• Journal of Information Processing Systems
• /
• v.15 no.1
• /
• pp.100-115
• /
• 2019

Malicious code distribution on the Internet is one of the most critical Internet-based threats and distribution technology has evolved to bypass detection systems. As a new defense against the detection bypass technology of malicious attackers, this study proposes the automated tracing of malicious websites in a malware distribution network (MDN). The proposed technology extracts automated links and classifies websites into malicious and normal websites based on link structure. Even if attackers use a new distribution technology, website classification is possible as long as the connections are established through automated links. The use of a real web-browser and proxy server enables an adequate response to attackers' perception of analysis environments and evasion technology and prevents analysis environments from being infected by malicious code. The validity and accuracy of the proposed method for classification are verified using 20,000 links, 10,000 each from normal and malicious websites.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.9
• /
• pp.4706-4726
• /
• 2019

The paper is devoted to the detailed description of the distributed system for gathering data from Windows-based workstations and servers. The research presented in the beginning demonstrates that neither a solution for gathering data on attacks against Windows based PCs is available at present nor other security tools and supplementary programs can be combined in order to achieve the required attack data gathering from Windows computers. The design of the newly proposed system named Colander is presented, too. It is based on a client-server architecture while taking much inspiration from previous attempts for designing systems with similar purpose, as well as from IDS systems like Snort. Colander emphasizes its ease of use and minimum demand for system resources. Although the resource usage is usually low, it still requires further optimization, as is noted in the performance testing. Colander's ability to detect threats has been tested by real malware, and it has undergone a pilot field application. Future prospects and development are also proposed.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.11a
• /
• pp.347-350
• /
• 2013

본 논문에서는 무선 인터넷이 대중화 되면서 프록시 서버의 역할의 중요성과 대용량 데이터 보안, 대용량 트래픽을 처리할 수 있는 확장성이 요구되어지고 있다. 무선 인터넷은 유선 인터넷과 달리 기술 환경과 그 특성상 여러가지 제약점들을 가지고 있다. 낮은 대역폭, 이동성 문제, 네트워크 프로토콜, 보안, 데이터 압축, 캐싱 방법 등 아직 기술적으로 해결하여야 문제점을 가지고 있다. 본 논문에서는 데이터 보안을 위하여 무선 인터넷 프록시 서버에 Erasure code 코드를 사용하여 기밀성, 무결성, 가용성 등을 강화하면서 서버의 성능 저하를 해결하기 위하여 서버 부하분산을 적용시키고자 한다.

• Journal of Information Technology Applications and Management
• /
• v.28 no.6
• /
• pp.87-95
• /
• 2021

Recently interest for air pollution is gradually increasing. However, according to the environmental assessment of air quality, the level of air pollution in the nation is quite serious, and air pollutants measuring facilities are also not enough. In this paper, a secure air pollutants sensor system based low power wireless communication is designed and implemented. The proposed system is composed of three parts: air pollutants measuring sensors module, LoRa-based data transmission module, and monitoring module. In the air pollutants measuring module, the MSP430 board with six big air pollutants measuring sensors are used. The air pollutants sensing data is transmitted to the control server in the monitoring system using LoRa transmission module. The received sensing data is stored in the database of the monitoring system, and visualized in real-time on the map of the sensor locations. The implemented air pollutant sensor system can be used for measuring the level of air quality conveniently in our daily lives.

• Journal of information and communication convergence engineering
• /
• v.21 no.3
• /
• pp.185-191
• /
• 2023

The Internet of Things (IoT) can be defined as the connection of devices, sensors, and actors via the Internet to a single network to provide services to end-users. Owing to the flexibility and simplicity of IoT devices, which impart convenience to end-users, the demand for these devices has increased significantly in the last decade. To make these systems more scalable, achieve a larger number of connected devices, and achieve greater economic success, it is vital to develop them by considering parameters such as security, cost, bandwidth, data rate, and power consumption. This study aims to improve energy efficiency and prolong the lifetime of IoT networks by proposing a new approach called the constrained application protocol CoAP45. This approach reduces the number of updates to the CoAP server using a centralized resource. The simulation results show that the proposed approach outperforms all existing protocols.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.11a
• /
• pp.617-618
• /
• 2009

본 논문에서는 SSL/VPN 터널링 기법을 이용하여 CCTV에서 영상정보를 보호하기 위한 SSL 통신 메카니즘을 제안하고, 제안한 방법을 기본으로한 보안 시스템의 설계 및 구축에 관하여 기술한다. 제안한 보안 시스템(VPN client와 Server) 은 Linux System O/S 인 Fedora 8 버전에서 개발하였으며 사용한 라이브러리는 OpenSSL과 PPTP와 PPP를 사용하였다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2020.11a
• /
• pp.431-433
• /
• 2020

