• Journal of Digital Convergence
• /
• v.12 no.1
• /
• pp.313-317
• /
• 2014

Smart-phone, PC or tablet platforms, such as smart terminals spread to the masses trying to capitalize. Smart TV also is increasing. In Korea, market size of TV is growing fast with growth of risk of hacking. In this paper, several kinds of Smart TV hacking cases are presented with the possibility of attacks against the vulnerability analysis and countermeasures. Most of the Linux operating system is open. Thus, it is vulnerable for latest hacking techniques. Most are based on the Linux OS to enhance security mount Sand-Box. However, bypass procedure using the technique, or APT attacks can avoid San-Box technique. New hacking techniques and a variety of ways will occur in the future. Therefore, this paper will develop Smart TV, and it analysis of a security threat and establishes better prepared in the future because new hacking attacks are expected to prepare more.

• Journal of Advanced Navigation Technology
• /
• v.17 no.4
• /
• pp.421-428
• /
• 2013

Voice over IP refers to technology that enables routing of voice conversations over the Internet or a TCP/IP network. VoIP communication costs cheaper than traditional analog phone. Phone calls can be made to anywhere / anyone: Both to VoIP numbers as well as people with normal phone numbers. VoIP protocol equipment available today follows the SIP standard. Older VoIP equipment though would follow H 323, MGCP, Megaco/H.248. A SIP server is the main component of an IP PBX, dealing with the setup of all SIP calls in the TCP/IP network. A SIP server is also referred to a Asterisk IP-PBX. A VoIP telephone, also known as a SIP phone or a softphone, allows the user to make phone calls to any softphone, mobile or PC by using App store. A VoIP telephone can be a simple software-based softphone. However, the SIP Server and the program is vulnerable to VoIP attacks. In this paper, eavesdropping attacks tested by using the Asterisk SIP server. Eavesdropping attacks and TLS security methods apply to VoIP system. TLS can be applied to determine whether the eavesdropping available for VoIP Environments.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.2
• /
• pp.253-260
• /
• 2015

The side-channel attack is widely known as an attack on implementations of cryptographic algorithms using additional side-channel information such as power traces, electromagnetic waves and sounds. As a countermeasure of side channel attack, the masking method is usually used, however full-round masking makes the efficiency of ciphers dramatically decreased. In order to avoid such a loss of efficiency, one can use reduced-round masking. In this paper, we describe a side channel attack on the lightweight block cipher LEA with the first one~six rounds masked. Our attack is based on differentials and power traces which provide knowledge of Hamming weight for the intermediate data computed during the enciphering of plaintexts. According to our experimental result, it is possible to recover 25 bits of the first round key in LEA-128.

• Korean Security Journal
• /
• no.38
• /
• pp.83-107
• /
• 2014

As a part of school safety network construction project, a system of school marshal in Seoul-si and a project of academy safety guard in other regions are on the way of improvement. But, the crimes in and around the school, occurring frequently, are not solved easily, as this study points out. The effective improvement way of school safety network construction project is as followings. First, to enforce assistant-class school safety teacher system in order to nurture and educate experts in school safety, as a systematic support for strengthening occupational professionalism. Second, to enforce school safety network construction projects for construct circumstances through legal fix of school safety CPTED to make students free from crimes. This study looks into the real status and problem of school safety networks, and suggests system of school safety teacher and a legal enactment of CPTED, as systematic and a planed school safety countermeasure, not temporary.

• Journal of Internet Computing and Services
• /
• v.14 no.3
• /
• pp.35-46
• /
• 2013

As mobile terminal environment gets matured, the use of Android platform based mobile terminals has been growing high. Recently, the number of attacks by malicious application is also increasing as Android platform is vulnerable to private information leakage in nature. Most of these malicious applications are easily distributed to general users through open market or internet and an attacker inserts malicious code into malicious app which could be harmful tool to steal private data and banking data such as SMS, contacts list, and public key certificate to a remote server. To cope with these security threats more actively, it is necessary to develop countermeasure system that enables to detect security vulnerability existing in mobile device and take an appropriate action to protect the system against malicious attacks. In this sense, this paper aggregates diverse system events from multiple mobile devices and also implements a system to detect attacks by malicious application.

