• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.12
• /
• pp.944-953
• /
• 2013

Recently, a storage media is becoming smaller and storage capacity is also becoming larger than before. However, important data was leaked through a small storage media. To solve these serious problem, many security companies manufacture secure USBs with secure function, such as data encryption, user authentication, not copying data, and management system for secure USB, etc. But various attacks, such as extracting flash memory from USBs, password hacking or memory dump, and bypassing fingerprint authentication, have appeared. Therefore, security techniques related to secure USBs have to concern many threats for them. The basic components for a secure USB are secure authentication and data encryption techniques. Though existing secure USBs applied password based user authentication, it is necessary to develop more secure authentication because many threats have appeared. And encryption chipsets are used for data encryption however we also concern key managements. Therefore, this paper suggests mutual device authentication based on PUF (Physical Unclonable Function) between USBs and the authentication server and key management without storing the secret key. Moreover, secure USB is systematically managed with metadata and authentication information stored in authentication server.

• Journal of the Economic Geographical Society of Korea
• /
• v.11 no.4
• /
• pp.580-599
• /
• 2008

This paper aims at examining the existence and characteristics of regional difference in project finance in Korea. Main results of this paper are as follow. Firstly, regional difference in project finance between capital region and local can be seen partially. However, their characteristics are different from corporate finance. ANOVA tests show significant differences of excess interest rate occur in case of commercial real estate projects and significant differences of contracted terms occur in case of residential real estate projects carried out by local banks. Secondly, key factors causing the regional differences in project finance are asymmetric information for cash flow generated by the project between the capital region and local. Especially, regional differences in project finance are different from those in corporate financing because of local banks$^{\circ}{\phi}$ behaviors. They follow and act as the passive members of nationwide banks in case of the capital region projects. Thirdly, prepaid sale system and the guarantee system depending on construction companies dilute the regional differences in project finance in case of residential real estate projects. Although these systems contributed rapid growth of project finance, they may be the main factors distorting project finance market which lead to financial crisis. In these context, policy implications may be derived in order to solve the confronted problems of project finance market.

• Journal of Internet Computing and Services
• /
• v.21 no.1
• /
• pp.179-190
• /
• 2020

In the Unix-like system environment, the GOT overwrite attack is one of the traditional control flow hijacking techniques for exploiting software privileges. Several techniques have been proposed to defend against the GOT overwrite attack, and among them, the Full Relro(Relocation Read only) technique, which blocks GOT overwrites at runtime by arranging the GOT section as read-only in the program startup, has been known as the most effective defense technique. However, it entails loading delay, which limits its application to a program sensitive to startup performance, and it is not currently applied to the library due to problems including a chain loading delay problem caused by nested library dependency. Also, many compilers, including LLVM, do not apply the Full Relro technique by default, so runtime programs are still vulnerable to GOT attacks. In this paper, we propose a GOT protection scheme using the Control Flow Integrity(CFI) technique, which is currently recognized as the most suitable technique for defense against code reuse attacks. We implemented this scheme based on LLVM and applied it to the binutils-gdb program group to evaluate security, performance and compatibility. The GOT protection scheme with CFI is difficult to bypass, fast, and compatible with existing library programs.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.5
• /
• pp.59-70
• /
• 2012

RSA-CRT is one of the commonly used techniques to speedup RSA operation. Since RSA-CRT performs its operations based on the modulus of two private primes, it is about four times faster than RSA. In RSA, the two primes are normally thrown away after generating the public key pair. However, in RSA-CRT, the two primes are directly used in RSA operations. This led to hardware fault attacks which can be used to factor the public modulus. The most common way to counter these attacks is based on error propagation. In these schemes, all the outputs of RSA are affected by the infected error which makes it difficult for an adversary to use the output to factor the public modulus. However, the error propagation has sequentialized the RSA operation. Moreover, these schemes have been found to be still vulnerable to hardware fault attacks. In this paper, we propose two new RSA-CRT schemes which are both resistant to hardware fault attack and support parallel execution: one uses common modulus and the other one perform operations in each prime modulus. Both proposed schemes takes about a time equal to two exponentiations to complete the RSA operation if parallel execution is fully used and can protect the two private primes from hardware fault attacks.

• Ecology and Resilient Infrastructure
• /
• v.7 no.3
• /
• pp.181-188
• /
• 2020

In this study, a temperature distribution sensing method using optical fiber was applied to a large-scale levee experiment, and the applicability of wide-area levee or embankment monitoring technology to observe the changes inside the levee was reviewed. The optical fiber was buried in a large-scale levee, and the temporal and spatial temperature changes were measured according to the water level changes in the reservoir. As the water level of the reservoir increased, the temperature of the embankment slope decreased, and as the infiltration progressed, a change in the spatial location of the temperature change was detected. The temperature change due to embankment infiltration varied depending on the time of the infiltration progress, and the change assumed to be the seepage line could be observed. This study has demonstrated that information about temperature changes inside the levee can be interpreted as the information on the locations that are judged to be relatively vulnerable, investigating the changes in the condition inside the levee.

