• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.8
• /
• pp.654-662
• /
• 2013

Android applications can be easily decompiled owing to their structural characteristics, in which applications are developed using Java and are self-signed so that applications modified in this way can be repackaged. It will be crucial that this inherent vulnerability may be used to an increasing number of Android-based financial service applications, including banking applications. Thus, code obfuscation techniques are used as one of solutions to protect applications against their forgery. Currently, many of applications distributed on Android market are using ProGuard as an obfuscation tool. However, ProGuard takes care of only the renaming obfuscation, and using this method, the original opcodes remain unchanged. In this paper, we thoroughly analyze obfuscation mechanisms applied in ProGuard, investigate its limitations, and give some direction about its improvement.

• Management Science and Financial Engineering
• /
• v.16 no.2
• /
• pp.81-97
• /
• 2010

Trust is one of the most important aspects of the relationship between retailers and consumers in e-commerce. Users may have concerns about transaction security or personal information leakage when they engage in transactions over the Internet. It can be difficult to attract customers if the retailers or service providers cannot establish trust with their customers. There have been many studies of trust-building mechanisms between customers and e-storefronts. However, little work has been done on identifying the relationships between customer satisfaction, purchase intention, and trust. In addition, trust building occurs in the pre- and post-purchase phases of an e-commerce transaction, as well as gradually over repeated transactions. Thus we distinguish between cue-based trust and experience-based trust. The objective of this study was to explain the impact of trust on customer satisfaction and purchase intention in relation to e-commerce sites from the perspective of a multi-dimensional concept of trust. We surveyed 350 undergraduate students and obtained 331 responses for analysis. The result of our analysis showed that cue-based trust has a positive relationship with trust based on experience. Although the two concepts of trust have positive relationships with satisfaction, the path coefficient of trust based on experience was higher than that of cue-based trust. In addition, the purchase intention mediates the relationship between cue-based trust and experience-based trust.

• Journal of Microbiology and Biotechnology
• /
• v.26 no.5
• /
• pp.938-945
• /
• 2016

Bacterial leaf blight (BLB) caused by Xanthomonas oryzae pv. oryzae (Xoo) is one of the most serious threats to rice production. In this study, screening of rice for resistance to BLB was carried out at two different times and locations; that is, in a greenhouse during winter and in an open field during summer. The pathogenicity of Xoo race K1 was tested on 32 Korean rice cultivars. Inoculation was conducted at the maximum tillering stage, and the lesion length was measured after 14 days of inoculation. Five cultivars, Hanareum, Namcheon, Samgdeok, Samgang, and Yangjo, were found to be resistant in both the greenhouse and open-field screenings. Expression of the plant defense-related genes JAmyb, OsNPR1, OsPR1a, OsWRKY45, and OsPR10b was observed in resistant and susceptible cultivars by qRT-PCR. Among the five genes tested, only OsPR10b showed coherent expression with the phenotypes. Screening of resistance to Xoo in rice was more accurate when conducted in open fields in the summer cultivation period than in greenhouses in winter. The expression of plant defense-related genes after bacterial inoculation could give another perspective in elucidating defense mechanisms by using both resistant and susceptible individuals.

• Journal of KIISE:Computing Practices and Letters
• /
• v.15 no.9
• /
• pp.675-684
• /
• 2009

Internet worm can cause a traffic problem through DDoS(Distributed Denial of Services) or other kind of attacks. In those manners, it can compromise the internet infrastructure. In addition to this, it can intrude to important server and expose personal information to attacker. However, current detection and response mechanisms to worm have many vulnerabilities, because they only use local characteristic of worm or can treat known worms. In this paper, we propose a new framework to detect unknown worms. It uses macroscopic characteristic of worm to detect unknown worm early. In proposed idea, we define the macroscopic behavior of worm, propose a worm detection method to detect worm flow directly in IP packet networks, and show the performance of our system with simulations. In IP based method, we implement the proposed system and measure the time overhead to execute our system. The measurement shows our system is not too heavy to normal host users.

• Nutrition Research and Practice
• /
• v.7 no.5
• /
• pp.347-351
• /
• 2013

Food-dependent exercise-induced anaphylaxis (FDEIAn) is induced by different types and various intensities of physical activity, and is distinct from food allergies. It has been shown that consumption of allergenic food followed by exercise causes FDEIAn symptoms. Intake of allergenic food or medication before exercise is a major predisposing factor for FDEIAn. Urticaria and severe allergic reactions are general symptoms of FDEIAn. Dermatological tests and serum IgE assays are the typical prescreening methods, and have been used for several decades. However, these screening tests are not sufficient for detecting or preventing FDEIAn. It has been found that exercise may stimulate the release of mediators from IgE-dependent mast cells that can result in FDEIAn when a certain threshold level has been exceeded. Mast cell degradation might be a major factor to induce FDEIAn but this has not been determined. A number of foods have been reported to be involved in the onset of FDEIAn including wheat, eggs, chicken, shrimp, shellfish, nuts, fruits, and vegetables. It is also known that aspirin increases the occurrence of type I allergy symptoms when combined with specific foods. Moreover, high intensity and frequent exercise are more likely to provoke an attack than low intensity and less frequent exercise. In this paper, we present the current views of the pathophysiological mechanisms underlying FDEIAn within the context of exercise immunology. We also present a detailed FDEIAn definition along with etiologic factors and medical treatment for cholinergic urticaria (UC) and exercise-induced anaphylaxis (EIA).

