• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.05a
• /
• pp.82-84
• /
• 2022

In recent years, research has been actively conducted to solve overhead problems caused by the increase in the number of IoT devices. MQTT, one of the IoT lightweight protocols for resolving performance degradation in IoT environments, is standardized to enable efficient operation in many-to-many communication environments, but there is a security vulnerability as it does not provide encryption by default. Although TLS communication technology can be applied to solve these problems, it is difficult to meet IoT's lightweight power-saving requirements. This paper introduces the latest MQTT communication encryption trends and analyzes IoT applicability by comparing TLS encryption and payload encryption methods.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.253-266
• /
• 2023

The Null Pointer Dereference vulnerability is a significant vulnerability that can cause severe attacks such as denial-of-service. Previous research has proposed methods for detecting vulnerabilities, but large and complex programs pose a challenge to their efficiency. In this paper, we present a lightweight tool for detecting specific functions in large binaryprograms through symbolizing variables and emulating program execution. The tool detects vulnerabilities through data dependency analysis and heuristics in each execution path. While our tool had an 8% higher false positive rate than the bap_toolkit, it detected all existing vulnerabilities in our dataset.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.469-471
• /
• 2021

As wireless communication technology advances to ensure high accuracy and safety at high speeds, research and development of Visible Light Communication (VLC) technology has been accelerated as an alternative to traditional radio frequency (RF) technology. As the radio spectrum of RF communication becomes more congested and demand for bandwidth continues to increase, VLCs that can use unlicensed frequency band are proposed as a solution. However, VLC channels have broadcasting characteristics that make them easily exposed to eavesdropping and jamming attacks, and are vulnerable to MITM (Man-In-The-Middle) due to their line of sight (LOS) propagation characteristics. These attacks on VLC channels compromise the confidentiality, integrity, and availability of communications links and data, resulting in higher data retransmission rates, reducing throughput and increasing power consumption, resulting in lower data transmission efficiency. In this work, we model vulnerable VLC channels to analyze the impact of attacks and communications vulnerabilities by malicious jammers.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.449-451
• /
• 2021

Cyber-attacks targeting endpoints have developed sophisticatedly into targeted and intelligent attacks, Advanced Persistent Threat (APT) targeting the Industrial Internet of Things (IIoT) has increased accordingly. Machine learning-based Endpoint Detection and Response (EDR) solutions combine and complement rule-based conventional security tools to effectively defend against APT attacks are gaining attention. However, universal EDR solutions have a high false positive rate, and needs high-level analysts to monitor and analyze a tremendous amount of alerts. Therefore, the process of optimizing machine learning-based EDR solutions that consider the characteristics and vulnerabilities of IIoT environment is essential. In this study, we analyze the flow and impact of IIoT targeted APT cases and compare the method of machine learning-based APT detection EDR solutions.

• The Journal of Society for e-Business Studies
• /
• v.22 no.2
• /
• pp.137-152
• /
• 2017

The decline in the price of IT devices and the development of the Internet have created a new field called Internet of Things (IoT). IoT, which creates new services by connecting all the objects that are in everyday life to the Internet, is pioneering new forms of business that have not been seen before in combination with Big Data. The prospect of IoT can be said to be unlimited in its utilization. In addition, studies of standardization organizations for smooth connection of these IoT devices are also active. However, there is a part of this study that we overlook. In order to control IoT equipment or acquire information, it is necessary to separately develop interworking issues (IP address, Wi-Fi, Bluetooth, NFC, etc.) and related application software or apps. In order to solve these problems, existing research methods have been conducted on augmented reality using GPS or markers. However, there is a disadvantage in that a separate marker is required and the marker is recognized only in the vicinity. In addition, in the case of a study using a GPS address using a 2D-based camera, it was difficult to implement an active interface because the distance to the target device could not be recognized. In this study, we use 3D Depth recognition camera to be installed on smartphone and calculate the space coordinates automatically by linking the distance measurement and the sensor information of the mobile phone without a separate marker. Coordination inquiry finds equipment of IoT and enables information acquisition and control of corresponding IoT equipment. Therefore, from the user's point of view, it is possible to reduce the burden on the problem of interworking of the IoT equipment and the installation of the app. Furthermore, if this technology is used in the field of public services and smart glasses, it will reduce duplication of investment in software development and increase in public services.

