• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.2
• /
• pp.634-645
• /
• 2014

VoIP (Voice over Internet Protocol) is a technology of transmitting and receiving voice and data over the Internet network. As the telecommunication industry is moving toward All-IP environment with growth of broadband Internet, the technology is becoming more important. Although the early VoIP services failed to gain popularity because of problems such as low QoS (Quality of Service) and inability to receive calls as the phone number could not be assigned, they are currently established as the alternative service to the conventional wired telephone due to low costs and active marketing by carriers. However, VoIP is vulnerable to eavesdropping and DDoS (Distributed Denial of Service) attack due to its nature of using the Internet. To counter the VoIP security threats efficiently, it is necessary to develop the criterion or the model for estimating the information security level of VoIP service providers. In this study, we developed reasonable security indicators through questionnaire study and statistical approach. To achieve this, we made use of 50 items from VoIP security checklists and verified the suitability and validity of the assessed items through Multiple Regression Analysis (MRA) using SPSS 18.0. As a result, we drew 23 indicators and calculate the weight of each indicators using Analytic Hierarchy Process (AHP). The proposed indicators in this study will provide feasible and reliable data to the individual and enterprise VoIP users as well as the reference data for VoIP service providers to establish the information security policy.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.37 no.2
• /
• pp.21-30
• /
• 2000

If there exists a model that calculates the proper candidate position whenever the game of Go is in progress, it can be used for setting up the prototype of the candidate generation algorithm without using case-based reasoning. In this paper, we analyze Go through combinatorial game theory and on the basis of probability matrix (PM) showing the difference of the territory of the black and the white. We design and implement a candidate generation system(CGS) to find the candidates at a situation in Go. CGS designed in this paper can compute Influence power, safety, probability value(PV), and PM and then generate candidate positions for a present scene, once a stone is played at a scene. The basic strategy generates five candidates for the Present scene, and then chooses one with the highest PV. CGS generates the candidate which emphasizes more defence tactics than attack ones. In the opening game of computer Go, we can know that CGS which has no pattern is somewhat superior to NEMESIS which has the Joseki pattern.

• Journal of Digital Convergence
• /
• v.10 no.10
• /
• pp.325-332
• /
• 2012

Due to its communication vulnerability resulting in a range of problems, e.g. eavesdropping, information exposure, traffic analysis and spoofing, RFID system becomes the target of attackers. Accordingly, many investigators have proposed various protocols to the extent of theorem proving or verification as the implementation is challenging. This paper thus proposes a safe RFID security protocol using public keys, session keys, hashes, XORs, and random numbers. Timestamps and hashes are applied to the most vulnerable section between readers and tags to detect attacks in attack signals with time difference. Also, to prevent tag information from being exposed in the last session, hash operation is adopted before communication. Finally, in this paper, we designed a RFID security protocol using public and session keys applicable to real systems and verified the security of the proposed protocol with a differentiated formal verification technique.

• The Journal of Society for e-Business Studies
• /
• v.8 no.3
• /
• pp.69-86
• /
• 2003

A Protection Profile(PP) is a common security and assurance requirements for a specific class of Information Technology security products such as firewall and smart card. A PP should be included "TOE(Target of Evaluation) Security Environment", which is consisted of subsections: assumptions, treat, organizational security policies. This paper presents a new threats statement generation method for developing TOE security environment section of PP. Our survey guides the statement of threats in CC(Common Criteria) scheme through collected and analysed hundred of threat statements from certified and published real PPs and CC Tool Box/PKB that is included a class of pre-defined threat and attack statements. From the result of the survey, we present a new asset classification method and propose a threats statement generation model. The former is a new asset classification method, and the later is a production rule for a well formed statement of threats.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.4
• /
• pp.873-883
• /
• 2017

As Ransomware spreads, the target of the attack shifted from a single personal to organizations which lead attackers to be more intelligent and systematic. Thus, Ransomware's threats to domestic infrastructure, including the financial industry, have grown to a level that cannot be ignored. As a measure against these security issues, organizations use ISMS, which is an information protection management system. However, it is difficult for management to make decisions on the loss done by the security issues since amount of the damage done can not be calculated with just ISMS. In this paper, through FAIR-based loss measurement model based on scenario's to identify the extent of damage and calculate the reasonable damages which has been considered to be the problem of the ISMS, we identified losses and risks of Ransomeware on the financial industry and method to reduce the loss by applying the current ISMS and ISO 27001 control items rather than modifying the ISMS.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.5 no.7
• /
• pp.1329-1345
• /
• 2011

