• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.3
• /
• pp.576-599
• /
• 2013

Protocol reverse engineering is useful for many security applications, including intelligent fuzzing, intrusion detection and fingerprint generation. Since manual reverse engineering is a time-consuming and tedious process, a number of automatic techniques have been proposed. However, the accuracy of these techniques is limited due to the complexity of binary instructions, and the derived formats have missed constraints that are critical for security applications. In this paper, we propose a new approach for protocol format extraction. Our approach reasons about only the evaluation behavior of a program on the input message from concolic execution, and enables field identification and constraint inference with high accuracy. Moreover, it performs binary analysis with low complexity by reducing modern instruction sets to BIL, a small, well-specified and architecture-independent language. We have implemented our approach into a system called Icefex and evaluated it over real-world implementations of DNS, eDonkey, FTP, HTTP and McAfee ePO protocols. Experimental results show that our approach is more accurate and effective at extracting protocol formats than other approaches.

• International Journal of Computer Science & Network Security
• /
• v.21 no.7
• /
• pp.233-240
• /
• 2021

The majority of the Web's success can be related to its productivity and flexibility. Web Services (WSs) have the means to create new patterns for the delivery of software capabilities. The WS easily provides the use of existing components available via the Internet. WSs are a new trend that shares ubiquitous systems with others, so the popularity of the Web is increased day by day with their associated systems. This paper will explore and adopt the possibility of developing a technique that will automate instructors' scheduling of timetables within a Web services environment. This technique has an advantage that facilitates users to reduce the time cost and effort by reducing errors and costs for institutes. Providing dependable tables to avoid mistakes related to instituting schedules is ensured by an automated repetitive manual procedure. Automated systems are increasingly developed based on organizations and their customers. Still, the setting's difficulty of automation systems increases to rise as the system architecture and applications must accomplish various requirements and specifications of ever-demanding project scenarios. The automation system is composed of an operating system, platforms, devices, machines, control system, and information technology. This architecture provides more productivity and optimized services. The main purpose of this paper is to apply an automation system to enhance both quality and productivity. This paper also covers an agile method of proving an automation system by Finite State Machine (FSM) and Attributed Graph Grammar (AGG) tool.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.4
• /
• pp.1904-1921
• /
• 2019

In this paper, we investigate the problem of secure communications in multiple-input-multiple-output interference networks from the perspective of physical layer security. Specifically, the legitimate transmitter-receiver pairs are divided into different categories of active and inactive. To enhance the security performances of active pairs, inactive pairs serve as cooperative jammers and broadcast artificial noises to interfere with the eavesdropper. Besides, active pairs improve their own security by using joint transceivers. The encoding of active pairs and inactive pairs are designed by maximizing the difference of mean-squared errors between active pairs and the eavesdropper. In detail, the transmit precoder matrices of active pairs and inactive pairs are solved according to game theory and linear programming respectively. Experimental results show that the proposed algorithm has fast convergence speed, and the security performances in different scenarios are effectively improved.

• Proceedings of the Korean Institute of IIIuminating and Electrical Installation Engineers Conference
• /
• 1992.11a
• /
• pp.64-68
• /
• 1992

The demand for home automation system has increased in high-rise apartment houses. Home automation system is realized a more comfortable, more secure, more economical, more convenient, and more satisfying home life. The proposed system functions are meter reading, home security, energy saving, and house control. The technical requirements and configuration of home automation system are provided.

• ETRI Journal
• /
• v.41 no.5
• /
• pp.585-598
• /
• 2019

A cyber-physical system (CPS) is a new mechanism controlled or monitored by computer algorithms that intertwine physical and software components. Advanced persistent threats (APTs) represent stealthy, powerful, and well-funded attacks against CPSs; they integrate physical processes and have recently become an active research area. Existing offensive and defensive processes for APTs in CPSs are usually modeled by incomplete information game theory. However, honeypots, which are effective security vulnerability defense mechanisms, have not been widely adopted or modeled for defense against APT attacks in CPSs. In this study, a honeypot game-theoretical model considering both low- and high-interaction modes is used to investigate the offensive and defensive interactions, so that defensive strategies against APTs can be optimized. In this model, human analysis and honeypot allocation costs are introduced as limited resources. We prove the existence of Bayesian Nash equilibrium strategies and obtain the optimal defensive strategy under limited resources. Finally, numerical simulations demonstrate that the proposed method is effective in obtaining the optimal defensive effect.