• Proceedings of the Korean Society for Food Science of Animal Resources Conference
• /
• 2006.05a
• /
• pp.312-315
• /
• 2006

축산물을 판매하고 있는 인터넷 및 통신판매업소에서 전자상거래 시 표지하여야 할 항목과 안전하고 위생적인 축산물의 확보를 위하여 표지하여야 할 항목으로 나누어 실태조사를 실시하였다. 전자상거래시 온라인(인터넷) 판매영업소가 표시하도록 규정하고 있는 항목 중에서 '상호명'과 '전화번호'를 제외한 나머지 정보는 일부 제품에서 누락되어 있는 것으로 나타났다. 특히 '배송비용 정보'(21% 미표시)와 '사이트 이용 약관'(23% 미표시)과 같은 정보는 상대적으로 높은 부적합률을 나타냈고, '이메일 주소'(22% 미표시)와 '팩스번호'(26% 미표시)의 부적합률은 가장 높게 조사되었다. 또한, 온라인 판매업소가 축산물을 판매할 때 표시하도록 규정되어 있는 항목 중에서 '제품명'과 '식육의 종류' 표시를 제외한 나머지 정보는 일부 제품에서 누락되어 있는 것으로 조사되었다. '식육의 부위'(19% 미표시)와 '제품의 구성'(27% 미표시)과 같은 정보는 상대적으로 높은 부적합률을 나타내었고, '보관방법'(57% 미표시), '품질보증 및 인증내용'(80% 미표시), '식육의 등급'(82% 미표시)과 같은 정보는 많은 제품에서 누락되어 있었으며, 특히 '제조일자'(95% 미표시)는 대부분의 제품에서 표기되어 있지 않은 것으로 조사되었다. 인터넷이나 통신판매업소를 통한 온라인 상거래에서는 육안으로 상품을 직접 확인할 수 없기 때문에 축산물의 위생 상태나 안전성을 파악하기 어려워 보다 확실하고 투명한 방법으로 축산물의 안전성과 위생 상태를 확인하는 수단으로 표시 규정을 100% 준수하여 품질의 고급화와 브랜드화를 이룩해 나가야 할 것으로 사료된다.타내었다.로 나타났다. 특히 골반골 현수는 출하 월령이 증가됨에 따라 관능 특성의 개선율이 높은 것으로 나타났다. 수 있다.분별을 성공적으로 수행하였다.(p<0.05), 맛, 연도, 다즙성 및 전체적인 기호성은 유의한 차이가 없었다.자체를 악하다고 볼 수 없고 더구나 구원을 이 세상에서의 이탈로 볼 수 없다. 진정한 구원이란 원래 하나님이 보시기에 아름다웠던 그 세상으로의 회복을 포함한다. 이런 면에서 하나님 주권 신앙 하에서 구원이란 전 인격적인 구원, 전 우주적인 구원이 된다. 그렇기 때문에 성도는 세상의 삶과 학문, 예술, 정치, 경제, 사회를 포함한 모든 분야를 하나님의 뜻 가운데서 그 원래의 목적에 부합할 수 있도록 회복시키는 일에 적극 참여해야 한다.자체가 이를 주도하기는 사실 어려움이 있다. 그리고 대형유통점이 영업행위를 영업시간제한에서부터 출점제한에 이르기까지 규제하는 건은 심사숙고하여야 한다. 대형유통점이 국가경제 및 지역사회에 미치는 영향이 부정적인가 긍정적인가에 대해 국내외 학계와 업계에서 여전히 많은 논란이 있기 때문이다. 정부와 지자체에 의한 시장개입은 반드시 필요한 경우에 한해 합당한 방법에 의해 이루어져야 한다. 대형유통점에 대한 규제는 지역사회에 미치는 영향을 다면적으로 평가한 결과에 근거하여 이루어져야 할 것이다. 대부분의 지자체는 체계적인 평가시스템과 객관적인 통계 자료를 갖고 있지 못한 실정이다. 향후 가장 시급한 과제는 시장개방 이후 지난 10년간 대형유통점이 지역사회에 미친 영향에 관한 광범위한 통계자료를 수집하고 이를 체계적으로 분석하여 정책방향을 올바르게 설정하는 것이라 할 수 있다.i와 K. pne

