• KSBB Journal
• /
• v.22 no.6
• /
• pp.414-420
• /
• 2007

Nanomaterials have been applied to various fields due to their advantageous characteristics such as high surface area, rapid diffusion, high specific surface areas, reactivity in liquid or gas phase, and a size close to biomacromolecules. Up to date, increased manufacturing and frequently use of the materials, however, revoke people's concerns on their hazard impact including toxicity the materials. Many research groups have carried out different protocols to evaluate toxic effects of nanomaterilas on different organisms, and consequently, nanomaterials are known to cytotoxicity. In this paper, we reviewed some of the most reports on toxic effects of several nanoparticles specifically on bacteria. There are numbers of reports focused on antibacterial effect of nanoparticles based on bacterial cell viability. Therefore, the application of each nanomaterial should be concerned with its toxicity and its toxic effect should be evaluated in terms of concentrations and sizes of the nanomaterials used, prior to use of a nanomaterial.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.6
• /
• pp.129-140
• /
• 2003

Recently viruses and various hacking tools that threat hosts on a network becomes more intelligent and cleverer, and so the various security mechanisms against them have ken developed during last decades. To detect these network attacks, many NIPSs(Network-based Intrusion Prevention Systems) that are more functional than traditional NIDSs are developed by several companies and organizations. But, many previous NIPSS are hewn to have some weakness in protecting important hosts from network attacks because of its incorrectness and post-management aspects. The aspect of incorrectness means that many NIPSs incorrectly discriminate between normal and attack network traffic in real time. The aspect of post-management means that they generally respond to attacks after the intrusions are already performed to a large extent. Therefore, to detect network attacks in realtime and to increase the capability of analyzing packets, faster and more active responding capabilities are required for NIPS frameworks. In this paper, we propose a framework for real-time intrusion prevention. This framework consists of packet filtering component that works on netfilter in Linux kernel and traffic control component that have a capability of step-by-step control over abnormal network traffic with the CBQ mechanism.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.6
• /
• pp.1385-1397
• /
• 2015

The Proxy DLL is a mechanism using a normal characteristics of Windows. Specific malware is executed via this mechanism after intrusion into a system which is targeted. If a intrusion of malware is successful, malware should be executed at least once. For execution, malware is disguised as a Windows Library. The malware of Winnti group is a good case for this. Winnti is a group of Chinese hacking groups identified by research in the fall of 2011 at Kaspersky Lab. Winnti group activities was negatively over the years to target the online video game industry, in this process by making a number of malware infected the online gaming company. In this paper, we perform research on detection techniques of Proxy DLL malware which is disguised as a Windows library through Winnti group case. The experiments that are undertaken to target real malware of Winnti show reliability of detection techniques.

• Journal of Internet Computing and Services
• /
• v.9 no.2
• /
• pp.69-81
• /
• 2008

It has become more difficult to correspond a cyber attack quickly as patterns of attack become various and complex. However, current security mechanism just have passive defense functionalities. In this paper, we propose new network security mechanism to respond various cyber attacks rapidly and to chase and isolate the attackers through cooperation between security zones. The proposed mechanism makes it possible to deal effectively with cyber attacks such as IP spoofing, by using active packet technology including a mobile code on active network. Also, it is designed to hove more active correspondent than that of existing mechanisms. We implemented these mechanisms in Linux routers and experimented on a testbed to verify realization possibility of attacker response framework using mobile code. The experimentation results are analyzed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.1
• /
• pp.131-138
• /
• 2003

With the Internet winning a huge popularity, there rise urgent problems which are related to Network Security Managements such as Protecting Network and Communication from un-authorized user. Accordingly, Using Security equipments have been common lately such as Intrusion Detection Systems, Firewalls and VPNs. Those systems. however, operate in individual system which are independent to me another. Their usage are so limited according to their vendors that they can not provide a corporate Security Solution. In this paper, we present a Hierarchical Security Management Model which can be applicable to a Network Security Policies consistently. We also propose a Policy Negotiation Mechanism and a Prototype which help us to manage Security Policies and Negotiations easier. The results of this research also can be one of the useful guides to developing a Security Policy Server or Security Techniques which can be useful in different environments. This study also shows that it is also possible to improve a Security Characteristics as a whole network and also to support Policy Associations among hosts using our mechanisms.

