• Title/Summary/Keyword: Recording Attack

Search Result 21, Processing Time 0.019 seconds

Implementation of Secure Keypads based on Tetris-Form Protection for Touch Position in the Fintech (핀테크에서 터치 위치 차단을 위한 테트리스 모양의 보안 키패드의 구현)

  • Mun, Hyung-Jin;Kang, Sin-Young;Shin, ChwaCheol
    • Journal of Convergence for Information Technology
    • /
    • v.10 no.8
    • /
    • pp.144-151
    • /
    • 2020
  • User-authentication process is necessary in Fintech Service. Especially, authentication on smartphones are carried out through PIN which is inputted through virtual keypads on touch screen. Attacker can analogize password by watching touched letter and position over the shoulder or using high definition cameras. To prevent password spill, various research of virtual keypad techniques are ongoing. It is hard to design secure keypad which assures safety by fluctuative keypad and enhance convenience at once. Also, to reconfirm user whether password is wrongly pressed, the inputted information is shown on screen. This makes the password easily exposed through high definition cameras or Google Class during recording. This research analyzed QWERTY based secure keypad's merits and demerits. And through these features, creating Tetris shaped keypad and piece them together on Android environment, and showing inputted words as Tetris shape to users through smart-screen is suggested for the ways to prevent password spill by recording.

Depth estimation of an underwater target using DIFAR sonobuoy (다이파 소노부이를 활용한 수중표적 심도 추정)

  • Lee, Young gu
    • The Journal of the Acoustical Society of Korea
    • /
    • v.38 no.3
    • /
    • pp.302-307
    • /
    • 2019
  • In modern Anti-Submarine Warfare, there are various ways to locate a submarine in a two-dimensional space. For more effective tracking and attack against a submarine the depth of the target is a critical factor. However, it has been difficult to find out the depth of a submarine until now. In this paper a possible solution to the depth estimation of submarines is proposed utilizing DIFAR (Directional Frequency Analysis and Recording) sonobuoy information such as contact bearings at or prior to CPA (Closest Point of Approach) and the target's Doppler signals. The relative depth of the target is determined by applying the Pythagorean theorem to the slant range and horizontal range between the target and the hydrophone of a DIFAR sonobuoy. The slant range is calculated using the Doppler shift and the target's velocity. the horizontal range can be obtained by applying a simple trigonometric function for two consecutive contact bearings and the travel distance of the target. The simulation results show that the algorithm is subject to an elevation angle, which is determined by the relative depth and horizontal distance between the sonobuoy and target, and that a precise measurement of the Doppler shift is crucial.

Technique for PIN Entry Using an Accelerometer Sensor and a Vibration Sensor on Smartphone (스마트폰에서 가속도 센서와 진동 센서를 이용한 PIN 입력 기법)

  • Jung, Changhun;Jang, RhongHo;Nyang, DaeHun;Lee, KyungHee
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.6 no.12
    • /
    • pp.497-506
    • /
    • 2017
  • There have been previous researches about user authentication by analyzing the user's gait or behavior or action using the accelerometer sensor of smartphone, but there was a lack of user convenience to apply PIN entry. In this paper, we propose the technique for PIN entry without a touch on smartphone, the technique uses an accelerometer sensor and a vibration sensor built in the smartphone to enter the PIN. We conducted a usability experiment using the proposed technique and confirmed that the usability can be increased according to users become accustomed to this technique and that the users can enter PIN with 12.9 seconds and a probability of 100% on average. Also we conducted a security experiment and confirmed that an attack success rate is 0% when an attacker attacked the user using the recording attack and that it is more secure than the previous PIN entry technique. As a result, we was able to confirm that this technique can be used sufficiently.

STM-GOMS Model: A Security Model for Authentication Schemes in Mobile Smart Device Environments (STM-GOMS 모델: 모바일 스마트 기기 환경의 인증 기법을 위한 안전성 분석 모델)

  • Shin, Sooyeon;Kwon, Taekyoung
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.22 no.6
    • /
    • pp.1243-1252
    • /
    • 2012
  • Due to the widespread use of smart devices, threats of direct observation attacks such as shoulder surfing and recording attacks, by which user secrets can be stolen at user interfaces, are increasing greatly. Although formal security models are necessary to evaluate the possibility of and security against those attacks, such a model does not exist. In this paper, based on the previous work in which a HCI cognitive model was firstly utilized for analyzing security, we propose STM-GOMS model as an improvement of GOMS-based model with regard to memory limitations. We then apply STM-GOMS model for analyzing usability and security of a password entry scheme commonly used in smart devices and show the scheme is vulnerable to the shoulder-surfing attack. We finally conduct user experiments to show the results that support the validity of STM-GOMS modeling and analysis.

