• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.1
• /
• pp.81-91
• /
• 2016

Nowadays, electronic device is in a close relationship with human life. Above all, the use of wireless electronic devices such as smart phone, tablet pc, and wireless keyboard is increasing owing to the high convenience and portability. Furthermore, according to the increasing use of sensitive personal and financial information from the electronic device, various attacks for stealing information are being reported. In this paper we do an analysis of 27MHz wireless keyboard vulnerability and set up an analysis environment. Moreover, we make an experiment and show that there are real vulnerabilities. An experimental result will be used for safety analysis and vulnerability verification of wireless electronic devices.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.357-367
• /
• 2018

As information technology of modern society develops, various malicious codes with the purpose of seizing or destroying important system information are developing together. Among them, ransomware is a typical malicious code that prevents access to user's resources. Although researches on detecting ransomware performing encryption have been conducted a lot in recent years, no additional methods have been proposed to recover damaged files after an attack. Also, because the similarity comparison technique was used without considering the repeated encryption, it is highly likely to be recognized as a normal behavior. Therefore, this paper implements a filter driver to control the file system and performs a similarity comparison method that is verified based on the analysis of the encryption pattern of the ransomware. We propose a system to detect the malicious process of the accessed process and recover the damaged file based on the cloud storage.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1179-1195
• /
• 2018

Recently, a variety of attacks on web services have been occurring through a multiple access environment such as PC, tablet, and smartphone. These attacks are causing various subsequent damages such as online fraud transactions, takeovers and theft of accounts, fraudulent logins, and information leakage through web service vulnerabilities. Creating a new fake account for Fraud attacks, hijacking accounts, and bypassing IP while using other usernames or email addresses is a relatively easy attack method, but it is not easy to detect and block these attacks. In this paper, we have studied a method to detect online fraud transaction and obsession by identifying and managing devices accessing web service using web-based device fingerprinting. In particular, it has been proposed to identify devices and to manage them by scoring process. In order to secure the validity of the proposed scheme, we analyzed the application cases and proved that they can effectively defend against various attacks because they actively cope with online fraud and obtain visibility of user accounts.

• Applied Chemistry for Engineering
• /
• v.16 no.3
• /
• pp.403-407
• /
• 2005

Pyrolysis of methyl ricinoleate, from castor oil, was performed to produce methyl undecenoate. Methyl undecenoate has excellent deodorant, bactericidal and fungicidal activity. The object of this study was to find the optimum temperatures to maximize the yield of methyl undecenoate. The optimum temperatures were at $500^{\circ}C$ and $590^{\circ}C$ for preheating and pyrolysis, respectively. The maximum yield was 46% on the basis of injected methyl ricinoleate. The feeding rate of methyl ricinoleate mixture was selected as the scale-up factor. Maintaining the maximium yield, the feeding rate was scaled-up 20 folds, while the reactor was scaled-up 18 times.

• Journal of Korean Society of Environmental Engineers
• /
• v.28 no.1
• /
• pp.97-103
• /
• 2006

In this paper, a control method of a mini ozone generator is proposed, and also a cooling technique is described which is cooling down the flowing air gap into a silent discharger to $2^{\circ}C$ to generate ozone of high density and diffusing power. As the digital control system for this method, a double feedback loop is designed which detects the voltage and current of equivalent capacitor of the discharger and compensates for the poor power waveform caused by the noise at high discharging frequency. During the plant modeling of this system, computing time factor is considered as a unique parameter of the power system to improve the transient responses with regard to fluctuating load and to replenish the computing time delay of the controller. Through the experiment, sinusoidal input current for discharger can be acquired and all the effectiveness of this accurate control system over unstable ozone discharger are proved.

• KIISE Transactions on Computing Practices
• /
• v.23 no.8
• /
• pp.504-509
• /
• 2017

Preserving the integrity of the booting process is important. Recent rootkit attacks and subverting OS attacks prove that any post-OS security mechanism can be easily circumvented if the booting process is not properly controlled. Using an actual case as an example, the hacker of the Se-jong government office simply bypassed the user's password authentication by compromising the normal booting process. This paper analyzes existing pre-OS protection using secure boot and measured boot, and proposes another bootloader that overcomes the limitations. The proposed bootloader not only guarantees the integrity of all the pre-OS binaries, bootloaders, and kernel, it also makes explicit records of integrity in the booting process to the external TPM device, so that we can track modifications of BIOS configurations or unintended booting process modifications.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.15 no.11
• /
• pp.6849-6855
• /
• 2014

Recently, with the increasing use of smart phones, security issues, such as safety and reliability of the use of the Android application has become a topic to provide services in various forms. An Android application is performed using several important files in the form of an apk file. On the other hand, they may be subject to unauthorized use, such as the loss of rights and privileges due to the insertion of malicious source code of these apk files. This paper examines the Android environment to study ways to define the threats related to the unauthorized use of the application source code, and based on the results of the analysis, to prevent unauthorized use of the application source code. In this paper, a system is provided using a third body to prevent and detect applications that have been counterfeited or forged illegally and installed on Android devices. The application provides services to existing systems that are configured with only the service server that provides users and applications general, This paper proposes the use of a trusted third party for user registration and to verify the integrity of the application, add an institution, and provide a safe application.

