• Journal of the Korea Computer Industry Society
• /
• v.7 no.3
• /
• pp.199-204
• /
• 2006

M-commerce protocols have usually been developed using informal design and verification techniques. However, many security protocols thought to be secure was found to be vulnerable later. With the rise of smart card's usage, mobile e-commerce services with CEPS which is one of e-commerce transaction standards has been increased. In this paper, we describe a methodology to analyze the security of e-commece protocols and identify the security vulnerability of the CEPS based good purchase and e-money load protocols using formal verification technique. Finally, we discuss a countermeasure against the vulnerability in the purchase transaction protocol.

• Annual Conference of KIPS
• /
• 2012.11a
• /
• pp.1100-1103
• /
• 2012

모바일 디바이스의 사용이 활발해지면서 사용자들은 PC에서 사용하는 서비스를 모바일 디바이스로 사용하려고 한다. 모바일 디바이스는 PC에 비해 자원이 한정적이며, 이러한 문제를 클라우드 서비스를 통해 해결하고 있다. 특히 모바일 디바이스의 제한된 저장 공간을 클라우드 스토리지를 이용함으로서 저장공간에 대한 제한성을 해결한다. 하지만 중앙 집중형태로 저장되는 클라우드 스토리지의 보안문제는 아직도 현재 진행형이며, 네트워크상에 다양한 공격 위협으로부터 노출되어 있다. 본 연구에서 모바일 디바이스에서 클라우드 스토리지로 데이터를 저장 할 때 보안을 향상시킬 방법을 제안하고 일반 전송서버와 시간을 비교하였으며 실험을 통해 안정된 성능을 입증하였다.

• Journal of Information Processing Systems
• /
• v.17 no.3
• /
• pp.658-673
• /
• 2021

Data deduplication technology improves data storage efficiency while storing and managing large amounts of data. It reduces storage requirements by determining whether replicated data is being added to storage and omitting these uploads. Data deduplication technologies require data confidentiality and integrity when applied to cloud storage environments, and they require a variety of security measures, such as encryption. However, because the source data cannot be transformed, common encryption techniques generally cannot be applied at the same time as data deduplication. Various studies have been conducted to solve this problem. This white paper describes the basic environment for data deduplication technology. It also analyzes and compares multiple proposed technologies to address security threats.

• International Journal of Computer Science & Network Security
• /
• v.22 no.1
• /
• pp.234-240
• /
• 2022

One of the most discussed topics is cyber security when it comes to web application and how to protect it and protect databases. One of the most widely used and widespread techniques is SQLI, and it is used by hackers and hackers. In this research, we touched on the concept of SQLI and what are its different types, and then we detected a SQLI vulnerability in a website using SQLMAP. Finally, we mentioned different ways to avoid and protect against SQLI.

• International Journal of Computer Science & Network Security
• /
• v.22 no.6
• /
• pp.115-126
• /
• 2022

The goal of this research is to look into different techniques to solve the problem of authorship verification for Arabic short writings. Despite the widespread usage of Twitter among Arabs, short text research has so far focused on authorship verification in languages other than Arabic, such as English, Spanish, and Greek. To the best of the researcher's knowledge, no study has looked into the task of verifying Arabic-language Twitter texts. The impact of Stylometric and TF-IDF features of very brief texts (Arabic Twitter postings) on user verification was explored in this study. In addition, an analytical analysis was done to see how meta-data from Twitter tweets, such as time and source, can help to verify users perform better. This research is significant on the subject of cyber security in Arabic countries.

