• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.4 no.5
• /
• pp.968-988
• /
• 2010

Anonymous hierarchical identity based encryption (HIBE) is an extension of identity based encryption (IBE) that can use an arbitrary string like an e-mail address for a public key, and it additionally provide the anonymity of identity in ciphertexts. Using the anonymous HIBE schemes, it is possible to construct anonymous communication systems and public key encryption with keyword search. This paper presents an anonymous HIBE scheme with constant size ciphertexts under prime order symmetric bilinear groups, and shows that it is secure under the selective security model. Previous anonymous HIBE schemes were constructed to have linear size ciphertexts, to use composite order bilinear groups, or to use asymmetric bilinear groups that is a special type of bilinear groups. Our construction is the first efficient anonymous HIBE scheme that has constant size ciphertexts and that uses prime order symmetric bilinear groups. Compared to the previous scheme of composite order bilinear groups, ours is ten times faster. To achieve our construction, we first devise a novel cancelable random blinding technique. The random blinding property of our technique provides the anonymity of our construction, and the cancellation property of our technique enables decryption.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.3
• /
• pp.1063-1075
• /
• 2022

In recent years, container techniques have been broadly applied to cloud computing systems to maximize their efficiency, flexibility, and economic feasibility. Concurrently, studies have also been conducted to ensure the security of cloud computing. Among these studies, moving-target defense techniques using the high agility and flexibility of cloud-computing systems are gaining attention. Moving-target defense (MTD) is a technique that prevents various security threats in advance by proactively changing the main attributes of the protected target to confuse the attacker. However, an analysis of existing MTD techniques revealed that, although they are capable of deceiving attackers, MTD techniques have practical limitations when applied to an actual cloud-computing system. These limitations include resource wastage, management complexity caused by additional function implementation and system introduction, and a potential increase in attack complexity. Accordingly, this paper proposes a software-defined MTD system that can flexibly apply and manage existing and future MTD techniques. The proposed software-defined MTD system is designed to correctly define a valid mutation range and cycle for each moving-target technique and monitor system-resource status in a software-defined manner. Consequently, the proposed method can flexibly reflect the requirements of each MTD technique without any additional hardware by using a software-defined approach. Moreover, the increased attack complexity can be resolved by applying multiple MTD techniques.

• Korean Security Journal
• /
• no.5
• /
• pp.109-130
• /
• 2002

As proceeding Munmin and Kukmin's government, it is to bring in regionalism of genernal public administration and police administration, specialization, efficiency issue, demand inventing of audit technique to meet this trends. Especially, according to supporting qualitative improvement of the audit, its environment faced that orienting performance audit emphasis on not the legality but the efficiency more systematic and scientific theory or technique. In order to attain police audit's efficiency through performance audit, this study discussed that scientific management techniques should be applied police audit. Accordingly, the primary purpose of this study is to apply public audit to scientific management technique, bring to light limits in public sector(especially, police sector). To be efficiency audit(namely, performance audit), 1) OR techniques are explained linear programming, network modeling, PERT/CPM, queuing matrix model, simulation, 2) Statistical analysis methods are argued delphi technique, data envelopment analysis(DEA), analytic hierarchical process(AHP), time series analysis models etc.

• International Journal of Internet, Broadcasting and Communication
• /
• v.14 no.1
• /
• pp.116-121
• /
• 2022

In this paper, we propose a highly secure watermarking technique in which the watermark is multi-encrypted using the R, G, and B component pixels of color image, and then the multi-encrypted watermark is hidden in the LSB of the color image pixel. According to the technique proposed in this paper, the quality of the stego-image created by hiding the multi-encrypted watermark in the LSB of the color image is so excellent that the difference from the cover image cannot be recognized. Also, it is possible to extract the original watermark from the stego-image without loss. If the watermark is hidden in the image using the proposed technique, the security of the watermark is maintained very well because the watermark hidden in the stego-image is multi-encrypted. The proposed watermarking technique can be used in the applications such as military and intellectual property protection requiring high security.

