• Electronics and Telecommunications Trends
• /
• v.37 no.5
• /
• pp.62-69
• /
• 2022

In a situation where applications determine business competitiveness, they cannot respond to varying customer requirements without the cloud's flexibility and scalability. Companies have begun seeking ways to enjoy the advantages of the cloud fully, and the concept of "Cloud Native" is emerging as a solution to the problem. Cloud Native is now a target of interest in the market. Microservice and serverless functions can play a vital role in cloud-native architecture. Microservice arranges applications into various independent services, each offering certain functionality through mutual networking. eBPF is attracting attention as a cloud-native networking solution that quickly supports microservice features that repeat creation/deletion. This study identifies the characteristics of eBPF-based networking and evaluates cloud-native networking and secure networking using eBPF.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.4
• /
• pp.637-645
• /
• 2022

Cloud computing has been gaining popularity over decades, and container, a technology that is primarily used in cloud native applications, is also drawing attention. Although container technologies are lighter and more capable than conventional VMs, there are several security threats, such as sharing kernels with host systems or uploading/downloading images from the image registry. one of which can refer to the integrity of container images. In addition, runtime security while the container application is running is very important, and monitoring the behavior of the container application at runtime can help detect abnormal behavior occurring in the container. Therefore, in this paper, first, we implement a signing checker that automatically checks the signature of an image based on the existing Docker Content Trust (DCT) technology to ensure the integrity of the container image. Next, based on falco, an open source project of Cloud Native Computing Foundation(CNCF), we introduce newly created image for the convenience of existing falco image, and propose implementation of docker-compose and package configuration that easily builds a monitoring system.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.16 no.10
• /
• pp.7211-7218
• /
• 2015

Tens of thousands of malicious codes are generated on average in a day. New types of malicious codes are surging each year. Diverse methods are used to detect such codes including those based on signature, API flow, strings, etc. But most of them are limited in detecting new malicious codes due to bypass techniques. Therefore, a lot of researches have been performed for more efficient detection of malicious codes. Of them, visualization technique is one of the most actively researched areas these days. Since the method enables more intuitive recognition of malicious codes, it is useful in detecting and examining a large number of malicious codes efficiently. In this paper, we analyze the relationships between malicious codes and Native API functions. Also, by applying the word cloud with text mining technique, major Native APIs of malicious codes are visualized to assess their maliciousness. The proposed malicious code analysis method would be helpful in intuitively probing behaviors of malware.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.4
• /
• pp.597-613
• /
• 2024

MyData is an approach of personal data management, which grants data subjects the right to decide how to use and where to provide their data. With the explicit consent of the subjects, service providers can collect scattered data from data sources and offer personalized services based on the collected data. In existing service models, personal data saved in data storage can be shared with data processors of service providers or third parties. However, once personal data are transferred to third-party processors, it is difficult for data subjects to trace and control their personal data. Therefore, in this paper, we propose a cloud model where both data storage and processor are located within a single cloud, ensuring that data do not leave the cloud.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.7
• /
• pp.1047-1059
• /
• 2022

With the development of cloud computing technology, container technology that provides services based on a virtual environment is also developing. Container orchestration technology is a key element for cloud services, and it has become an important core technology for building, deploying, and testing large-scale containers with automation. Originally designed by Google and now managed by the Linux Foundation, Kubernetes is one of the container orchestrations and has become the de facto standard. However, despite the increasing use of Kubernetes in container orchestration, the number of incidents due to security vulnerabilities is also increasing. Therefore, in this paper, we study the vulnerabilities of Kubernetes and propose a security policy that can consider security from the initial development or design stage through threat analysis. In particular, we intend to present a specific security guide by classifying security threats by applying STRIDE threat modeling.

• International Journal of Computer Science & Network Security
• /
• v.22 no.11
• /
• pp.331-337
• /
• 2022

Smart learning is augmented with digital, context-aware, and adaptable technologies to encourage students to learn better and faster. To ensure that digital learning is successful and that implementation is efficient, it is critical that the dimensions of digital learning are arranged correctly and that interactions between the various elements are merged in an efficient and optimal manner. This paper builds and discusses a basic framework for smart learning in the digital age, aimed to improve students' abilities and performance in learning. The proposed framework consists of five dimensions: Teacher, Technology, Learner, Digital content, and Evaluation. The Teacher and Learner dimensions operate on two levels: (a) an abstract level to fit in knowledge and skills or interpersonal characteristics and (b) a concrete level in the form of digital devices used by teachers and learners. Moreover, this paper proposes asynchronous online course delivery model. An Arabic smart learning platform has been developed, based on these smart learning core dimensions and the asynchronous online course delivery model, because despite the official status of this language in many countries, there is a lack of Arabic platforms to teach Arabic. Moreover, many non-native Arabic speakers around the world have expressed an interest in learning it. The Arabic digital platform consists of over 70 lessons classified into three competence levels: beginner, intermediate, and advanced, delivered by Arabic experts and Arabic linguists from various Arab countries. The five dimensions are described for the Arabic platform in this paper. Learner dimension is the Arabic and non-Arabic speakers, Teacher dimension is Arabic experts and Arabic linguistics, Technology dimension consists of technology for Arabic platform that includes web design, cloud computing, big data, etc. The digital contents dimension consists of web-based video, records, etc. The evaluation dimension consists of Teachers rating, comments, and surveys.