• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.11
• /
• pp.746-754
• /
• 2016

Smart healthcare systems, a convergent industry based on information and communications technologies (ICT), has emerged from personal health management to remote medical treatment as a distinguished industry. The smart healthcare environment provides technology to deliver vital information, such as pulse rate, body temperature, health status, and so on, from wearable devices to the hospital network where the physician is located. However, since it deals with the patient's personal medical information, there is a security issue for personal information management, and the system may be vulnerable to cyber-attacks in wireless networks. Therefore, this study focuses on a key-development and device-management system to generate keys in the smart environment to safely manage devices. The protocol is designed to provide safe communications with the generated key and to manage the devices, as well as the generated key. The security level is analyzed against attack methods that may occur in a healthcare environment, and it was compared with existing key methods and coding capabilities. In the performance evaluation, we analyze the security against attacks occurring in a smart healthcare environment, and the security and efficiency of the existing key encryption method, and we confirmed an improvement of about 15%, compared to the existing cipher systems.

• Journal of KIISE:Computing Practices and Letters
• /
• v.15 no.5
• /
• pp.345-349
• /
• 2009

Social bookmarking systems are a typical web 2.0 service based on folksonomy, providing the platform for storing and sharing bookmarking information. Spammers in social bookmarking systems denote the users who abuse the system for their own interests in an improper way. They can make the entire resources in social bookmarking systems useless by posting lots of wrong information. Hence, it is important to detect spammers as early as possible and protect social bookmarking systems from their attack. In this paper, we applied a diverse set of machine learning approaches, i.e., decision tables, decision trees (ID3), $na{\ddot{i}}ve$ Bayes classifiers, TAN (tree-augment $na{\ddot{i}}ve$ Bayes) classifiers, and artificial neural networks to this task. In our experiments, $na{\ddot{i}}ve$ Bayes classifiers performed significantly better than other methods with respect to the AUC (area under the ROC curve) score as veil as the model building time. Plausible explanations for this result are as follows. First, $na{\ddot{i}}ve$> Bayes classifiers art known to usually perform better than decision trees in terms of the AUC score. Second, the spammer detection problem in our experiments is likely to be linearly separable.

• Journal of the Korea Society of Computer and Information
• /
• v.19 no.12
• /
• pp.143-152
• /
• 2014

This paper introduces Database security to prevent the rapidly increasing issue of private information leakage. The Database security examined in the paper separates into DB access control area and DB encryption area which further leads the paper to analyze the factors of the two areas and suggest necessary elements for creating stable Database security. In addition, the paper examines previous DB security programs by areas and analyzes pros and cons from the tested result. The experiment indicated that while DB access control presents less degradation and reduced the need to modify the existing DBMS since the access control operates at the end point of the network, DB encryption presented strength in protecting the data from unauthorized access. On the other hand, DB access control is less useful in preventing the attack in advance which leaves the log to enable tracking afterward while DB encryption can only be operated by limited types of Database and causes degradation due to system load and shows higher percentage of failure when creating the system. This paper examines characteristics of Database security areas in order to be used as a reference for institutions or companies seeking stable Database security.

• Journal of KIISE:Software and Applications
• /
• v.34 no.1
• /
• pp.79-94
• /
• 2007

In the ubiquitous computing age which uses a high quantity network, mobile devices such as wearable and hand-held ones with a small tamers and a wireless communication module will be widely used in near future. Thus, a lot of researches about an augmented game on mobile devices have been attempted recently. The existing augmented games used a traditional 'backpack' system and a pattern marker. The 'backpack' system is expensive, cumbersome and inconvenient to use, and because of the pattern marker, it is only possible to play the game in the previously installed palace. In this paper, we propose an augmented game called Flying Cake using a face region to create the virtual object(character) without the pattern marker, which manually indicates an overlapped location of the virtual object in the real world, on a small and mobile PDA instead of the cumbersome hardware. Flying Cake is an augmented shooting game. This game supplies us with two types: 1) a single player which attacks a virtual character on images captured by a camera in an outdoor physical area, 2) dual players which attack the virtual character on images which we received through a wireless LAN. We overlap the virtual character on the face region using a face detection technique, and users play Flying Cake though attacking the virtual character. Flying Cake supplies new pleasure to flayers with a new game paradigm through an interaction between the user in the physical world captured by the PDA camera and the virtual character in a virtual world using the face detection.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.10B
• /
• pp.1050-1061
• /
• 2009

