• Journal of Korea Society of Industrial Information Systems
• /
• v.22 no.6
• /
• pp.17-22
• /
• 2017

In this paper, a password recognition system that can overcome a shoulder-surfing attack is developed. During the time period of password insertion, the developed system can prevent the attack and enhance the safety of the password. In order to raise the detection rate of the password image, the mopology technique is utilized. By adapting 4 times of the expansion and dilation, the niose from the binary image of the password is removed. Finally, the mobile phone application is also developed to recognize the one time password and the detection rate is measured. It is shown that the detection rate of 90% is achieved under the dark light condition.

• Journal of the Korea Society of Computer and Information
• /
• v.20 no.1
• /
• pp.119-125
• /
• 2015

In this paper, we propose a user friendly password input method for mobile devices which is secure against SSA. The proposed method is a numeric password input method such as a conventional PIN method. One of the buttons, numbers and colors, so as to display the two pieces of information to double. The user can select one of the colors or numbers within one button to type in the password. Because an attacker does not know whether the user has entered any color and number, the proposed technique is safe from the SSA. Also to be secure for smudge attacks and password guessing attacks through random changes in the number and color information.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2016.07a
• /
• pp.223-224
• /
• 2016

본 논문에서는 번호키 방식의 보안이 강화된 스마트폰 연동 도어락 시스템을 제안한다. 도어락 시스템은 Google OTP를 이용하여 매번 다르게 생성된 번호를 입력함으로써 훔쳐보기, 스머지 등의 공격으로부터 안전할 수 있다. 또한 사용자 편의를 위하여 NFC 접촉을 통하여 OTP 어플리케이션을 실행하도록 한다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2010.11a
• /
• pp.95-96
• /
• 2010

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.4
• /
• pp.731-742
• /
• 2017

For all the various cryptographic techniques related to security, social technological attacks such as a shoulder surfing are infeasible to block off completely. Especially, the attacks are executed against financial facilities such as automated teller machine(ATM) which are located in public areas. Furthermore, online financial services whose rate of task management is consistently increasing are vulnerable to a shoulder surfing, smudge attacks, and key stroke inference attacks with google glass behind the convenience of ubiquitous business transactions. In this paper, we show that the security of ATM and internet banking can be reinforced against a shoulder surfing by using One-Time Keypad(OTK) and compare the security of OTK with those of ordinary keypad and One-Time Password(OTP).

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.9
• /
• pp.65-73
• /
• 2012

The traditional text-based password is vulnerable guessing, dictionary attacks, keyloggers, social engineering, stole view, etc. these vulnerability effect more serious problem in a mobile environment. In this study, By using the pattern number to enter the password of an existing four-digit numeric password, User easily use to new password system. The technology on pattern based numerical password authorization proposed in this paper would intensify the security of password which holds existing 10 numbers of cases by authorizing a user and would not invade convenience of use by providing high security and making users memorize only four numbers like old method. Making users not have inconvenience and raising complexity, it would have a strength to an shoulder surfing attack of an attacker. So I study password system that represents the shape-based of number. I propose the new password system to prevent peeking attacks and Brute-force attack, and this proposal is to review the security and usability.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.23 no.9
• /
• pp.1152-1159
• /
• 2019

The Nintendo Switch(NSW), which appeared as an 8th generation console, has succeeded worldwide as a hybrid gaming console. The NSW has E-shop itself, users can sign in to their account and purchase games. The keypad built in the NSW is similar to QWERTY keyboard. In the password input field the input information is hidden, but it's possible to get the value entered from the keypad with shoulder surfing attack. Because of the NSW with many party or family games, there is a high probability that someone else is watching the screen nearby, which acts as a vulnerability in account security. Thus we designed the new keypad which improve from this issue. In this paper, we check the problem about the keypad which built in the NSW, we present the proposed keypad and the compared to the built in keypad by showing the test result of unspecified individuals use.

• Review of KIISC
• /
• v.24 no.3
• /
• pp.36-43
• /
• 2014

스마트폰의 보급률이 높아지고 많은 업무가 PC에서 스마트폰으로 옮겨 가면서 개인신상정보, 금융 정보와 같은 중요한 정보들도 함께 옮겨가고 있다. 최근에 이러한 중요한 정보들을 보호하기 위한 스마트폰 보안이 다양하게 연구되고 있다. 스마트폰의 휴대성 덕분에 사용자는 언제, 어디서나 다양한 업무를 수행할 수 있지만, 공격자도 마찬가지로 사용자에게 더욱 접근하기가 쉬워졌으며 스마트폰 사용자는 PC 환경보다 더욱 다양한 취약점에 처하게 되었다. 이러한 다양한 취약점 때문에 스마트폰을 겨냥한 다양한 종류의 공격 방법들이 생겨나고 있다. 본 논문에서는 스마트폰 보안 위협으로써 네트워크, 악성코드, 훔쳐보기 공격 등의 위협이 개인정보 유출이나 금전적 손실과 같은 직접적인 피해로 이루어지기 쉬우므로 해당 위협들에 대해 설명하고, 해당 위협을 완화하거나 회피할 수 있는 사용자 중심적인 최신 기술 동향을 소개한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1085-1095
• /
• 2015

In music theory, the triton is defined as a musical interval composed of three adjacent whole tones(or six semitones), which generates a harmonic and melodic dissonance. The triton paradox is an auditory illusion which is heard as ascending by some people and as descending by others. In this paper we examine an emerging non-static biometric technique that aims to identify users based on analyzing uniqueness and consistency through the user experiences. We also propose some authentication schemes which provides protection against key logging, shoulder surfing, and brute force attacks.

• Convergence Security Journal
• /
• v.12 no.4
• /
• pp.109-114
• /
• 2012

Information society in recent times, lots of important information have been stored in information systems. In this situation, unauthorized person can obtains important information by piggy-backing and shoulder surfing in specific area of organization. Therefore, in this study, we proposed network group access control system by combining RFID and infrared-ray for blocking information leakage due to unauthorized access by internal threats and enhancing personnel security. So it can provides a more secure internal network environment.