• Journal of Internet Computing and Services
• /
• v.21 no.1
• /
• pp.179-190
• /
• 2020

In the Unix-like system environment, the GOT overwrite attack is one of the traditional control flow hijacking techniques for exploiting software privileges. Several techniques have been proposed to defend against the GOT overwrite attack, and among them, the Full Relro(Relocation Read only) technique, which blocks GOT overwrites at runtime by arranging the GOT section as read-only in the program startup, has been known as the most effective defense technique. However, it entails loading delay, which limits its application to a program sensitive to startup performance, and it is not currently applied to the library due to problems including a chain loading delay problem caused by nested library dependency. Also, many compilers, including LLVM, do not apply the Full Relro technique by default, so runtime programs are still vulnerable to GOT attacks. In this paper, we propose a GOT protection scheme using the Control Flow Integrity(CFI) technique, which is currently recognized as the most suitable technique for defense against code reuse attacks. We implemented this scheme based on LLVM and applied it to the binutils-gdb program group to evaluate security, performance and compatibility. The GOT protection scheme with CFI is difficult to bypass, fast, and compatible with existing library programs.

• Journal of Korean Society of Disaster and Security
• /
• v.10 no.1
• /
• pp.1-10
• /
• 2017

Recently, increasing cases of ground subsidence in the urban area has become social issue, and related bill has been passed. Ground subsidence occurs through complex combination of various factors, and numerical analysis of this problem is limited thereby. This is why verification of ground subsidence mechanism has been conducted through physical modelling. Previous researches has been focused on modelling ground subsidence caused by utility pipe defects, and there has been insufficient physical modelling study on ground subsidence caused by various reasons such as groundwater flow and excavation activity. Also, most previous physical modelling studies were performed in 1g condition, which cannot take the in-situ stress condition into the evaluation of the ground subsidence mechanism. Therefore, in this study, physical modelling techniques to simulate various conditions is discussed by studying the previous researches on the ground subsidence mechanism through physical modelling. Also, centrifuge modelling test is suggested in this study as the technique to perform more reliable evaluation of ground subsidence mechanism. Lastly, this study suggests to apply the techniques used in the evaluation of ground subsidence mechanism into Ground Stability Assessment.

• Journal of Korean Society of Disaster and Security
• /
• v.14 no.3
• /
• pp.17-27
• /
• 2021

In this study, classification models were built using machine learning techniques that can classify the soil creep risk into three classes from A to C (A: risk, B: moderate, C: good). A total of six machine learning techniques were used: K-Nearest Neighbor, Support Vector Machine, Logistic Regression, Decision Tree, Random Forest, and Extreme Gradient Boosting and then their classification accuracy was analyzed using the nationwide soil creep field survey data in 2019 and 2020. As a result of classification accuracy analysis, all six methods showed excellent accuracy of 0.9 or more. The methods where numerical data were applied for data training showed better performance than the methods based on character data of field survey evaluation table. Moreover, the methods learned with the data group (R1~R4) reflecting the expert opinion had higher accuracy than the field survey evaluation score data group (C1~C4). The machine learning can be used as a tool for prediction of soil creep if high-quality data are continuously secured and updated in the future.

• Journal of the Korea Convergence Society
• /
• v.12 no.7
• /
• pp.143-151
• /
• 2021

Several researchers in the early days have studied the concept of creativity and its definition, but with the emergence of an unprecedented infectious disease, creativity attracts more attention in the academic world these days. It is because the ability to respond to change and create something that did not exist before has become an essential competency for survival. Therefore, we proposes a creativity textbook that can be used for teacher training based on a creative education practical strategy model for the purpose of enhancing the creativity of teachers in the field through analysis of various prior studies on creative education. And also, we developed the textbook to teach the principles of information security using creative storytelling techniques. In the teacher training using the textbook, the survey was conducted with 40 questions consisting of originality, fluency, elaboration, synthesis and organization factors in order to confirm the change in the teacher's creativity, and all factors were significantly improved. The textbooks developed in this study are meaningful in that it has increased the utilization of teachers' field education. We hope that this thesis will provide implications for the development of creative fusion textbooks, and related research will be actively conducted in the future.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.4
• /
• pp.701-713
• /
• 2021

Race Condition is a vulnerability in which two or more processes input or manipulate a common resource at the same time, resulting in unintended results. This vulnerability can lead to problems such as denial of service, elevation of privilege. When a vulnerability occurs in software, the relevant information is documented, but often the cause of the vulnerability or the source code is not disclosed. In this case, analysis at the binary level is necessary to detect the vulnerability. This paper aims to detect the Time-Of-Check Time-Of-Use (TOCTOU) Race Condition vulnerability of UNIX kernel-based File System at the binary level. So far, various detection techniques of static/dynamic analysis techniques have been studied for the vulnerability. Existing vulnerability detection tools using static analysis detect through source code analysis, and there are currently few studies conducted at the binary level. In this paper, we propose a method for detecting TOCTOU Race Condition in File System based on Control Flow Graph and Call Graph through Binary Analysis Platform (BAP), a binary static analysis tool.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.4
• /
• pp.61-75
• /
• 2011

Recently, there is significant increasing of massive attacks, which try to infect PCs that visit websites containing pre-implanted malicious code. When visiting the websites, these hidden malicious codes can gain monetary profit or can send various cyber attacks such as BOTNET for DDoS attacks, personal information theft and, etc. Also, this kind of malicious activities is continuously increasing, and their evasion techniques become professional and intellectual. So far, the current signature-based detection to detect websites, which contain malicious codes has a limitation to prevent internet users from being exposed to malicious codes. Since, it is impossible to detect with only blacklist when an attacker changes the string in the malicious codes proactively. In this paper, we propose a novel approach that can detect unknown malicious code, which is not well detected by a signature-based detection. Our method can detect new malicious codes even though the codes' signatures are not in the pattern database of Anti-Virus program. Moreover, our method can overcome various obfuscation techniques such as the frequent change of the included redirection URL in the malicious codes. Finally, we confirm that our proposed system shows better detection performance rather than MC-Finder, which adopts pattern matching, Google's crawling based malware site detection, and McAfee.