현대 의상에 나타난 Cezanne 회화의 조형성에 관한 연구

  • 이효진
    • Journal of the Korean Society of Costume
    • /
    • v.18
    • /
    • pp.167-181
    • /
    • 1992
  • This study was conducted to clarify the formativeness of Cezanne's painting and it's influence on the Modern Fashion. Recently, fashion was introduced and applied the originality of paintings into the fabric and fashion designing. To go with the current of the times I already discussed about the Modern Fashion under the influence of the color of Impressionism and N대-Impressionism in the previous paper. In this study, Cezanne's painting and it's influence on the Modern fashion was investigated. As one of the original Impressionist, Paul Cez anne had been so adversely affected by the critical attack on his contributions to the 1874 and 1877 exhibitions that he never again showed with the group. That is, he was the first Impressionist to become dissatisfied with the superficial recording of atmospheric effects. When he turned to nature, it was not simply to depict the objects that occupied a given site but rather to consider relationships among those objects. Cezanne attempted to track down the fundamental laws of geometrical prototypes of sphere, prism and corn. Color too, he found, could be employed according to principle, like the tones of a musical scale. Throughout the Modern Fashion, various forms of Bustle style dress and geometrical style dress were reappered under the influence of the Cez anne's painting technique. And the order and the unity of all nature was illuminated on the fashion's pattern.

  • PDF

E-mail System Model based on Ethereum (이더리움 기반 이메일 시스템 모델)

  • Kim, Taekyung
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.13 no.4
    • /
    • pp.99-106
    • /
    • 2017
  • With the advent of virtual money such as bit coins, interest in the block chain is increasing. Block Chain is a technology that supports Distributed Ledger and is a versatile technology applicable to various fields. Currently, the block chain is conducting research for various applications such as virtual money, trade finance, marketplace, power market, image contents service, and IoT. The technologies that make up the block chain are smart contract, digital signature/hash function and consensus algorithm. And these technologies operate on P2P networks. In this paper, we have studied e-mail system based on the ethereum which is one of the block chain based technologies. Most legacy mail systems use SMTP and the POP3/IMAP protocol to send and receive e-mail, and e-mail use S/MIME to protect the e-mail. However, S/MIME is vulnerable to DDoS attacks because it is configured centrally. And it also does not provide non-repudiation of mail reception. To overcome these weaknesses, we proposed an e-mail system model based on ethereum. The proposed model is able to cope with DDoS attack and forgery prevention by using block chain based technology, and reliable recording and management among block chain participants are provided, so that it is possible to provide a non-repudiation function of e-mail transmission and reception.

Controversies in Usefulness of EEG for Clinical Decision in Epilepsy: Pros. (간질 치료에서 뇌파의 임상적 유용성에 관한 논란: 긍정적 관점에서)

  • Shon, Young-Min;Kim, Yeong In
    • Annals of Clinical Neurophysiology
    • /
    • v.9 no.2
    • /
    • pp.63-68
    • /
    • 2007
  • The EEG plays an important diagnostic role in epilepsy and provides supporting evidence of a seizure disorder as well as assisting with classification of seizures and epilepsy syndromes. There are a variety of electroclinical syndromes that are really defined by the EEG such as Lennox-Gastaut syndrome, benign rolandic epilepsy, childhood absence epilepsy, juvenile myoclonic epilepsy and also for localization purposes, it is vitally important especially for temporal lobe epilepsy. The sensitivity of first routine EEG in diagnosis of epilepsy has been known about 20-50%, but this proportion rises to 80-90% if sleep EEG and repetitive recording should be added. Convincing evidences suggest that the EEG may also provide useful prognostic information regarding seizure recurrence after a single unprovoked attack and following antiepileptic drug (AED) withdrawal. Moreover, patterns in the EEG make it possible to disclose an ictal feature of nonconvulsive status epilepticus, separate epileptic from other non-epileptic episodes and clarify the clues predictive of the cause of the encephalopathy (i.e., triphasic waves in metabolic encephalopathy). Therefore, regardless of its low sensitivity and other pitfalls, EEG should be considered not only in the situation of new onset episode such as a newly developed, unprovoked seizure or a condition manifesting decreased mentality from obscure origin, but also as a barometer of the long-term outcome following AED withdrawal.

