• The Journal of the Society of Korean Medicine Diagnostics
• /
• v.17 no.2
• /
• pp.77-89
• /
• 2013

Objectives Tongue diagnosis is an important diagnostic method in traditional Eastern medicine, and it has a high potential to be used in the future healthcare because of easy, quick, and non-contact measuring features. Recently, research and development efforts on computerized tongue diagnosis systems (CTDS) have been active that led to the technical advancements in the field of photographing techniques, image extraction and classification algorithms. In this study, we analyzed the trends in the CTDS patents. Using the WIPS search engine (www.wipsglobal.com), quantitative and qualitative patent analyses were performed through Korea, China, Japan, U.S.A and Europe. Methods For a systematic search and data analysis, we defined patent categories based on the application area and technical details. By applying thus-obtained categorical key words, we obtained 360 relevant patents on photographing techniques, image extraction and classification algorithms for the purpose of diagnosis or security. Results As a result, companies related to image acquisition, medical imaging and mobile devices and research groups of universities in East Asia were major patent applicants. In all the five countries, the number of patents have been increasing since 1980. In particular, technology related to color correction and image segmentation were most actively patented categories, and expected to continue a high application rate.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.1
• /
• pp.61-71
• /
• 2017

ARP Spoofing is a basic and core hacking technology for almost all sniffing. It makes change the flow of packets by faking the 2nd layer MAC address. In this paper we suggested an efficient hacking technology for sniffing remote servers in the switched network environment. The suggested 'Faked ARP Reply Unicast Spoofing' makes the bidirectional packets sniffing possible between the client and server, and it makes simplify the procedures for ARP sniffing and hacking program. In this paper we researched the network hacking and implementation technologies based on the suggested ARP spoofing. And we researched various types of servers hacking such as Root ID and PW of Telnet/FTP server, Root ID and PW of MySQL DB server, ID and PW of Web Portal Server, and account information and transaction history of Web Banking Server. And also we researched the implementation techniques of core hacking programs for the ARP Spoofing.

• Journal of Advanced Navigation Technology
• /
• v.16 no.1
• /
• pp.41-53
• /
• 2012

The technologies used by the malicious codes have been being advanced and complicated through a merge of the existing techniques, while the damages by the malicious codes are moving from individuals and industries to organizations and countries. In this situation, the security experts are corresponding with the static analysis and the dynamic analysis such as signature searching and reverse engineering, respectively. However, they have had a hard time to respond against the obfuscated intelligent new zero day malicious codes. Therefore, it is required to prepare a process for a preliminary investigation and consequent detailed investigation on the infection sequence and the hiding mechanism to neutralize the malicious code. In this paper, we studied the formalization of the process against the infection sequence and the file hiding techniques with an empirical application to the Rustock malicious code that is most notorious as a spammer. Using the result, it is expected to promptly respond to newly released malicious codes.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.10a
• /
• pp.744-748
• /
• 2012

Botnet is a network that consists of bot hosts infected by malware. The C&C server of centralized botnet, which is being used widely, is relatively easy to detect, while detecting P2P botnet is not a trivial problem because of the existence of many avoiding techniques. In this paper, we separate the network into inner and outer sub-network at the location of the router, and analyze the method of detecting botnet using path of packet and infection probability. We have extended Dye-Pumping algorithm in order to detect P2P botnet members more accurately, and we expect that the analysis of the results can be used as a basis of techniques that detect and block P2P botnet in the networks.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.4
• /
• pp.709-719
• /
• 2015

This paper introduces a proper renaming service using variable action and security services against the analysis techniques in Java code. The renaming service that is introduced is separated into API pattern and loop condition. We present our scheme algorithm with known Java obfuscation techniques and tools in order to help readers understanding, and implement prototype to prove practicality in this paper. Test result using prototype shows 73% successful variable renaming rate. Using our scheme, cooperators can intuitionally understand all of code. Also, It helps malware analysts to predict malware action by variable name. But application source code that is developed by Java is exposed to hackers easily using our scheme. So we introduce Java application code protection methods, too.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.6
• /
• pp.41-50
• /
• 2011

Code obfuscation has been proposed to protect codes in a program from malicious software reverse engineering. It converts a program into an equivalent one that is more difficult to understand the program. Code obfuscation has been classified into various obfuscation technique such as layout, data, control, by obfuscating goals. In those obfuscation techniques, control obfuscation is intended to complicate the control flow in a program to protect abstract information of control flow. For protecting control flow in a program, various control obfuscation transformation techniques have been proposed. However, strategies for effectively applying a control flow obfuscation to program have not been proposed yet. In this paper, we proposed a obfuscation strategy that effectively applies a control flow obfuscation transformation to a program. We conducted experiment to show that the proposed obfuscation strategy is useful for applying a control flow transformation to a program.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.2B
• /
• pp.107-118
• /
• 2009

In this paper, we present design and implementation for identification and location tracking techniques for vehicle information terminals in high-speed mobile environment using IEEE 802.11 wireless LAN technology. RSU be installed at a specific point. RSU recognizes it and then aware identification and location tracking for target vehicle when target vehicle that is equipped with information terminals pass near point. Issue of quick recognition using IEEE 802.11 access management frame, issue of weak wireless LAN security and tracking a range of restrictions be raised and we present solutions. Vehicle information terminal, RSU and a server-side GUI-based management program be implemented based on proposed solution. Implementation system be performed experiment at actual road environment and effectiveness be verified.

• KIPS Transactions on Computer and Communication Systems
• /
• v.6 no.3
• /
• pp.159-168
• /
• 2017

Smartphone malware has increased because Smartphone users has increased and smartphones are widely used in everyday life. Since 2012, Android has been the most mobile operating system. Owing to the open nature of Android, countless malware are in Android markets that seriously threaten Android security. Most of Android malware detection program does not detect malware to which bypass techniques apply and also does not detect unknown malware. In this paper, we propose lightweight method for detection of Android malware using static analysis and deep learning techniques. For experiments we crawl 7,000 apps from the Google Play Store and collect 6,120 malwares. The result show that proposed method can achieve 98.05% detection accuracy. Also, proposed method can detect about unknown malware families with good performance. On smartphones, the method requires 10 seconds for an analysis on average.

• Journal of Digital Convergence
• /
• v.13 no.1
• /
• pp.263-268
• /
• 2015

Put your information in the object-based sensors and mobile networks has been developed that correlate with ubiquitous information technology as the development of IT technology. However, a security solution is to have the data stored in the server, what minimal conditions. In this paper, we propose a data management method is applied to a hash chain of the properties of the multiple techniques to the data used by the big user and the data services to ensure safe handling large amounts of data being provided in the big data services. Improves the safety of the data tied to the hash chain for the classification to classify the attributes of the data attribute information according to the type of data used for the big data services, functions and characteristics of the proposed method. Also, the distributed processing of big data by utilizing the access control information of the hash chain to connect the data attribute information to a geographically dispersed data easily accessible techniques are proposed.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.241-244
• /
• 2011

Recently, Due to development of Internet techniques, user suddenly increased that Used of Web services and with out constraints of place and time has been provided. typically, Web services used ID/Password authentication. User confirmed personal data Stored on Web servers after user authorized. web service provider is to provide variety security techniques for the protection personal information. However, recently accident has happened is the malicious attackers may capture user information such as users entered personal information through new keyboard hooking. In this paper, we propose a keyboard hooking protected password input method using CAPTCHA. The proposed password input method is based on entering the password using mouse click or touch pad on the CAPTCHA image. The mapping of CAPTCHA image pixels is random.