• International Journal of Computer Science & Network Security
• /
• v.24 no.3
• /
• pp.101-106
• /
• 2024

This article aims to compare the accuracy of the Backpropagation Neural Network (BPNN) and Learning Vector Quantization (LVQ) approaches in recognizing Sundanese characters. Based on experiments, the level of accuracy that has been obtained by the BPNN technique is 95.23% and the LVQ technique is 66.66%. Meanwhile, the learning time that has been required by the BPNN technique is 2 minutes 45 seconds and then the LVQ method is 17 minutes 22 seconds. The results indicated that the BPNN technique was better than the LVQ technique in recognizing Sundanese characters in accuracy and learning time.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2016.07a
• /
• pp.93-94
• /
• 2016

사용자가 편리하게 사용하는 USB 인터페이스를 지원하는 컨트롤러 내부에 저장된 펌웨어를 조작하여 악의적인 행위를 수행하는 BAD USB가 출현하였다. BAD USB의 경우에는 악의적인 코드가 호스트에 존재하는 것이 아니라 장치 내부의 펌웨어에 존재하기 때문에 현재의 안티 바이러스 제품이 탐지하지 못하므로 그 대응방안이 시급하다. 이에 BAD USB를 탐지하고 대응하기 위한 연구가 활발히 진행되는 추세이지만, 아직 해결책으로는 미비한 실정이다. 따라서 본 논문에서는 사용자 인지를 기반으로 BAD USB를 탐지하는 방안을 제안한다.

• Journal of Internet Computing and Services
• /
• v.22 no.5
• /
• pp.17-26
• /
• 2021

This paper is about a physical layer frame security technique using OFB-style encryption/decryption with AES algorithms on Gigabit Ethernet network. We propose a data security technique at the physical layer that performs OFB-style encryption/decryption with AES algorithm with strong security strength when sending and receiving data over Gigabit Ethernet network. Generally, when operating Gigabit Ethernet network, there is no security features, but data security is required, additional devices that apply this technique can be installed to perform security functions. In the case of data transmission over Gigabit Ethernet network, the Ethernet frames conform to IEEE 802.3 specification, which includes several fields to ensure proper reception of data at the receiving node in addition to the data field. When encrypting, only the data field should be encrypted and transmitted in real time. In this paper, we show that only the data field of the IEEE802.3 frame is encrypted and transmitted on the sending node, and only the data field is decrypted to show the plain text on the receiving node, which shows that the encryption/decryption is carried out correctly. Therefore, additional installation of devices that apply this technique can increase the reliability of the system when security for data is required in Ethernet network operating without security features.

• Journal of Internet Computing and Services
• /
• v.23 no.1
• /
• pp.49-68
• /
• 2022

The operation system of a shipping company is still maintaining the mainframe based terminal access environment or the client/server based environment. Nowadays shipping companies that try to migrate it into a web-based environment are increasing. However, in the transition, if the design is processed by the old configuration and knowledge without considering the characteristics of the web-based environment and shipping business, various security vulnerabilities will be revealed at the actual system operation stage, and system maintenance costs to fix them will increase significantly. Therefore, in the transition to a web-based environment, a security design must be carried out from the design stage to ensure system safety and to reduce security-related maintenance costs in the future. This paper examines the characteristics of various threat modeling techniques, selects suitable modeling technique for the operation system of a shipping company, applies data flow diagram and STRIDE threat modeling technique to shipping business, derives possible security threats from each component of the data flow diagram in the attacker's point of view, validates the derived threats by mapping them with attack library items, represents the attack tree having various attack scenarios that attackers can attempt to achieve their final goals, organizes into the checklist that has security check items, associated threats and security requirements, and finally presents 23 security requirements that can respond to threats. Unlike the existing general security requirements, the security requirements presented in this paper reflect the characteristics of shipping business because they are derived by analyzing the actual business of a shipping company and applying threat modeling technique. Therefore, I think that the presented security requirements will be of great help in the security design of shipping companies that are trying to proceed with the transition to a web-based environment in the future.

• Journal of Internet of Things and Convergence
• /
• v.2 no.1
• /
• pp.17-21
• /
• 2016

The rapid development of IoT leads new kinds of services which does not existed. And, it requires several changes on existing network. Software Defined Network is one of the future network technology which can deal with problems from these kinds of changes. The strong point of Software Defined Network is flexibility and scalability. However, In some cases, these factors could be the security vulnerabilities. In this paper, we present adaptation of F(I)MEA technique for the security analysis on Software Defined Network Technology for IoT services.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.6
• /
• pp.1457-1465
• /
• 2017

With the growing of smart devices market, malicious behavior has gradually expanded its scope. Accordingly, many studies have been conducted to analyze malicious apps and automated analysis tools have been released. However these tools cause the side effects that the application protection tools such as ProGuard, DexGuard become vulnerable to analyzers or attackers. This paper suggests the protection mechanism to apply to the Android apps using security token, rather than general-purpose protection solutions that can be applied in malicious apps. The main features of this technique are that Android app is not properly loaded in the memory when the security token is abnormal or is not inserted and protected parts using the technique are not exposed.