  • PDF

D-PASS: A Study on User Authentication Method for Smart Devices (D-PASS: 스마트 기기 사용자 인증 기법 연구)

  • Jeoung, You-Sun;Choi, Dong-Min
    • The Journal of the Korea institute of electronic communication sciences
    • /
    • v.12 no.5
    • /
    • pp.915-922
    • /
    • 2017
  • The rapid increase in users of mobile smart devices has greatly expanded their range of activities. Compare to conventional mobile devices, smart devices have higher security requirements because they manage and use various kind of confidential information of the owners. However, the cation schemes provided by conventional smart devices are vulnerable to recent attacks such as shoulder surfing, recording, and smudge attacks, which are the social engineering attacks among the types of security attacks targeting the smart devices. In this paper, we propose a novel authentication method that is robust against social engineering attacks but sufficiently considering user's convenience. The proposed method is robust by using combination of a graphical authentication method and a text-based authentication method. Furthermore, our method is easier to memorize the password compare to the conventional graphical authentication methods.

Ventricular premature complexes and associated factors in the early postinfarction period (급성 심근경색증 회복 초기의 심실기외 수축 발생에 관련하는 인자에 대한 연구)

  • Choi, Jong-Hoa;Hyun, Myung-Soo;Kim, Young-Jo;Shim, Bong-Sup;Lee, Hyun-Woo
    • Journal of Yeungnam Medical Science
    • /
    • v.7 no.1
    • /
    • pp.61-68
    • /
    • 1990
  • To assess the role of multiple factors in influencing occurrence of ventricular premature complexes after acute myocardial infarction twenty-four hour Holter electrocardiographic tape recording were made in 40 survivors of an acute myocardial infarction 10 to 20 days after attack. Ventricular premature complexes were found in 72.5percent of the patients. The incidence and grade of ventricular premature complexes in the early postinfarction period were not correlated with left ventricular function, age, sex, smoking, dibetes mellitus, previous angina, and previous myocardial infarction. The occurrence of ventricular premature complexes showed a positive correlation with the occurrence of ST-T change. The occurrence of ventricular premature complexes during sleep hours was compared to the awake state. In 22 patients. the incidence of ventricular premature complexes was reduced during sleep. If patients free of ectopic activity during 24-hour monitoring sessions are excluded from analysis, the 22 of patients, or in 76percent, sleep was associated with a lowered occurrence of ventricular extrasystoles.

  • PDF

Consortium Blockchain based Forgery Android APK Discrimination DApp using Hyperledger Composer (Hyperledger Composer 기반 컨소시움 블록체인을 이용한 위조 모바일 APK 검출 DApp)

  • Lee, Hyung-Woo;Lee, Hanseong
    • Journal of Internet Computing and Services
    • /
    • v.20 no.5
    • /
    • pp.9-18
    • /
    • 2019
  • Android Application Package (APK) is vulnerable to repackaging attacks. Therefore, obfuscation technology was applied inside the Android APK file to cope with repackaging attack. However, as more advanced reverse engineering techniques continue to be developed, fake Android APK files to be released. A new approach is needed to solve this problem. A blockchain is a continuously growing list of records, called blocks, which are linked and secured using cryptography. Each block typically contains a cryptographic hash of theprevious block, a timestamp and transaction data. Once recorded, the data inany given block cannot be altered retroactively without the alteration of all subsequent blocks. Therefore, it is possible to check whether or not theAndroid Mobile APK is forged by applying the blockchain technology. In this paper, we construct a discrimination DApp (Decentralized Application) against forgery Android Mobile APK by recording and maintaining the legitimate APK in the consortium blockchain framework like Hyperledger Fabric by Composer. With proposed DApp, we can prevent the forgery and modification of the appfrom being installed on the user's Smartphone, and normal and legitimate apps will be widely used.