After the 9.11 terror attack, lawful Interception (LI) has emerged as an important tool for anti-terrorist activity. Law enforcement agents and administrative government bodies effectively monitor suspicious target users of permanent IP-based network devices by LI in Packet Data Networks (PDNs). However, it is difficult to perform LI in monitoring migrating users from a location to another, who change their IPs due to the proliferation of portable Internet devices enabling 3G IP Multimedia Subsystems (IMS). The existing, manual handover technique in 3G IMS makes it even more difficult to continue the LI activities due to time-lag reissuance of LI authority warrants when the target users move to a new LI jurisdiction via a roaming service. Our proposed model is a seamless LI handover mechanism in 3G IMS to support mobility detection of the target users. The LI warrants are transferred to the new LI agent automatically with the target users when they move to a new LI jurisdiction. Thus, time-lag human intervention of reissuance of the LI warrants is removed and enables the LI authorities to continue monitoring. In the simulation of our proposed mechanism, the quality of lawful interception achieves a mean score of over 97.5% out of the possible 100% maximum score, whereas the quality of the existing mechanism has a mean score of 22.725%.

• Journal of the Korean Society for Aeronautical & Space Sciences
• /
• v.30 no.3
• /
• pp.17-26
• /
• 2002

The pressure distributions on a semi-span wing 1/12 scale mode and sic component aerodynamic forces and moments on a complete 1/16 scale advanced trainer model were measured. To reduce wing-tip vortex strength, 3 wing-tip jet slot shaped(forward $35{^{\circ}C}$ direction, straigt direction, backward $35{^{\circ}C}$ direction) and 3 blowing coefficents (0.004, 0.009, 0.017) were considered. From experiment results, the case of straight direction and blowing coefficent of 0.017 was the best effective in the reduction of drag and in increase of lift-drag ratio and A rate of drag decrease and a rate of lift-drag ratio increase were of most effective on angle of attack 8 degree.

• Journal of the Korean Society for Aeronautical & Space Sciences
• /
• v.45 no.4
• /
• pp.342-348
• /
• 2017

In this paper, film cooling characteristics at supersonic free stream conditions were examined experimentally by applying an IR-thermography. Film cooling experiments were carried out in a free-jet facility at Mach number of 3.0 and with unit Reynolds number of $42.53{\times}10^6$ and $69.35{\times}10^6$ using wedge shaped film cooling model which has a converging film cooling nozzle. Film cooling efficiency was calculated by measuring the surface temperature of PEEK(Polyether Ether Ketone) and the effects of angle of attack and blowing ratios on the film cooling efficiency were examined. The measured wall temperature was significantly reduced by the film cooling flow compared with the results without the film cooling flow. The usefulness of film cooling was also confirmed by the surface heat flux calculated using the surface temperature history of PEEK. As the blowing ratio increases the protected area of PEEK was also expanded along the direction of free stream and film cooling flow.

• Journal of the Korean Society for Aviation and Aeronautics
• /
• v.22 no.1
• /
• pp.114-123
• /
• 2014

Due to the recent aircraft accidents both in Ethiopian airline and Malaysian airline, almost all the media are focusing the importance of the airline safety. Especially, media's eyes and ears are interested in the reasons why Malaysia airline's missing presumed as by either terrorist attack or pilot's mistake. Safety Behaviors of pilot are viewed as the most important human factor issues among researchers. This is because, if it were the case of a commercial airline, pilot's safety behavior would be directly related to the lives of couple of hundreds passengers. This paper considers the antecedents of this safety behaviors as pilot's leadership, pilot's leadership and self-efficacy. This paper has tried to find out which human factors of a pilot would have significant impact on their safety behaviors. According to the empirical research result from SEM (Structural Equation Model), it was found out both the leadership and self-efficacy of a pilot had direct impact on their safety behaviors through safety motivation. Thus it could be concluded that flight crew must follow the instruction of a pilot who had the authority of the flight operation. The managerial implication are discussed in the conclusion part of this paper. As an implication, this paper concluded that it would be necessary to do further research on pilot's leadership and self-efficacy.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.2
• /
• pp.541-550
• /
• 2016

Considering the results of the 3.20 Cyber Attack, leaks of personal information by card companies, and so on, convenience and efficiency cannot be guaranteed without security as a prerequisite. In addition, it is more likely that customers' interests seem to be interfered with in financial institutions than in any other industry. Therefore, when a security accident occurs, users may suffer mental damage and monetary loss, leading to class action, customer defection, loss of reputation, and falloff in international credibility, which all may have a significant effect on the business continuity of corporations. This study integrates the representative information security certification systems in order to improve the efficiency of information security management and demonstrate the necessity of information security management system certification for the financial sector. If the certification is needed, we would like to recommend the desirable development direction.