• International Journal of Computer Science & Network Security
• /
• v.22 no.8
• /
• pp.249-259
• /
• 2022

Project management and deployment has gone through a long journey from traditional and agile to continuous integration, continuous deployment and continuous monitoring. Software industry benefited with the latest buzzword in the development process, DevOps that not only escalates software productivity but at the same time enhances software quality. But the implementation and assessment of DevOps practices is expository as there are no guidelines to assess and improvise DevOps application in software industries. Hence, there was a need to develop a hybrid model to assist software practitioners in DevOps implementation. The intention behind this paper is to implement the already proposed DevOps hybrid model using suggested tool chains including Jenkins, Selenium, GitLab, Ansible and Nagios automation tools through Jenkins project management environment and plugins. To achieve this implementation objective, a java application is developed with a web-based graphical interface. Further, in this paper, different challenges and benefits of Jenkins implementation shall also be outlined. The paper also presents the effectiveness of DevOps based Model implementation in software organizations. The impact of considering other automation tools and models can also be considered as a part of further research.

• Convergence Security Journal
• /
• v.22 no.1
• /
• pp.3-9
• /
• 2022

The role of the integrated development environment is very important in software development of a development project. After many developers develop different modules, software product is completed through compile, debugging, integration, testing, and distribution. However, bugs and various issues in the development process cause problems such as quality deterioration of software product and dissatisfaction with requirements. So the need for automated testing to avoid these problems and improve quality has increased. In this study, we propose test automation modules of four perspectives to improve quality throughout the test automation in an integrated development environment. Each automation module operates through the tool chain of an integrated build framework implemented on the devops.

• Convergence Security Journal
• /
• v.9 no.2
• /
• pp.33-39
• /
• 2009

The problems of current network security system, separated by a single element is checked. To improve this, this thesis is to find vulnerabilities in the network security systems, and network security systems, security equipment, organic to make sure each works is a comprehensive review. Automation also offers a way to check it, it was implemented.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.4
• /
• pp.1553-1571
• /
• 2018

Currently, many of schemes for smart grid data aggregation are based on a one-level gateway (GW) topology. Since the data aggregation granularity in this topology is too single, the control center (CC) is unable to obtain more fine-grained data aggregation results for better monitoring smart grid. To improve this issue, Shen et al. propose an efficient privacy-preserving cube-data aggregation scheme in which the system model consists of two-level GW. However, a risk exists in their scheme that attacker could forge the signature by using leaked signing keys. In this paper, we propose a secure and fine-grained electricity consumption aggregation scheme for smart grid, which employs the homomorphic encryption to implement privacy-preserving aggregation of users' electricity consumption in the two-level GW smart grid. In our scheme, CC can achieve a flexible electricity regulation by obtaining data aggregation results of various granularities. In addition, our scheme uses the forward-secure signature with backward-secure detection (FSBD) technique to ensure the forward-backward secrecy of the signing keys. Security analysis and experimental results demonstrate that the proposed scheme can achieve forward-backward security of user's electricity consumption signature. Compared with related schemes, our scheme is more secure and efficient.

• Proceedings of the Korean Institute of Interior Design Conference
• /
• 2004.05a
• /
• pp.167-170
• /
• 2004

This study proposes the method seeking out the user needs for the home automation systems which are one of the compositions of digital home. The findings are as follows. (1) The designing of digital home should be based on the residents' daily life and the their needs for the future house prior to the digital technology, (2) The IT Apartments recently developed in Busan set up the safety and security system and the automatic ventilation system mostly. (3) The residents are more concerned of the safety and security and the comfortable interior environment than convenience and entertainments. (4) The residents have diverse needs for the home automation systems according to their age, residential experience and occupation.