• Journal of Digital Convergence
• /
• v.14 no.7
• /
• pp.373-383
• /
• 2016

With mobile-epoch and emerging of Fin-tech, Bio-recognition technology utilizing bio-information in secure method has spread. Specially, In order to change convenient payment services and transportation cards, the combination of biometrics and mobile services are being expanded. The basic concept of authentication such as access control, IA&A, OpenID, OAuth 1.0a, SSO, and Biometrics techniques are investigated, and the protocol stack for security API platform, FIDO, SCIM, OAuth 2.0, JSON Identity Suite, Keystone of OpenStack, Cloud-based SSO, and AIM Agent are described detailed in aspect of application of AIM. The authentication technology in domestic and foreign will accelerate technology development and research of standardization centered in the federated FIDO Universal Authentication Framework(UAF) and Universal 2 Factor Framework(U2F). To accommodate the changing needs of the social computing paradigm recently in this paper, the trends of various authentication technology, and design and function of AIM framework was defined.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.16 no.11
• /
• pp.7541-7548
• /
• 2015

Wireless Sensor Networks is the technology which is used in explore role for military purposes, as well as various fields such as industrial equipment management, process management, and leverage available technologies by distributing node into various areas. but there are some limitations about energy, processing power, and memory storage capacity in wireless sensor networks environment, because of tiny hardware, so various routing protocols are proposed to overcome it. however existing routing protocols are very vulnerable in the intercommunication, because they focus on energy efficiency, and they can't use existing encryption for it, Because of sensor's limitations such like processing power and memory. Therefore, this paper propose mutual authentication scheme that prevent various security threats by using mutual authentication techniques and, Key generation and updating system as taking into account energy efficiency.

• KIPS Transactions on Computer and Communication Systems
• /
• v.4 no.10
• /
• pp.349-360
• /
• 2015

In recent year, phishing attacks are flooding with services based on the web technology. Phishing is affecting online security significantly day by day with the vulnerability of web pages. To prevent phishing attacks, a lot of anti-phishing techniques has been made with their own advantages and dis-advantages respectively, but the phishing attack has not been eradicated completely yet. In this paper, we have studied phishing in detail and categorize a process of phishing attack in two parts - Landing-phase, Attack-phase. In addition, we propose an phishing detection methodology based on web sites heuristic. To extract web sites features, we focus on URL and source codes of web sites. To evaluate performance of the suggested method, set up an experiment and analyze its results. Our methodology indicates the detection accuracy of 98.9% with random forest algorithm. The evaluation of proof-of-concept reveals that web site features can be used for phishing detection.

• Journal of the Society of Disaster Information
• /
• v.8 no.4
• /
• pp.384-390
• /
• 2012

This study attempts to test the effects of neighborhoods on children and adolescents' alcohol, cigarette and marijuana use. Theoretically, this study was guided by Akers' (1998) SSSL model as potential explanations for understanding the linkage and provided partial test of the model. More specifically, it aims to test the mediation effects of one of core propositions of the SSSL model; whether differential association with deviant peers as well as with conforming peers mediates social disorganization of neighborhoods on adolescent substance and drug use in a different direction. Using multilevel regression techniques with robust standard error, this study utilized data from 1,791 children and adolescents who were nested in 80 neighborhoods in Chicago. The findings of the study provide mixed supports for the SSSL model. That is, it found that there are not only mediation effects but also moderation effects of differential association on children and adolescents' substance and drug use.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.3 no.4
• /
• pp.28-34
• /
• 2010

In this paper, we proposes a emergency medical information system for predicting emergency situation by using the body's vital signs. Main research of existing emergency system has focused on body sensor networks. The problem of these studies have a delay of the emergency first aid since occurring of an emergency situation send a message of emergency situation to user. In the serious situation, patients of these problem can lead to death. To solve this problem, it need to the prediction of emergency situation for doing quickly the First Aid with identify signs of a pre-emergency situations until an emergency occurs. In this paper, the sensor network technology, the security technology, the internet information retrieval techniques, data mining technology, and medical information are studied for the convergence of medical information systems of the prediction of emergency situations.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.11 no.5
• /
• pp.593-600
• /
• 2018