• Journal of Practical Agriculture & Fisheries Research
• /
• v.14 no.1
• /
• pp.3-22
• /
• 2012

Control independence has been put forward as a significant new source of instruction-level parallelism for superscalar processors. In branch prediction mechanisms, all instructions after a mispredicted branch have to be squashed and then instructions of a correct path have to be re-fetched and re-executed. This paper presents a new branch misprediction recovery mechanism to reduce the number of instructions squashed on a misprediction. Detection of control independent instructions is accomplished with the help of the static method using a profiling and the dynamic method using a control flow of program sequences. We show that the suggested branch misprediction recovery mechanism improves the performance by 2~7% on a 4-issue processor, by 4~15% on an 8-issue processor and by 8~28% on a 16-issue processor.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.4
• /
• pp.651-666
• /
• 2024

Android devices employ lock screens with various authentication methods to protect user data. However, even with the lock screen active, the device can be accessed via the Android Debug Bridge(ADB), a powerful development tool that controls devices connected through USB. In this paper, we explore methods to bypass the lock screen security mechanism by leveraging the characteristics of ADB. To achieve this, we analyze ADB commands to categorize those that can severely impact the Android system and propose LockPickFuzzer, a fuzzing test tool that automatically explores ways to combine these commands to disable lock screen security. To demonstrate LockPickFuzzer's ability to detect security vulnerabilities using ADB, we conducted experiments on the Galaxy S23 and Pixel 8, both running Android 14. The results revealed two ADB command combinations that could either steal authentication information or bypass the lock screen. We submitted a report on these discovered vulnerabilities to the Samsung security team and received official acknowledgment (SVE-2023-1344) from Samsung Electronics for one ADB command combination that can be reproduced on user devices. LockPickFuzzer is a practical tool that operates automatically without user intervention and is expected to contribute to the effective detection of security vulnerabilities caused by ADB command combinations on Android devices.

• Journal of the Korean Society for Nondestructive Testing
• /
• v.36 no.5
• /
• pp.391-398
• /
• 2016

Acoustic emission (AE) is one of the most powerful techniques for detecting damages and identify damage location during operations. However, in case of the source location technique, there is some limitation in conventional AE technology, because it strongly depends on wave speed in the corresponding structures having heterogeneous composite materials. A compressed natural gas(CNG) pressure vessel is usually made of carbon fiber composite outside of vessel for the purpose of strengthening. In this type of composite material, locating impact damage sources exactly using conventional time arrival method is difficult. To overcome this limitation, this study applied the previously developed Contour D/B map technique to four types of CNG storage tanks to identify the source location of damages caused by external shock. The results of the identification of the source location for different types were compared.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.4
• /
• pp.669-677
• /
• 2020

As the number of Internet users exploded, attacks on the web increased. In addition, the attack patterns have been diversified to bypass existing defense techniques. Traditional web firewalls are difficult to detect attacks of unknown patterns.Therefore, the method of detecting abnormal behavior by artificial intelligence has been studied as an alternative. Specifically, attempts have been made to apply natural language processing techniques because the type of script or query being exploited consists of text. However, because there are many unknown words in scripts and queries, natural language processing requires a different approach. In this paper, we propose a new classification model which uses byte pair encoding (BPE) technology to learn the embedding vector, that is often used for web attack payloads, and uses an attention mechanism-based Bi-GRU neural network to extract a set of tokens that learn their order and importance. For major web attacks such as SQL injection, cross-site scripting, and command injection attacks, the accuracy of the proposed classification method is about 0.9990 and its accuracy outperforms the model suggested in the previous study.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.11 no.2
• /
• pp.102-110
• /
• 2012

ZigBee networks developed for low power and short range communication are being used as home network solution for ubiquitous computing. However, as smart phones and tablet PCs have been widely used, WLANs which use same frequency with ZigBee networks have been increasingly used. Therefore, radio frequency interference causes many problems. To solve radio frequency interference problem among ZigBee networks and WLANs, many researches focus on designing interference minimization schemes in ZigBee networks. However, existing schemes have problems that have waste of resource for detecting interference, and have unnecessary time to avoid interference. In this paper, we propose an interference minimization scheme to solve radio frequency interference in ZigBee networks. The proposed scheme detects interference using ACK mechanism to reduce waste of resource, and avoids interference using table driven channel hopping scheme which is faster than existed schemes. The performance of proposed interference minimization scheme is evaluated by using OPNET simulator. Through the simulation result, we prove that proposed scheme has faster channel hopping than existing schemes.