    • /
    • v.22 no.1
    • /
    • pp.81-92
    • /
    • 2022
  • The rapidly growing IoT market is expanding not only in general households but also in smart homes and smart cities. Among the major protocols used in IoT, ZigBee accounts for more than 90% of the smart home's door lock market and is mainly used in miniaturized sensor devices, so the safety of the protocol is very important. However, the device using Zig Bee is not satisfied with the omnidirectional safety because it uses a fixed key during the authentication process that connects to the network, and it has not been resolved in the recently developed ZigBee 3.0. This paper proposes a design method that provides omnidirectional safety to the ZigBee authentication protocol and can be quickly applied to existing protocols. The proposed improved ZigBee authentication protocol analyzed and applied the recently developed OWE protocol to apply ECDH, which has low computational volume and provides omnidirectional safety in IoT. Based on this, it provides the safety of the ZigBee authentication protocol, and it is expected that it will be able to provide user convenience as it does not require a separate certificate or password input.

모바일 지급결제 및 바이오인식 융합기술 동향

  • Choi, Pil-Joo;Lee, Jae-Seong;Kim, Dong-Kyue
    • Review of KIISC
    • /
    • v.22 no.4
    • /
    • pp.21-28
    • /
    • 2012
  • 최근 스마트폰을 이용한 모바일 금융 서비스 시장이 증대되고 있으나 개방된 무선인터넷을 사용하며 도난 및 분실의 위험이 큰 모바일 환경의 특성으로 인하여 안전한 인증 기술의 필요성이 대두되고 있다. 최근 모든 플랫폼에서 사용할 수 있는 오픈 뱅킹에 대한 수요와 편의성에 대한 요구로 기존의 공개키 기반의 인증 방식인 공인인증서를 대체할 수 있는 새로운 인식 기술이 요구되고 있다. 사용자의 생체 특성을 이용하는 바이오 인식 기술은 모바일에 탑재되어 있는 기본입력 장치를 이용하여 바이오 정보를 인식하는 것이 가능하며 별도의 소지 없이 간단히 인식이 가능하기 때문에 모바일 지급 결제에 공인인증서를 대체할 수단으호 사용될 수 있다. 아직 모바일 지급결재에 바이오인식 기술을 적용하기에는 인식률의 정확도 향상이 필요한 상태이나 이를 위한 소프트웨어 및 하드웨어적인 개선이 이루어진다면 안전한 모바일 지급결제 환경을 구축할 수 있을 것으로 기대된다.