• Journal of Internet Computing and Services
• /
• v.15 no.3
• /
• pp.31-43
• /
• 2014

Large number of Android mobile application has been developed and deployed through the Android open market by increasing android-based smart work device users recently. But, it has been discovered security vulnerabilities on malicious applications that are developed and deployed through the open market or 3rd party market. There are issues to leak user's personal and financial information in mobile devices to external server without the user's knowledge in most of malicious application inserted Trojan Horse forms of malicious code. Therefore, in order to minimize the damage caused by malignant constantly increasing malicious application, it is required a proactive detection mechanism development. In this paper, we analyzed the existing techniques' Pros and Cons to detect a malicious application and proposed discrimination and detection result using malicious application discrimination mechanism based on Jaccard similarity after collecting events occur in real-time execution on android-mobile devices.

• Journal of KIISE:Information Networking
• /
• v.29 no.6
• /
• pp.654-662
• /
• 2002

As the Internet technology becomes a major information infrastructure, an emerging problem is the tremendous increase of malicious computer intrusions. The present Intrusion Detection System (IDS) serves a useful purpose for detecting such intrusions, but the current situation requires more active response mechanism other than simple detection. This paper describes a multi-agent based tracing system against the intruders when the system is attacked. The focus of the study lies on the secure communication mechanism for the agent message communication. We have extended parameters on the KQML protocol, and apt)lied the public key encryption approach, The limitation might be the requirements of two-way authentication for every communication through the broker agent. This model ma)r not improve the efficiency, but it provides a concrete secure communication. Also this is one important factor to protect the agent and the tracing server during the tracing process.

• The Journal of Korean Institute of Electromagnetic Engineering and Science
• /
• v.20 no.11
• /
• pp.1186-1193
• /
• 2009

In this paper, we propose DDS(Direct Digital Synthesizer) as a new implementation method of chirp LO(Local Oscillator) for compressive receiver applied for RFID signal detection in UHF band. We designed a receiver whose input frequency range is 908.5~914 MHz, DDL(Dispersive Delay Line) bandwidth is 6 MHz, and dispersion delay time is $13\;{\mu}s$. Chirp LO based on DDS is designed to meet $26\;{\mu}s$ sweep time and 12 MHz bandwidth for complete compressive mechanism. The measured 3 dB pulse width of the compressed signal of the fabricated receiver is 260 ns and the frequency resolution for simultaneous input signals is below 200 kHz. These performances indicate that the proposed chirp LO based on DDS and the compressive receiver is suitable for RFID signal detection in UHF band.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.21 no.3
• /
• pp.81-89
• /
• 2021

Under natural conditions, Apple detection has the problems of occlusion and small object detection difficulties. This paper proposes an improved model based on SSD. The SSD backbone network VGG16 is replaced with the ResNet50 network model, and the receptive field structure RFB structure is introduced. The RFB model amplifies the feature information of small objects and improves the detection accuracy of small objects. Combined with the attention mechanism (SE) to filter out the information that needs to be retained, the semantic information of the detection objectis enhanced. An improved SSD algorithm is trained on the VOC2007 data set. Compared with SSD, the improved algorithm has increased the accuracy of occlusion and small object detection by 3.4% and 3.9%. The algorithm has improved the false detection rate and missed detection rate. The improved algorithm proposed in this paper has higher efficiency.

• Convergence Security Journal
• /
• v.6 no.3
• /
• pp.1-12
• /
• 2006

Malicious codes have been widely documented and detected in information security breach occurrences of Microsoft Windows platform. Legacy information security systems are particularly vulnerable to breaches, due to Window kernel-based malicious codes, that penetrate existing protection and remain undetected. To date there has not been enough quality study into and information sharing about Windows kernel and inner code mechanisms, and this is the core reason for the success of these codes into entering systems and remaining undetected. This paper focus on classification and formalization of type target and mechanism of various Windows kernel-based attacks, and will present suggestions for effective response methodologies in the categories of, "Kernel memory protection", "Process & driver protection" and "File system & registry protection". An effective Windows kernel protection system will be presented through the collection and analysis of Windows kernel and inside mechanisms, and through suggestions for the implementation methodologies of unreleased and new Windows kernel protection skill. Results presented in this paper will explain that the suggested system be highly effective and has more accurate for intrusion detection ratios, then the current legacy security systems (i.e., virus vaccines and Windows IPS, etc) intrusion detection ratios. So, It is expected that the suggested system provides a good solution to prevent IT infrastructure from complicated and intelligent Windows kernel attacks.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.12 no.12
• /
• pp.2293-2300
• /
• 2008