• Convergence Security Journal
• /
• v.20 no.3
• /
• pp.115-123
• /
• 2020

Cyber Attack have evolved more and more in recent years. One of the best countermeasure to counter this advanced and sophisticated cyber threat is to predict cyber attacks in advance. It requires a lot of information and effort to predict cyber threats. If we use Open Source Intelligence(OSINT), the core of recent information acquisition, we can predict cyber threats more accurately. In order to predict cyber threats using OSINT, it is necessary to establish a Database(DB) for cyber attacks from OSINT and to select factors that can evaluate cyber threats from the established DB. We are based on previous researches that built a cyber attack DB using data mining and analyzed the importance of core factors among accumulated DG factors by AHP technique. In this research, we present a method for quantifying cyber threats and propose a cyber threats prediction model based on artificial neural networks.

• Journal of Korean Society of societal Security
• /
• v.4 no.2
• /
• pp.29-40
• /
• 2011

The objective of this paper is to develop an intelligent decision support system that is able to advise disaster countermeasures and degree of incidents on the basis of the collected and analyzed signs of disasters. The concepts derived from ontology, text mining and case-based reasoning are adapted to design the system. The functions of this system include term-document matrix, frequency normalization, confidency, association rules, and criteria for judgment. The collected qualitative data from signs of new incidents are processed by those functions and are finally compared and reasoned to past similar disaster cases. The system provides the varying degrees of how dangerous the new signs of disasters are and the few countermeasures to the disaster for the manager of disaster management. The system will be helpful for the decision-maker to make a judgment about how much dangerous the signs of disaster are and to carry out specific kinds of countermeasures on the disaster in advance. As a result, the disaster will be prevented.

• Journal of Korean Society of Disaster and Security
• /
• v.13 no.3
• /
• pp.45-58
• /
• 2020

Due to a high portion of mountainous terrains in Korea, debris flow and its disasters have been increased. In addition, recently localized flash-floods caused by climate change should add frequencies and potential risks. Grasping and understanding the behaviors of debris flow would allow us to prevent the consequent disasters caused by its occurrence. In this study, we developed a number of cases by changing the bottom slopes and their curvatures and investigated their effects on potential damage caused by the debris flow using FLO-2D. As simulating each bed slopes we analyzed for velocity, depth, impact, reach distance, and reach shape. As a result the lower the average slope, the greater the influence of its curvature and the numerical results were analyzed with showed a well-marked difference in impact stress and flow velocity. The result from this study could be referred for protecting from the debris flows when design countermeasure structures in mountainous regions.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.20 no.5
• /
• pp.659-664
• /
• 2010

This paper provides an integrated framework for biometric data and private information protection in TeleHealth. Biometric technology is indispensable in providing identification and convenience in the TeleHealth environment. Once biometric information is exposed to mallicious attacker, he will suffer great loss from the illegferuse of his biometric data by someone else because of difficulty of change not like ID and password. We have to buil by someone esystem data bon the integrated framework for biometric data and private information protection in TeleHealth. First, we consider the structure of the biometric system and the security requirements of y someone esystem data bon the biometrics. And then, we define the TeleHealth system model and provide the vulnerabilities and countermeasures of the biometric-data by someone eintegrated model.byhe TeleHealth sse bec requires two-phata authentication for countermeasure. Finally, we made some functionferrequirements for main componenets of biometric-data bintegrated TeleHealth system framework to protect biometric data.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.3
• /
• pp.587-601
• /
• 2016

In this paper we suggest method for scalar recoding which is both secure against SPA and DPA. Suggested method is countermeasure to power analysis attack through scalar recoding using negative expression. Suggested method ensures safety of SPA by recoding the operation to apply same pattern to each digit. Also, by generating the random recoding output according to random number, safety of DPA is ensured. We also implement precomputation table and modified scalar addition algorithm for addition to protect against SPA that targets digit's sign. Since suggested method itself can ensure safety to both SPA and DPA, it is more effective and efficient. Through suggested method, compared to previous scalar recoding that ensures safety to SPA and DPA, operation efficiency is increased by 11%.