• Korean journal of communication and information
• /
• v.27
• /
• pp.63-91
• /
• 2004

The purpose of this study is to investigate the gender discourse of Korean newspapers. For this, the study analyzes the frames of frames of crime news on Chosun Daily and Hangyurae Newspaper for 2 years. The data are collected using KINDS, and include 265 crime articles involving woman. According to the results of this research, the episodic frames are used in the most of crime news. The five frame devices are founded in the episodic frame articles; the male subjectivity and the female objectivity, the male-oriented perspectives which reporters have, the abused sexual details and sensationalism, the emphasis of women body's fragility which imply woman's unavoidability as victims, and finally, blaming women who are victims of crimes. And in the articles of thematic frames, the similar frame devices are found. In particular, they only emphasize the problem of crime and fail to suggest a concrete resolution. Finally, the study discusses the findings relating to the patriarchal news making convention and the commercialism of newspaper industry. The two newspapers have been pursuing quite different political lines in Korean society. It is generally considered that Hangyurae newspaper is progressive and Chosun Daily is conservative. However, this study reveals that the way dealt with women in the crime news are not different. It is concluded that Korean newspapers still produce the gender discourse based on male-centric perspective and patriarchal ideology.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.21 no.10
• /
• pp.308-316
• /
• 2020

This study attempted to derive an equation for calculating the damage impact distance using CARIS so that local governments can quickly determine evacuation and notification of residents in the event of an ammonia-release accident. Ammonia is an accident-causing substance and one of 16 substances to prepare for resident evacuation. It is the most frequently occurring chemical with 58 chemical accidents from 2014~2019. The study derives an equation for calculating the damage impact distance according to the exposure time of ammonia based on AEGL, an acute exposure standard applicable to the general population, which is includes vulnerable groups such as infants, children and the elderly and designated by the EPA. The calculation formulas for each concentration and exposure time to classify the hazardous area according to AEGL-3 and the semi-dangerous area according to AEGL-2 were derived. A comparison of the relative standard deviation between the damage impact distance values of CARIS revealed that is was in the range of 0~2%. Local governments should consider the actual accident situation and apply the appropriate damage-affected distance calculation formula derived from the study to evacuate residents near the origin of the accident or use for protective measures such as indoor evacuation notification.

• The KIPS Transactions:PartC
• /
• v.14C no.1 s.111
• /
• pp.27-38
• /
• 2007

IPv6 has appeared for solving the address exhaustion of IPv4 and for guaranteeing the problems of security and QoS. It occurs the unexpected new attacks of IPv6 as well as the existing attacks of IPv4 because of the increasing address space to 128bits and the address hierarchies for efficient network management and additions of the new messages between nodes and routers like neighbor discovery and auto address configuration for the various comfortable services. For the successful transition from IPv4 to IPv6, we should get the secure compatibility between IPv4 hosts or routers working based on secure and systematic policy and IPv6. Network manager should design security technologies for efficient management in IPv4/IPv6 co-existence network and IPv6 network and security management framework designation. In this paper, we inspected the characteristics of IPv4 and IPv6, study on security requirement for efficient security management of various attacks, protocol, service in IPv4/IPv6 co-existence and IPv6 network, and finally suggest integrated solution about security vulnerability of IPv6 network in considering of analysis of IPv6 system, host and application, IPv6 characteristics, modified CGA(MCGA).

• KIPS Transactions on Software and Data Engineering
• /
• v.6 no.11
• /
• pp.537-542
• /
• 2017

Aggressive driving is a major cause of car accidents. Previous studies have mainly analyzed young driver's aggressive driving tendency, yet they were only done through pure clustering or classification technique of machine learning. However, since elderly people have different driving habits due to their fragile physical conditions, it is necessary to develop a new method such as enhancing the characteristics of driving data to properly analyze aggressive driving of elderly drivers. In this study, acceleration data collected from a smartphone of a driving vehicle is analyzed by a newly proposed ECA(Enhanced Clustering method for Acceleration data) technique, coupled with a conventional clustering technique (K-means Clustering, Expectation-maximization algorithm). ECA selects high-intensity data among the data of the cluster group detected through K-means and EM in all of the subjects' data and models the characteristic data through the scaled value. Using this method, the aggressive driving data of all youth and elderly experiment participants were collected, unlike the pure clustering method. We further found that the K-means clustering has higher detection efficiency than EM method. Also, the results of K-means clustering demonstrate that a young driver has a driving strength 1.29 times higher than that of an elderly driver. In conclusion, the proposed method of our research is able to detect aggressive driving maneuvers from data of the elderly having low operating intensity. The proposed method is able to construct a customized safe driving system for the elderly driver. In the future, it will be possible to detect abnormal driving conditions and to use the collected data for early warning to drivers.

• Journal of the Society of Disaster Information
• /
• v.16 no.1
• /
• pp.155-162
• /
• 2020

Purpose: The purpose of study was to identify problems in disaster recovery resource management and operation through on-site investigation and utilize them as improvement proposal for disaster recovery resources management by local governments. Method: Areas with high natural and social disasters recorded in historical and yearly records of natural and social disasters, related books, and annual reports for 20 years were selected. The DRSS data of the selected local governments were analyzed and the reserve warehouse were selected for field survey. Result: It is analyzed that the current situation in the city hall and district offices is somewhat insufficient due to heavy work by the working-level officials of local governments on the storage of disaster recovery resources. The actual amount of stockpiles and DRSS data are somewhat different or missing because the input method and criteria are not clear at present when inputting the current data. Conclusion: To improve the management of the disaster recovery resource reserve, it is deemed that education of DRSS and training of best practices for the operation of disaster management resources are urgently needed, and that a systematic management of stockpiles using disaster prevention experts will be required.