Owing to the advancement of Internet and smart devices, access to various media such as social media became easy; thus, a large amount of big data is being produced. Particularly, the companies that provide various Internet services are analyzing the big data by using the MapReduce-based big data analysis techniques to investigate the customer preferences and patterns and strengthen the security. However, with MapReduce, when the big data is analyzed by defining the number of reducer objects generated in the reduce stage as one, the processing rate of big data analysis decreases. Therefore, in this paper, a MapReduce-based split big data analysis method is proposed to improve the log analysis processing rate. The proposed method separates the reducer partitioning stage and the analysis result combining stage and improves the big data processing rate by decreasing the bottleneck phenomenon by generating the number of reducer objects dynamically.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.11
• /
• pp.2067-2072
• /
• 2016

Recently, due to the development of attack techniques that can circumvent existing information protection systems, continuous threats in a form unrecognized by the user have threatened information assets. Therefore, it is necessary to support the prompt responses to anticipated attempts of APT attacks, bypass access attacks, and encryption packet attacks, which the existing systems have difficulty defending against through a single response, and to continuously monitor information protection systems with a defense strategy based on Indicators of Attack (IOA). In this paper, I suggest a centralized intelligent information protection system to support the intelligent response to a violation by discerning important assets through prevention control in a performance impact assessment about information properties in order to block the attack routes of APT; establishing information control policies through weakness/risk analyses in order to remove the risks in advance; establishing detection control by restricting interior/exterior bypass networks to server access and monitoring encrypted communications; and lastly, performing related corrective control through backup/restoration.

• Journal of KIISE
• /
• v.42 no.5
• /
• pp.652-663
• /
• 2015

Due to the popularity of location-based services, the amount of generated spatial data in daily life has been dramatically increasing. Therefore, spatial database outsourcing has become popular for data owners to reduce the spatial database management cost. The most important consideration in database outsourcing is meeting the privacy requirements and guarantying the integrity of the query result. However, most of existing database transformation techniques do not support both of the data privacy and integrity of the query result. To solve this problem, we propose a spatial data transformation scheme that utilizes the shearing transformation with rotation shifting. In addition, we described the attack models to measure the data privacy of database transformation schemes. Finally, we demonstrated through the experimental evaluations that our scheme provides high level of data protection against different kinds of attack models, compared to the existing schemes, while guaranteeing the integrity of the query result sets.

• The KIPS Transactions:PartD
• /
• v.15D no.5
• /
• pp.669-680
• /
• 2008

There are various studies about AOP(Aspect-Oriented Programming) which modularizes cross-cutting concerns like logging and security effectively. But, we need to utilize techniques which specify the information of aspects modularizing cross-cutting concerns and detailed join information between aspects and targets. We propose a specification technique for aspects which focuses on clarifying the join information between aspects and targets. The technique includes the activities of specifying aspects, defining priority, specifying join information, and specifying pointcuts. We describe the join matrix which represents relationships of aspects and targets and the pointcut specification which is made by analyzing the commonality of join points. The proposed specification technique supports detailed information of the aspects and the join information between aspects and targets so that we can use detailed information to implement aspects.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.11 no.7
• /
• pp.1367-1372
• /
• 2007

This paper suggests One-time Password key exchange authentication technique for a strong authentication based on MANET and through identify wireless environment security vulnerabilities, analyzes current authentication techniques. The suggested authentication technique consists of 3 steps: Routing, Registration, and Running. The Routing step sets a safe route using AODV protocol. The Registration and Running step apply the One-time password S/key and the DH-EKE based on the password, for source node authentication. In setting the Session key for safe packet transmission and data encryption, the suggested authentication technique encrypts message as H(pwd) verifiers, performs key exchange and utilizes One time password for the password possession verification and the efficiency enhancement. EKE sets end to end session key using the DH-EKE in which it expounds the identifier to hash function with the modula exponent. A safe session key exchange is possible through encryption of the H(pwd) verifier. The suggested authentication technique requires exponentiation and is applicable in the wireless network environment because it transmits data at a time for key sharing, which proves it is a strong and reliable authentication technique based on the complete MANET.