• Journal of Internet of Things and Convergence
• /
• v.8 no.5
• /
• pp.119-125
• /
• 2022

With the recent increase in dementia patients due to aging, measures to prevent their wandering behavior and disappearance are urgently needed. To solve this problem, various authentication methods and location detection techniques have been introduced, but the security problem of personal authentication and a system that can check indoor and outdoor overall was lacking. In order to solve this problem, various authentication methods and location detection techniques have been introduced, but it was difficult to find a system that can check the security problem of personal authentication and indoor/outdoor overall. In this study, we intend to propose a system that can identify personal authentication, basic health status, and overall location indoors and outdoors by using wristband-type wearable devices in a private blockchain environment. In this system, personal authentication uses ECG, which is difficult to forge and highly personally identifiable, Bluetooth beacon that is easy to use with low power, non-contact and automatic transmission and reception indoors, and DGPS that corrects the pseudorange error of GPS satellites outdoors. It is intended to detect wandering behavior and abnormal signs by locating the patient. Through this, it is intended to contribute to the prompt response and prevention of disappearance in case of wandering behavior and abnormal symptoms of dementia patients living at home or in nursing homes.

• Journal of Korean Society of Disaster and Security
• /
• v.15 no.3
• /
• pp.101-113
• /
• 2022

This study is planned with the aim of developing a systematic construction process based on the scientific and engineering theory of the water-sealing grouting construction applied to the tunnel excavation process during the construction of the downtown underground traffic network, so that the construction quality of the relatively backward domestic tunnel water-sealing grouting construction is improved and continuously maintained no matter who constructs it. The main contents of the improved tunnel water-sealing grouting can be largely examined in the classification of tunnel water-sealing grouting application and the definition of grouting materials, the correlation analysis of groundwater pressure conditions with groundwater inflow, the study of the characteristic factors of bedrock, and the element technologies and injection management techniques required for grouting construction. Looking at the trends in global research, research in the field of theoretical-based science and engineering grouting is actively progressing in Nordic countries (Sweden, Finland, Norway, etc.), Japan, Germany, and the United States. Therefore, in this study, the algorithm is established through theoretical analysis of the elements of tunnel water-sealing grouting construction techniques to provide an integrated solution including a construction process that can effectively construct tunnel water-sealing grouting construction.

• Journal of Digital Contents Society
• /
• v.16 no.3
• /
• pp.389-395
• /
• 2015

Digital image provides many conveniences at the internet environment recently. A great number of applications, like Digital Library, Stock Image, Personal Image and Important Information, require the use of digital image. However it has fatal defect which is easy to be modified because digital image is only electronic file. Numerous digital image forgeries have become a serious problem due to the sophistication and accessibility of image editing software. Copy-Move forgery is the simplest type of forgery that involves copying portion of an image and paste it on different location within the image. There are many approaches to detect Copy-Move forgery, but all of them have their own limitations. In this paper, visual and invisible feature based forgery detection techniques are tested and analyzed. The analysis shows that pros and cons of these two techniques compensate each other. Therefore, a hybrid of visual based and invisible feature based forgery detection that combine the merits of both techniques is proposed. The experimental results show that the proposed algorithm has enhanced performance compared to individual techniques. Moreover, it provides more information about the forgery, like identifying copy and duplicate regions.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.17 no.1
• /
• pp.17-24
• /
• 2024

In this paper, we propose a highly secure technique to hide confidential data in image pixels using a quadruple encryption techniques. In the proposed technique, the boundary surface where the image outline exists and the flat surface with little change in pixel values are investigated. At the boundary of the image, in order to preserve the characteristics of the boundary, one bit of confidential data that has been multiply encrypted is spatially encrypted again in the LSB of the pixel located at the boundary to hide the confidential data. At the boundary of an image, in order to preserve the characteristics of the boundary, one bit of confidential data that is multiplely encrypted is hidden in the LSB of the pixel located at the boundary by spatially encrypting it. In pixels that are not on the border of the image but on a flat surface with little change in pixel value, 2-bit confidential data that is multiply encrypted is hidden in the lower 2 bits of the pixel using location-based encryption and spatial encryption techniques. When applying the proposed technique to hide confidential data, the image quality of the stego-image is up to 49.64dB, and the amount of confidential data hidden increases by up to 92.2% compared to the existing LSB method. Without an encryption key, the encrypted confidential data hidden in the stego-image cannot be extracted, and even if extracted, it cannot be decrypted, so the security of the confidential data hidden in the stego-image is maintained very strongly. The proposed technique can be effectively used to hide copyright information in general commercial images such as webtoons that do not require the use of reversible data hiding techniques.