• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.4
• /
• pp.1024-1030
• /
• 2015

Safety and security system have been internationally enhanced in a field of shipping logistics. Accordingly, techniques for safety and security have been studied steadily. The need of portable radiation detection device is increasing by the search of the container is enhanced. In this paper, we propose a study to improve the life of the system and the realization of portable radiation detection device based on Cortex-A9. Configuration of a portable radiation detection device is configured largely to an analog board and the digital platform and the sensor module. The power used in each stage of the analog board is varied. Uses a switching regulator to use various power supply thereby to generate an error result and cause the switching noise. It is proposed to reduce the power consumption reducing technique for the study.

• The Journal of the Korea Contents Association
• /
• v.14 no.11
• /
• pp.39-49
• /
• 2014

Cyber threats on the Internet are tremendously increasing and their techniques are also evolving constantly. Intrusion Detection System (IDS) is one of the powerful solutions for detecting and analyzing the cyber attacks in realtime. Most organizations deploy it into their networks and operate it for security monitoring and response service. However, IDS has a fatal problem in that it raises a large number of alerts and most of them are false positives. In order to cope with this problem, many approaches have been proposed for the purpose of automatically identifying whether the IDS alerts are caused by real attacks or not. In this paper, we present an alert verification method based on correlation analysis between vulnerability inspection results for real systems that should be protected and the IDS alerts. In addition, we carry out practical experiments to demonstrate the effectiveness of the proposed verification method using two types of real data, i.e., the IDS alerts and the vulnerability inspection results.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.13 no.4
• /
• pp.141-151
• /
• 2017

Nowadays, It is undeniable that the threat of network security is growing as time flows due to worldwide development of wire/wireless, various Internet platform and sophisticated hacking techniques. The amount of traffics that Network security solution has to handle is increasing and recently many occurrence of explosive traffic attacks from PulseWave are being observed which has many similar characteristics to New DDos. Medium and small sized firms abroad have developed and distributed Snort and Suricata that are based on open-source Intrusion Detection System(IDS) / Intrusion Prevention System (IPS). The goal of this study is to compare between Windows7 by applying suicata 4.0.0 32bit version and Ubuntu 16.04.3 LTS by applying suicata 4.0.0 version which is an open source Intrusion Detection System / Intrusion Protection System that uses multi threads method. This experiment's environment was set as followed C1100 server model of Dell, Intel Xeon CPU L5520 2.27GHz*2 with 8 cores and 16 threads, 72GB of RAM, Samsung SSD 250GB*4 of HDD which was set on RAID0. According to the result, Suricata in Ubuntu is superior to Suricata in Windows7 in performance and this result indicates that Ubuntu's performance is far advanced than Windows7. This meaningful result is derived because Ubuntu that applied Suricata used multi core CPU and RAM more effectively.

• Journal of Korea Multimedia Society
• /
• v.6 no.4
• /
• pp.620-629
• /
• 2003

Fingerprinting schemes are techniques applied to protect the copyright on digital goods. These enable the merchants to identify the source of illegal redistribution. Let us assume the following situations connectedly happen: As a beginning, buyer who bought digital goods illegally distributed it, next the merchant who found it revealed identity of the buyer/traitor, then the goods is illegally distributed again. After this, we describe it as“The second illegal redistribution”. In most of anonymous fingerprinting, upon finding a redistributed copy, a merchant extracts the buyer's secret information from the copy and identifies a traitor using it. Thus the merchant can know the traitor's secret information (digital fingerprints) after identification step. The problem of the second illegal distribution is that there is a possibility of the merchant's fraud and the buyer's abuse: that is a dishonest employee of the merchant might just as well have redistributed the copy as by the buyer, or the merchant as such may want to gain money by wrongly claiming that the buyer illegally distributed it once more. The buyer also can illegally redistribute the copy again. Thus if the copy turns up, one cannot really assign responsibility to one of them. In this paper, we suggest solution of this problem using two-level fingerprinting. As a result, our scheme protects the buyer and the merchant under any conditions in sense that (1) the merchant can obtain means to prove to a third party that the buyer redistributed the copy. (2) the buyer cannot worry about being branded with infamy as a traitor again later if he never distribute it.

