• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2002.05a
• /
• pp.481-484
• /
• 2002

News service provide professional knowledge which can't be gained from any other internet service and the only way to keep pace with professional group. To get this advantage, many country provide news service and three major korean news server connected with foreign news server provide many articles to korea. A lot of institutes - company, research centers and universities - forward articles to home and abroad. In spite of this important effect, The user of news service and technical supports grow smaller. And now It is necessary for a nation to support and operate by non-profitable business. Especially, partially adapted security weaken entire system safety and can't satisfy service provider of various necessary condition. In this paper, we will mention troubles in authentication and suggest safety authentication method which must be supported by established news service.

• The KIPS Transactions:PartC
• /
• v.13C no.1 s.104
• /
• pp.19-26
• /
• 2006

Recently, web server hacking is trending toward web application hacking which uses comparatively vulnerable web applications based on open sources. And, it is possible to hack databases using web interfaces because web servers are usually connected databases. Web application attacks use vulnerabilities not in web server itself, but in web application structure, logical error and code error. It is difficult to defend web applications from various attacks by only using pattern matching detection method and code modification. In this paper, we propose a method to secure the web applications based on profiling which can detect and filter out abnormal web application requests.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.43 no.7 s.349
• /
• pp.41-49
• /
• 2006

Wireless AD-hoc network can construct a network itself without any arbitrator. Therefore, it is difficult to make preparation for disguised assault from an illegal node, and because lots of packets from disguised assault spread over whole network, it influences the network usability and livability. This thesis proposed a safe IPv6 tunnel broker (TB) based on TSP (Tunnel Setup Protocol) to improve safety of the wireless Ad-hoc network, and to solve security problem of a tunnel broker that makes a linkage IPv4 and IPv6. To communicate between client and the tunnel broker, proposed method does not base on HTTP, but S-HTTP (Secure-HTTP) and it uses encryption/decryption to send and receive XML document. Finally, this method encrypts (decrypts) important information by applying IPSec between client and TS (Tunnel Server).

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.1 s.45
• /
• pp.117-126
• /
• 2007

Web Forensics algorithm used to an extraction of technical Web Forensics data to be adopted to proof data regarding a crime cyber a computer at data of a great number of log History is an essential element. Propose Web Forensics algorithm, and design at these papers, and try to implement in a Web server system of an actual company. And make the Web dispatch Loging system configuration experiment that applied integrity regarding Web log History information or authentication regarding an information source. Design Web Forensics algorithm and the Flow which used for Web log History analyses at server of e-mail, webmail, HTTP (Web BBs. Blog etc.), FTP, Telnet and messengers (MSN, NateOn, Yahoo, DaumTouch, BuddyBuddy, MsLee, AOL, SoftMe) of a company, and implement through coding. Therefore have a purpose of these Paper to will contribute in scientific technical development regarding a crime cyber a computer through Web Forensics.

• The KIPS Transactions:PartC
• /
• v.10C no.6
• /
• pp.793-798
• /
• 2003

The P2P service is a technology that can share their information with each other who is able to be connected ith a relating program without passing by a server. Since all personal compiters that linked to the internet under the P2P service can opetate as server or a client, they can provide and share both their information and services through the direct connection. Currently, the P2P service is giving an equal privilege to all users for sharing their resources,.Under this situation, a lot of vulnerability against the various sttacks through the Unternet is possoble, more sophisticated security services are necessary. In this paper, We propose and access control schemae using SPKI(Simple Public Key Infrastructure). The scheme designates and access and acces control by providing the certificate to users who request a connection for resource sharing and limits the resource usage of information provider according to the access right that is given to their own rights.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.12B
• /
• pp.1115-1123
• /
• 2003

In this paper, a remote control system called TeleRemote system which can be applied to existing wireless mobile networks or public telephone networks for remote control is designed and implemented. The proposed design employs program technology based on the theory of signal detect control and enables the EPG(Electronic Program Guide) functions such as recording reservation of bidirectional video signals with TV reception card on PC. It can also control recording reservation using remote control program through telecommunication network The PC-EPG system is implemented in Web programs with Server/Clinet architecture and the server system that provides EPG functionalities is in charge of recording reservations and data communications by means of the scheduler program. Data storing to client PCs is performed through TCP/IP and finished by client programs implemented using Visual C++/MFC programs. As remote control system, the developed system can be used for unmanned security system using the Web camera. Building intranet and making connection to internet, the TeleRemote system is believed to create potential for commercial communication system.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.12 no.4
• /
• pp.1911-1918
• /
• 2011

Internet banking, electronic financial services and internet telephony service can be available on smart phone recently. In this case, more robust authentication mechanisms should be provided for enhancing security on it. In this study, a facial biometric ID based one-time password generation mechanism is designed and implemented for enhancing user authentication on smart phone. After capturing a facial biometric data using camera module on smart phone, it is sent to server to generate one-time biometric ID. Finally one-time password will be generated by client module after receiving the one time biometric ID based challenge token from the server. Using proposed biometric ID based one-time password mechanism, it is possible for us to provide more secure user authentication service on smart phone for SIP protocol.

• The KIPS Transactions:PartD
• /
• v.9D no.3
• /
• pp.477-486
• /
• 2002

vCard that is the electronic business card automates the exchange of personal information typically found on a traditional business card. vCard information contains not only simple text, but also graphics and multimedia data like pictures, company logos, Web addresses, and so on. This paper describes the design and implementation of Web-based vCard agent system for exchanging vCard, an electronic business card and searching another user's vCard in mobile phone environment. In today's business environment, such as that this information is typically exchanged on business cards. Our web agent system in this paper connect web server which provide vCard service and search, edit vCard information displayed by web browser of mobile phone and exchange vCard with another user through internet. Considering characteristics of wireless devices that have limited storage space, It also saves constructed XML documents that include user's informations in a web server and solves the security problem by exchanging not personal data or XML but encrypted directory name where XML document exits as exchanging vcard.

• Journal of Convergence for Information Technology
• /
• v.8 no.6
• /
• pp.231-236
• /
• 2018

Recently, a wide variety of IoT environment is being created due to the rapid development of information and communication technology. And accordingly in a variety of network structures, a countless number of attack techniques and new types of vulnerabilities are producing a social disturbance. In May of 2018, Talos Intelligence, the Cisco threat intelligence team has newly discovered 'VPN-Filter', which constitutes a large-scale IoT-based botnet, is infecting consumer routers in over 54 countries around the world. In this paper, types of IoT-based botnets and the attack techniques utilizing botnet will be examined and the countermeasure technique through EXIF metadata removal method which is the cause of connection method of C & C Server will be proposed by examining the characteristics of attack vulnerabilities and attack scenarios of VPN-Filter.

• Journal of The Korean Society For Urban Railway
• /
• v.6 no.4
• /
• pp.279-286
• /
• 2018

Recently, a safety control platform to monitor the safety of train operation in real time and prevent accidents and risks through control is under study. In the initial design, DDS communication method supporting distributed network is adopted for real-time processing of large amount of data according to the integration of existing distributed safety data. However, communication between server and console inside the safety control platform is applied to existing TCP socket communication. In the case of TCP socket communication, it is possible to process data for a small system of a safety control test bed by one-to-one communication. However, if the data is expanded all over the country in the future, it becomes difficult to cope with a case where communication traffic occurs due to vast amount of data. In this paper, we propose DDS communication method to support distributed network between server and console of security control platform, and demonstrate TCP socket and DDS method, and compare throughput and speed. As a result, we have found that the scalability and flexibility are improved in case of applying DDS communication to future systems.