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.6
• /
• pp.129-140
• /
• 2003

Recently viruses and various hacking tools that threat hosts on a network becomes more intelligent and cleverer, and so the various security mechanisms against them have ken developed during last decades. To detect these network attacks, many NIPSs(Network-based Intrusion Prevention Systems) that are more functional than traditional NIDSs are developed by several companies and organizations. But, many previous NIPSS are hewn to have some weakness in protecting important hosts from network attacks because of its incorrectness and post-management aspects. The aspect of incorrectness means that many NIPSs incorrectly discriminate between normal and attack network traffic in real time. The aspect of post-management means that they generally respond to attacks after the intrusions are already performed to a large extent. Therefore, to detect network attacks in realtime and to increase the capability of analyzing packets, faster and more active responding capabilities are required for NIPS frameworks. In this paper, we propose a framework for real-time intrusion prevention. This framework consists of packet filtering component that works on netfilter in Linux kernel and traffic control component that have a capability of step-by-step control over abnormal network traffic with the CBQ mechanism.

• Journal of KIISE:Computing Practices and Letters
• /
• v.9 no.1
• /
• pp.13-24
• /
• 2003

MPEG-4 is a standard for multimedia applications and provides a set of technologies to satisfy the needs of authors, service providers and end users alike. In this paper, we suggest a Real-time Multiple Circular Buffer (M4RM Buffer) model, which is suitable for streaming these MPEG-4 contents efficiently. M4RM buffer generates each structure of the buffer, which matches well with each object composing an MPEG-4 content, according to the transferred information, and manipulates multiple read/write operations only by its reference. It divides the decoder buffer and the composition buffer, which are described in the standard, by the unit of frame allocated to minimize the range of access. This buffer unit of a frame is allocated according to the object description. Also, it processes the objects synchronization within the buffer and provides APIs for an efficient buffer management to process the real-time user events. Based on the performance evaluation, we show that M4RM buffer model decreases the waiting time in a buffer frame, and so allows the real-time streaming of an MPEG-4 content using the smaller size of the memory block than IM1-2D and Window Media Player.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.12
• /
• pp.67-73
• /
• 2010

In SIP(Session Initiation Protocol) environment, the presence event notification operation makes presence service user to recognize presence information status changes of the other party. In conventional method, the user should send each SIP SUBSCRIBE message containing the address of the other party to the presence server. Furthermore each presence subscription requires refresh messages, and the amount of notification messages from the other party becomes large. These facts increases network traffic and the load of presence server. In this paper, to solve these problems a new presence list service has been suggested. It uses a presence list consists of URI of the other party and make it possible to subscribe by using one SUBSCRIBE message. So this method decreases the amount of SUBSCRIBE messages and refresh messages, and it also decreases the amount processing event notification messages from the subscribed the other party. And to increase the efficiency, a presence filtering method which enables to include some parts of selected presence information into the notification message body has been also suggested. The implemented system can reduce SIP message related network traffic and message processing time of the presence server. The performance of this proposed system has been evaluated by experiments, and the results showed decreasing of server processing time.

• Korean Journal of Remote Sensing
• /
• v.23 no.2
• /
• pp.125-130
• /
• 2007

This paper introduce a satellite image based blog system built by JeonNam local province. Main goals of this system are as follows : (1)Overcome the static aspect of traditional Web-GIS, (2)Providing a geoUCC generating platform by combining multimedia technology and GIS in a single web environment, (3)Building a two-way Web-GIS through user's participation, (4)Creating a new communicative way between government and citizen by using this system. As a result of the system building, this system enables users to create his/her own UCC(User Created Contents) on high-resolution satellite image and enables users to share his/her own UCC with other system using Web2.0 technology.