4 차 산업혁명의 시대를 맞아 사물인터넷 및 5G 를 활용한 수많은 사물들이 인터넷을 기반으로 연결되고 있다. 또한 이러한 사물들을 관제 및 유지 보수하기 위해서 장비들에 보안 관제 시스템을 구축하고 모니터링을 하기 위한 많은 비용과 관리의 어려움을 겪고 있다. 만약, 장비들이 스스로 능동적인 방어를 하게 된다면 유지관리의 가장 큰 문제가 해결될 것이다. 이러한 능동적인 보안을 통해 보호대상 시스템의 다양한 특징들을 시간의 변화에 따라 역동적으로 변경하는 MTD(Moving Target Defense)기법들이 개발되고 있다. 본 논문에서는 네트워크 기반의 NMTD(Network-based MTD)를 이용하여 호스트 서버에 IP 와 PORT 로 접속하는 SSH 에 적용하여 능동적으로 보호하고, OTP 를 활용하여 사용자 식별을 통해 SSH 에 대한 내부자 접속에 대한 보안을 강화하는 시스템을 설계 및 구현하였다.

• Journal of Information Processing Systems
• /
• v.18 no.6
• /
• pp.741-754
• /
• 2022

Openstack is widely used as a representative open-source infrastructure of the service (IaaS) platform. The Openstack Identity Service is a centralized approach component based on the token including the Memcached for cache, which is the in-memory key-value store. Token validation requests are concentrated on the centralized server as the number of differently encrypted tokens increases. This paper proposes the practical Byzantine fault tolerance (PBFT) blockchain-based Openstack Identity Service, which can improve the performance efficiency and reduce security vulnerabilities through a PBFT blockchain framework-based decentralized approach. The experiment conducted by using the Apache JMeter demonstrated that latency was improved by more than 33.99% and 72.57% in the PBFT blockchain-based Openstack Identity Service, compared to the Openstack Identity Service, for 500 and 1,000 differently encrypted tokens, respectively.

• Journal of information and communication convergence engineering
• /
• v.22 no.1
• /
• pp.64-69
• /
• 2024

Blockchain is a decentralized network in which data blocks are linked. Through a decentralized peer-to-peer network, users can create shared databases, resulting in a trustworthy and aggregated database known as a blockchain that enhances reliability and security. The distributed nature of the blockchain enables data to be stored on multiple nodes, eliminating the need for a central server or platform. This disintermediation significantly reduces the transaction and administrative costs. The blockchain is particularly valuable in applications where reliability and stability are critical because it establishes an open database that ensures data integrity, making it virtually impossible to tamper with or falsify data. This study explores the diverse applications of the blockchain technology in virtual assets, such as cryptocurrency, decentralized finance, central bank digital currency, nonfungible tokens, and metaverses. In addition, it analyzes the potential prospects and developments driven by these innovative technologies.

• Korean Security Journal
• /
• no.19
• /
• pp.225-244
• /
• 2009

Electronic security system is composed mainly of electronic-information-communication device, so system technology, configuration and management of the electronic security system could be affected by the change of information-communication environment. This study is to propose the future prospect on the development of technique for electronic security system through the analysis of the trend and the actual condition on the development of technique. This study is based on literature study and interview with user and provider of electronic security system, also survey was carried out by system provider and members of security integration company to come up with more practical result. Hybrid DVR technology that has multi-function such as motion detection, target tracking and image identification is expected to be developed. And 'Embedded IP camera' technology that internet server and image identification software are built in. Those technologies could change the configuration and management of CCTV system. Fingerprint identification technology and face identification technology are continually developed to get more reliability, but continual development of surveillance and three-dimension identification technology for more efficient face identification system is needed. As radio identification and tracking function of RFID is appreciated as very useful for access control system, hardware and software of RFID technology is expected to be developed, but government's support for market revitalization is necessary. Behavior pattern identification sensor technology is expected to be developed and could replace passive infrared sensor that cause system error, giving security guard firm confidence for response. The principle of behavior pattern identification is similar to image identification, so those two technology could be integrated with tracking technology and radio identification technology of RFID for total monitoring system. For more efficient electronic security system, middle-ware's role is very important to integrate the technology of electronic security system, this could make possible of installing the integrated security system.