• Journal of Advanced Navigation Technology
• /
• v.21 no.1
• /
• pp.145-152
• /
• 2017

As a popularization of small UAS to have improved flight performance and easiness of controlling, the UAS industry is increased and also small UAS is to be a new threat for airspace security of national strategic infrastructure. Rising the new threat makes the negative side effect of small UAS operation. This phenomena brought to new R&D needs "defense system" for small UAS/UAV - called Anti-Drone. The paper addressed case study of defects, accidents and threats by small UAS/UAV as world wide level, and research and development trend of UAS defense system as each technical category - CONOP (Concept of Operation), identification/recognition method and control/supremacy techniques. As a result, this suggests the direction what and where drone defense system should be applied first and required for Korean society in the view of society system (regime) and a point of view for minimizing side effect as UAS popularization.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.9B
• /
• pp.1073-1081
• /
• 2011

An URL parameter can hold some information that is confidential or vulnerable to illegitimate tampering. We propose Link-E-Param(Link with Encrypted Parameters) to protect the whole URL parameter names as well as their values. Unlike other techniques concealing only some of the URL parameters, it will successfully discourage attacks based on URL analysis to steal secret information on the Web sites. We implement Link-E-Param in the form of a servlet filter to be deployed on any Java Web server by simply copying a jar file and setting a few configuration values. Thus it can be used for any existing Web application without modifying the application. It also supports numerous encryption algorithms to choose from. Experiments show that our implementation induces only 2~3% increase in user response time due to encryption and decryption, which is deemed acceptable.

• The KIPS Transactions:PartC
• /
• v.18C no.5
• /
• pp.327-330
• /
• 2011

After releasing the smart phone equipping the strong computational capability compared to traditional mobil phone, a field of services, which is available on the personal computers, is expanded to smart phone. The development of technology reduces the limited service utilization on time and space but it has a venerability exposing an information to malicious user. Especially we need to more attention when using the financial services which communicate the user's private information. To solve the security problem, OTP(One Time Pad), which uses a private key for a session, is recommended. OTP techniques in smart phone having focused on traditional environments have been proposed and implemented. However, security over mobile environments is more vulnerable to attack and has restriction on resources than traditional system. For this reason, definition of proper conceptual OTP on smart phone is required. In the paper, we present the L-OTP(Location-OTP) protocol, using T-OTP(Time One Time Pad) technique with location information. Proposal generates the OTP using unique location information which is obtained in smart phone.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.3-8
• /
• 2004

The majority of recent intrusions reveal that the attackers do not use the previous intrusion techniques or network flaw, rather they tend to use the vulnerabilities residing inside the program, which are the running programs on the system or the processes for the service. Therefore, the security managers must focus on updating the programs with lots of time and efforts. Developers also need to patch continuously to update the program, which is a lot of burden for them. In order to solve the problem, we need to understand the vulnerabilities in the program, which has been studied for some time. And also we need to analyze the functions that contains some vulnerabilities inside. In this paper, we first analyzed the vulnerabilities of the standard C library, and Win32 API functions used in various programs. And then we described the design and implementation of the automated scanning tool for writing secure source code based on the analysis.

• Convergence Security Journal
• /
• v.7 no.1
• /
• pp.63-75
• /
• 2007

Most of computer systems to be connected to network have been exposed to some network attacks and became to targets of system attack. System managers have established the IDS to prevent the system attacks over network. The previous IDS have decided intrusions detecting the requested connection packets more than critical values in order to detect attacks. This techniques have False Positive possibilities and have difficulties to detect the slow scan increasing the time between sending scan probes and the coordinated scan originating from multiple hosts. We propose the port scan detection rules detecting the RST/ACK flag packets to request some abnormal connections and design the data structures capturing some of packets. This proposed system is decreased a False Positive possibility and can detect the slow scan, because a few data can be maintained for long times. This system can also detect the coordinated scan effectively detecting the RST/ACK flag packets to be occurred the target system.

• Convergence Security Journal
• /
• v.14 no.6_2
• /
• pp.83-88
• /
• 2014

First investigation is urgent investigation activities to arrest and to obtain evidence at the beginning of the incident. If the first investigation is wrong, the crime will not be solved or a lot of evidence will be disappeared. Therefore, if the first investigation is wrong, Wasting a lot of manpower and budget, or the other victims are to occur. First investigation is the crime scene centered investigation, victim centered investigation and damaged goods centered investigation. The crime scene centered investigation is the investigation on the discovery of dropped objects, to confirm thd date of offense, on the discovery of witnesses. Victim centered investigation is the investigation of victim's personal information, the living conditions of the family, fellowship and home interior matter. Damaged goods centered investigation is the investigation on the place of crime damaged goods and the movement route of crime damaged goods. In order to reinforce the investigative capacity of police first investigation, It is needed to reinforce the education on the first investigation, to conduct continuously for FTX (field training), to product the manual for first investigation, to build a case analysis system, to develop of forensic techniques and the coordination of national. The police should be giving people faith from the first investigation.