In ad-hoc sensor network, AODV routing information is disclosed to other nodes because AODV protocol doesn't have any security mechanisms. The problem of AODV is that an attacker can falsify the routing information in RREQ packet. If an attacker broadcasts the falsified packet, other nodes will update routing table based on the falsified one so that the path passing through the attacker itself can be considered as a shortest path. In this paper, we design the routing-information-spoofing attack such as falsifying source sequence number and hop count fields in RREQ packet. And we suggest an efficient scheme for detecting the attackers and isolating those nodes from the network without extra security modules. The proposed scheme doesn't employ cryptographic algorithm and authentication to reduce network overhead. We used NS-2 simulation to evaluate the network performance. And we analyzed the simulation results on three cases such as an existing normal AODV, AODV under the attack and proposed AODV. Simulation results using NS2 show that the AODV using proposed scheme can protect the routing-information-spoofing attack and the total n umber of received packets for destination node is almost same as the existing norm at AODV.

• Proceedings of the Korean Information Science Society Conference
• /
• 2012.06a
• /
• pp.274-275
• /
• 2012

생체모방로봇은 인간을 비롯하여 새, 곤충, 물고기 등 동물들의 기본구조, 행동원리 및 메커니즘을 모방한 로봇이다. 정찰, 수색, 테러진압 등 군사작전에서부터 인명구조까지 생체모방로봇은 인간의 눈과 발을 대신하여 인간이 접근할 수 없는 오염 지역을 면밀히 탐지하는 데에도 유용하리라 예상된다. 이와 같은 생체모방로봇이나 MAV 등을 실시간으로 원격에서 모니터링하고 제어할 수 있는 DAQ 시스템의 중요성이 커지고 있다. 본 논문에서는 생체모방로봇인 가오리를 원격 관제 센터에서 RF무선통신을 이용하여 안정적인 제어 및 모니터링이 가능한 DAQ(Data AcQuisition) 시스템을 제안한다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.477-480
• /
• 2006

IPv6는 IPv4의 주소 부족을 해결하기 위해 1998년 IETF에서 표준화된 프로토콜이다. 현재 IPv4가 수축으로 되어 있는 인터넷을 동시에 IPv6로 전환하는 것은 불가능하므로 IPv4/IPv6 혼재네트워크를 거쳐 IPv6 순수 망으로 전환될 것이다. 본 논문에서는 혼재네트워크에서 IPv4 망과 IPv6 망간의 통신을 가능하게 해주는 IPv6 전환 메커니즘 중 터널링 방식에 대해 기술하고, 보안 취약성을 테스트하기 위해 동일한 보안 취약성에 대해 각각 IPv4 패킷, IPv6 패킷, 터널링된 패킷을 캡쳐할 수 있는 구축방안을 제안한다. 제안된 방식은 IPv4, IPv6, 터널링 패킷에 대한 분석이 가능하므로 IPv6 지원을 계획하는 침입탐지, 침입차단 시스템에 활용이 가능하다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2004.10c
• /
• pp.622-624
• /
• 2004

내부 시스템을 통합하는 비즈니스 관점에서 발전하던 웹 서비스가 모든 가정 내 통신과 가전제품을 연결하는 홈 네트워크와 같은 외부 시스템으로의 적용이 확대되면서 정차 보편화 되어가고 있다. 이런 외부 시스템으로의 적용을 위해서는 웹 서비스와 홈 네트워크 장치 간의 정보를 변환하고 제어하는 미들웨어 개발이 필요하다. 본 논문에서는 홈 네트워크의 자동 탐지 및 제어를 위한 UPnP 표준 기술과 서로 다른 플랫폼이나 언어로 작성된 어플리케이션 통합에 대한 표준 메커니즘을 제공하는 웹 서비스 기술을 이용하여 홈 네트워크나 유비쿼터스 환경에서의 분산 어플리케이션 개발 및 연계를 용이하게 하는 미들웨어를 설계 하고 구현하였다. 이 미들웨어를 임베디드 타입으로 개발함으로써 셋탑박스 또는 가정 내 모든 디바이스들에 내장 형태로 구성이 가능해짐으로 확장성을 제공한다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2007.06d
• /
• pp.25-28
• /
• 2007

최근 인터넷에서는 붓넷을 기반으로 한 스팸 발송, 분산 서비스 거부 공격 등이 급증하고 있으며 이는 인터넷 기반 서비스에 큰 위협이 되고 있다. 간접 통신 메커니즘을 사용하는 봇넷 공격에 대한 근본적인 대응을 지원하는 역추적 기술의 개발이 필요하다. 본 논문에서는 메모리 감시 기반의 봇넷 역추적 기술을 제안한다. 이 기술은 메모리 감시 기술을 이용하여 봇 서버의 행위를 감시하며, 네트워크 감시를 통하여 봇 서버로 감염된 허니팟이 오용될 위험성을 낮춘다. 또한 봇 서버 정보에 대한 자동분석기능을 제공하여 공격탐지와 동시에 봇넷의 C&C 서버를 빠르게 추적한다.