• Magazine of the Korean Society of Agricultural Engineers
• /
• v.40 no.2
• /
• pp.18-28
• /
• 1998

현재의 가축분뇨처리 형태와 축종별 적용대상은 표 3과 같이 분류되며, 축분 퇴비화 뇨오수 정화방식의 고액분리 형태에서 분뇨혼합물의 동시처리 즉, 깔감축사(소, 돼지), 슬러리 발효 퇴비화를 통한 무방류 시스템으로 변화되는 추세이다. 이러한 현상은 최근의 방류수질 규제강화에 따른 무방류화 저비용 단순화를 지향하고 있으며, 무방류화의 가장 큰 걸림돌은 톱밥과 같은 수분조절재 부족이라 할 수 있다. 현재 이용되고 있는 주요 시스템별 개선안은 다음과 같다. $\square$ 주요 처리 시스템 적용의 문제제기 $\circ$ 축분발효시설 - 톱밥 등 부자재 무이용을 위한 축분의 예비 건조시설 이용 - 교반식 발효기의 악취확산방지를 위하여 밀폐형 하우스 및 강제환기 장치 설치에 의한 악취 포집 및 탈취 - 중소규모 발효시설 개발 $\circ$ 화력건조 - 예비건조를 통한 톱밥, 연료비용 절감 - 악취방치 장치부착 의무화 $\circ$ 활성오니 정화시설 - 시설 운전관리 단순화 - 1차 고액분리를 통한 유입수 오염부하량 감소 및 균일화 $\circ$ 깔감축사 - 경제적으로 흡수를 극대화할 수 있는 수분조절재의 조합비 결정 및 혼합물을 깔감으로 재이용 기술개발 $\circ$ 슬러리 발효퇴비화 시설 - 톱밥 등 수분조절재 사용량 절감기술 - 증발량 극대화 기술개발 및 소요에너지 최소화기술개발 우리나라는 사계절이 뚜렷하여 외기상에 따라 편차가 심하며, 고밀도 사육 및 지역적 편중성, 경지면적 협소, 고비용 시장구조 등의 축산환경을 고려한다면 근원적으로 가축분뇨문제 해결한다는 것은 결코 쉬운 일이 아니다. 이는 저공해 사료개발에서부터 분뇨가 발생단계에서 분리, 수거할 수 있는 수거시설, 고효율 분뇨처리시스템의 정립, 액비 및 퇴비의 가공, 토양환원되었을 때 작물생장장애, 액비, 퇴비의 유통, 가축분뇨처리 정책 및 규제법 등의 각 분야에서 복합적 노력이 필요하다.

• Journal of KIISE
• /
• v.41 no.9
• /
• pp.707-714
• /
• 2014

In general, the benign apps transmit privacy information to the external to provide service to users as the malicious app does. In other words, the behavior of benign apps is similar to the one of malicious apps. Thus, the benign app can be easily manipulated for malicious purposes. Therefore, the malicious apps as well as the benign apps should notify the users of the possibility of privacy information leakage before installation to prevent the potential malicious behavior. In this paper, We propose the method to detect leakage of privacy information on the android app by analyzing API inter-dependency and shortest distance. Also, we present LeakDroid which detects leakage of privacy information on Android with the above method. Unlike dynamic approaches, LeakDroid analyzes Android apps on market site. To verify the privacy information leakage detection of LeakDroid, we experimented the well-known 250 malicious apps and the 1700 benign apps collected from Android Third party market. Our evaluation result shows that LeakDroid reached detection rate of 96.4% in the malicious apps and detected 68 true privacy information leakages inside the 1700 benign apps.

• Journal of KIISE:Information Networking
• /
• v.35 no.1
• /
• pp.76-90
• /
• 2008

Wireless sensor networks are expected to play a vital role in the upcoming age of ubiquitous computing such as home environmental, industrial, and military applications. Compared with the vivid utilization of the sensor networks, however, security and privacy issues of the sensor networks are still in their infancy because unique challenges of the sensor networks make it difficult to adopt conventional security policies. Especially, node compromise is a critical threat because a compromised node can drain out the finite amount of energy resources in battery-powered sensor networks by launching various insider attacks such as a false data injection. Even cryptographic authentication mechanisms and key management schemes cannot suggest solutions for the real root of the insider attack from a compromised node. In this paper, we propose a novel trust-based secure aggregation scheme which identifies trustworthiness of sensor nodes and filters out false data of compromised nodes to make resilient sensor networks. The proposed scheme suggests a defensible approach against the insider attack beyond conventional cryptographic solutions. The analysis and simulation results show that our aggregation scheme using trust evaluation is more resilient alternative to median.