The Tactical Internet(TI) managed by Infantry Brigades is used for the purpose of sharing information of Command Control and Situation Awareness. When there are more than two destinations to transmit data in the TI system, a multicasting is utilized based on pre-defined multicast groups. However even in the case when a source node needs to send some messages like weathercast and attack alarm etc to only a part of Battalion or Brigades in a specific geographical region (destination region), the current TI multicasting protocol is designed to transmit the messages to the pre-defined group or all of the Battalion/Brigade nodes, resulting in inefficiency in terms of end-to-end delay and overhead. In this paper, we propose more efficient protocol for such cases, named as "Tactical Internet Geocasting (TIG)". The proposed scheme firstly checks whether the destination region belongs to one Battalion region or more than two Battalion regions using location information, and then performs a greedy forwarding from the source node to the destination region, followed by a local flooding inside of the destination region. With performance analysis and simulations using NS-2, TIG is compared to the current TI multicasting protocol (i.e., Simplified MDP) and the LBM (Location-based Multicast). The simulation results show that the proposed TIG is more efficient than both in terms of delay and network overhead.

• Journal of Convergence for Information Technology
• /
• v.10 no.11
• /
• pp.55-63
• /
• 2020

The IoT technology is a field that applies and converges the technologies in the existing industrial environment, instead of new technologies. The IoT technology is releasing various application services converged with other industries such as smart home, healthcare, construction, and automobile, and it is also possible to secure the work efficiency and convenience of users of IoT-based technologies. However, the security threats occurring in the IoT-based technology environment are succeeding to the vulnerability of the existing wireless network environment. And the occurrence of new and variant attacks in the combination with the ICT convergence environment, is causing damages. Thus, in the IoT technology-based environment, it would be necessary to have researches on the safe transmission of messages in the communication environment between user and device, and device and device. This thesis aims to design a safe communication protocol in the IoT-based technology environment. Regarding the suggested communication protocol, this thesis performed the safety analysis on the attack techniques occurring in the IoT technology-based environment. And through the performance evaluation of the existing PKI-based certificate issuance system and the suggested communication protocol, this thesis verified the high efficiency(about 23%) of communication procedure. Also, this thesis verified the reduced figure(about 65%) of the issued quantity of certificate compared to the existing issuance system and the certificate management technique.

• Strategy21
• /
• s.44
• /
• pp.5-27
• /
• 2018

The purpose of this paper is to look at USN's efforts to rebuild its combat power in the face of a reemergence of great powers competition, and to propose some recommendations for the ROKN. In addition to the plan to augment its fleet towards a 355-ships capacity, the USN is pursuing to improve exponentially combat lethality(quality) of its existing fleet by means of innovative science and technology. In other words, the USN is putting its utmost efforts to improve readiness of current forces, to modernize maintenance facilities such as naval shipyards, and simultaneously to invest in innovative weapons system R&D for the future. After all, the USN seems to pursue innovations in advanced military Science & Technology as the best way to ensure continued supremacy in the coming strategic competition between great powers. However, it is to be seen whether the USN can smoothly continue these efforts to rebuild combat strength vis-a-vis its new competition peers, namely China and Russian navy, due to the stringent fiscal constraints, originating, among others, from the 2011 Budget Control Act effective yet. Then, it seems to be China's unilateral and assertive behaviors to expand its maritime jurisdiction in the South China Sea that drives the USN's rebuild-up efforts of the future. Now, some changes began to be perceived in the basic framework of the hitherto regional maritime security, in the name of declining sea control of the USN as well as withering maritime order based on international law and norms. However, the ROK-US alliance system is the most excellent security mechanism upon which the ROK, as a trading power, depends for its survival and prosperity. In addition, as denuclearization of North Korea seems to take significant time and efforts to accomplish in the years to come, nuclear umbrella and extended deterrence by the US is still noting but indispensible for the security of the ROK. In this connection, the naval cooperation between ROKN and USN should be seen and strengthened as the most important deterrents to North Korean nuclear and missile threats, as well as to potential maritime provocation by neighboring countries. Based on these observations, this paper argues that the ROK Navy should try to expand its own deterrent capability by pursuing selective technological innovation in order to prevent this country's destiny from being dictated by other powers. In doing so, however, it may be too risky for the ROK to pursue the emerging, disruptive innovative technologies such as rail gun, hypersonic weapon... etc., due to enormous budget, time, and very thin chance of success. This paper recommends, therefore, to carefully select and extensively invest on the most cost-effective technological innovations, suitable in the operational environments of the ROK. In particular, this paper stresses the following six areas as most potential naval innovations for the ROK Navy: long range precision strike; air and missile defense at sea; ASW with various unmanned maritime system (UMS) such as USV, UUV based on advanced hydraulic acoustic sensor (Sonar) technology; network; digitalization for the use of AI and big data; and nuclear-powered attack submarines as a strategic deterrent.