• The Journal of Society for e-Business Studies
• /
• v.11 no.4
• /
• pp.87-106
• /
• 2006

Today as the scale of e-commerce constantly expands, the number and the amount of the consumer frauds are also increasing very rapidly, without sufficient levels of systematic support to prevent them. Internet Escrow service is one of the promising payment mechanisms, which guarantees secure electronic trades and payments. Especially, if the real-time product delivery information is available via RFID-based track-and-trace environment, the security and efficiency of the Internet Escrow services would be improved a lot. In this research, proposed a novel approach to integrate EPCglobal Network, which is a de-facto standard for RFID-based information network model, with Internet Escrow services. The proposed service model was implemented in the form of "Integrated Financial Platform", which supports the contracts among trading partners and the payment via Escrow services by being fully integrated with bank systems. Using the implemented EPCglobal Network-based Escrow service system, we would be able not only to shorten the money-flow cycle and to develop new kinds of loan services, but also to overcome the problems of existing Escrow services including the lack of product-related information and the delay of purchasing decisions.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.4
• /
• pp.2276-2291
• /
• 2017

Data protection of removable storage devices is an important issue in information security. Unfortunately, most existing data protection mechanisms are aimed at protecting computer platform which is not suitable for ultra-low-power devices. To protect the flash disk appropriately and efficiently, we propose a trust based USB flash disk, named UTrustDisk. The data protection technologies in UTrustDisk include data authentication protocol, data confidentiality protection and data leakage prevention. Usually, the data integrity protection scheme is the bottleneck in the whole system and we accelerate it by WH universal hash function and speculative caching. The speculative caching will cache the potential hot chunks for reducing the memory bandwidth pollution. We adopt the symmetric encryption algorithm to protect data confidentiality. Before mounting the UTrustDisk, we will run a trusted virtual domain based lightweight virtual machine for preventing information leakage. Besides, we prove formally that UTrustDisk can prevent sensitive data from leaking out. Experimental results show that our scheme's average writing throughput is 44.8% higher than that of NH scheme, and 316% higher than that of SHA-1 scheme. And the success rate of speculative caching mechanism is up to 94.5% since the access pattern is usually sequential.

• The KIPS Transactions:PartC
• /
• v.11C no.6 s.95
• /
• pp.711-718
• /
• 2004

Packet sampling is the techniques to collect a part of the packets through network and analyze the characteristicsof the traffic for managing the network and keeping security. This paper presents a study on the sampling techniques applied to DDoS traffic and on the characteristics of the sampled traffic to detect DDoS attack efficiently and improve traffic analysis capacity. Three famous sampling techniques are evaluated with different sampling rates on various DDoS traffics. To analyze traffic characteristics, one of the DDoS attack detection method. Traffic Rate Analysis (TRA) is used. Simulation results verify that using sampling techniques preserve the traffic characteristics of DDoS and do not significantly reduce the detection accuracy.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.11
• /
• pp.195-200
• /
• 2020

Korea enacted the Protection of Public Interest Reporters Act in March 2011 to protect whistleblowers from acts of infringement of public interest in the private sector. Most acts of infringement of the public interest are carried out secretly within the organization, which is known to the outside world by reports from members of the organization who are well aware of the problems within the organization. However, whistleblowers are at a disadvantage due to reporting and are reluctant to report. In addition, measures are needed to strengthen institutional mechanisms such as confidentiality, protection of personal information, responsibility, and prohibition of disadvantageous measures to effectively protect reporters due to lack of practical protective measures. Therefore, practical protection measures for whistleblowers are needed in line with the purpose of protecting whistleblowers, and measures to expand the corresponding compensation system will also be needed. Therefore, in this study, we would like to review the main contents of the current system for protecting whistleblowers in Korea and suggest reasonable improvement measures for protecting whistleblowers.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.8 no.5
• /
• pp.429-437
• /
• 2015

DDoS attacks have been used for paralyzing popular Internet services. Especially, amplification attacks have grown dramatically in recent years. Defending against amplification attacks is challenging since the attacks usually generate extremely hugh amount of traffic and attack traffic is coming from legitimate servers, which is hard to differentiate from normal traffic. Moreover, some of protocols used by amplification attacks are widely adopted in IoT devices so that the number of servers susceptible to amplification attacks will continue to increase. This paper studies on the analysis of amplification attack mechanisms in detail and proposes defense methodologies for scenarios where attackers, abused servers or victims are in a monitoring network.