• Journal of the Korea Society for Simulation
• /
• v.19 no.1
• /
• pp.53-61
• /
• 2010

In wireless sensor networks(WSNs) individual sensor nodes are subject to security compromises. An adversary can physically capture sensor nodes and obtain the security information. And the adversary injects false reports into the network using compromised nodes. If undetected, these false reports are forwarded to the base station. False reports injection attacks can not only result in false alarms but also depletion of the limited amount of energy in battery powered sensor nodes. To combat these false reports injection attacks, several filtering schemes have been proposed. The statistical en-routing filtering(SEF) scheme can detect and drop false reports during the forwarding process. In SEF, The number of the message authentication codes(threshold) is important for detecting false reports and saving energy. In this paper, we propose a dynamic threshold determination method for energy efficient SEF using fuzzy-logic in wireless sensor networks. The proposed method consider false reports rate and the number of compromised partitions. If low rate of false reports in the networks, the threshold should low. If high rate of false reports in networks, the threshold should high. We evaluated the proposed method’s performance via simulation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.3
• /
• pp.499-510
• /
• 2023

Recently, an intelligent and advanced cyber attack attacks a computer network of a public institution using a file containing malicious code or leaks information, and the damage is increasing. Even in public institutions with various information protection systems, known attacks can be detected, but unknown dynamic and encryption attacks can be detected when existing signature-based or static analysis-based malware and ransomware file detection methods are used. vulnerable to The detection method proposed in this study extracts the detection result data of the system that can detect malicious code and ransomware among the information protection systems actually used by public institutions, derives various attributes by combining them, and uses a machine learning classification algorithm. Results are derived through experiments on how the derived properties are classified and which properties have a significant effect on the classification result and accuracy improvement. In the experimental results of this paper, although it is different for each algorithm when a specific attribute is included or not, the learning with a specific attribute shows an increase in accuracy, and later detects malicious code and ransomware files and abnormal behavior in the information protection system. It is expected that it can be used for property selection when creating algorithms.

• Journal of the Korea Society of Computer and Information
• /
• v.28 no.10
• /
• pp.67-76
• /
• 2023

Although deep learning models are making innovative achievements in the field of computer vision, the problem of vulnerability to adversarial examples continues to be raised. Adversarial examples are attack methods that inject fine noise into images to induce misclassification, which can pose a serious threat to the application of deep learning models in the real world. In this paper, we propose a model that detects adversarial examples using differences in predictive values between edge-learned classification models and underlying classification models. The simple process of extracting the edges of the objects and reflecting them in learning can increase the robustness of the classification model, and economical and efficient detection is possible by detecting adversarial examples through differences in predictions between models. In our experiments, the general model showed accuracy of {49.9%, 29.84%, 18.46%, 4.95%, 3.36%} for adversarial examples (eps={0.02, 0.05, 0.1, 0.2, 0.3}), whereas the Canny edge model showed accuracy of {82.58%, 65.96%, 46.71%, 24.94%, 13.41%} and other edge models showed a similar level of accuracy also, indicating that the edge model was more robust against adversarial examples. In addition, adversarial example detection using differences in predictions between models revealed detection rates of {85.47%, 84.64%, 91.44%, 95.47%, and 87.61%} for each epsilon-specific adversarial example. It is expected that this study will contribute to improving the reliability of deep learning models in related research and application industries such as medical, autonomous driving, security, and national defense.