• International Journal of Computer Science & Network Security
• /
• v.21 no.11
• /
• pp.321-327
• /
• 2021

Mobile devices have recently developed to be an integral part of humans' daily lives because they meet business and personal needs. It is challenging to design a feasible and effective user authentication method for mobile devices because security issues and data privacy threats have significantly increased. Biometric approaches are more effective than traditional authentication methods. Therefore, this paper aims to analyze the existing biometric user authentication methods on mobile platforms, particularly those that use face recognition, to demonstrate the methods' feasibility and challenges. Next, this paper evaluates the methods according to seven characteristics: universality, uniqueness, permanence, collectability, performance, acceptability, and circumvention. Last, this paper suggests that solely using the method of biometric authentication is not enough to identify whether users are authentic based on biometric traits.

• International Journal of Computer Science & Network Security
• /
• v.23 no.8
• /
• pp.33-39
• /
• 2023

The global surge in depression and anxiety, intensified by challenges such as cost and stigma, emphasizes the pressing need for accessible, evidence-based digital solutions. The research centers on the creation of a mobile application specifically designed to address mental health challenges. By integrating cognitive behavioral therapy techniques and features like appointment bookings and mindfulness feedback tools, the app is positioned to improve user outcomes. Utilizing platforms like React Native and React, combined with NestJS for enhanced backend security, the application adheres to the rigorous standards required for mental health interventions. Collaborative efforts with experts, notably the counseling unit of IIUM, ensure the app's alignment with contemporary best practices and research. Preliminary findings indicate a promising tool with the potential to address the global mental health treatment disparity.

• International Journal of Computer Science & Network Security
• /
• v.23 no.3
• /
• pp.187-192
• /
• 2023

With development of information technology and necessity for high security, using different identification methods has become very important. Each biometric feature has its own advantages and disadvantages and choosing each of them depends on our usage. Retinal scanning is a bio scale method for identification. The retina is composed of vessels and optical disk. The vessels distribution pattern is one the remarkable retinal identification methods. In this paper, a new approach is presented for identification via retinal images using LBP and hog methods. In the proposed method, it will be tried to separate the retinal vessels accurately via machine vision techniques which will have good sustainability in rotation and size change. HOG-based or LBP-based methods or their combination can be used for separation and also HSV color space can be used too. Having extracted the features, the similarity criteria can be used for identification. The implementation of proposed method and its comparison with one of the newly-presented methods in this area shows better performance of the proposed method.

• International Journal of Computer Science & Network Security
• /
• v.23 no.7
• /
• pp.23-31
• /
• 2023

This article discusses the sabotage of loops of intruder alarm systems. Although loop alarm systems are now gradually being replaced by digital alarm systems, they are still significantly present in practice. This paper describes two experimentally verified techniques for sabotaging balanced loops. The first technique is based on the jump replacement of the balancing resistor by a fake resistor. The second technique is based on inserting a series-parallel combination of two rheostats into the loop. By alternately changing the resistance of these rheostats, a state is reached where the balancing resistor is shorted by the parallel rheostat and replaced by the series rheostat. Sabotage devices for both attacks are technically simple and inexpensive, so they can be made and used by an amateur. Owners of loop alarm systems should become find out about this threat.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2023.07a
• /
• pp.221-223
• /
• 2023

오늘날 전 세계적으로 연결되어 있는 인터넷을 통해 사용자들은 아무런 제약 없이 의사소통 및 거래 등 다양한 활동을 할 수 있게 되었다. 그러나 이러한 인터넷상의 자유를 범죄의 수단으로 한 인터넷상의 사이버 범죄가 급속하게 증가하고 있다. 특히 인터넷 중 하나로 분류되는 다크웹에서는 심각한 중대 범죄들이 많이 발생하고 있는데, 다크웹은 일반 네트워크와 달리 암호화 기술을 사용하는 특정 네트워크를 통해서만 접속이 가능하기 때문에 사용자에게 익명성과 비밀성을 제공할 수 웹 사이트이다. 이러한 다크웹의 특성으로 인해 마약 거래, 아동 포르노 유포, 개인정보 유출 등 다양한 사이버 범죄가 발생하고 있다. 본 논문에서는 이러한 다크웹 상에서 발생하는 주요 범죄 사례를 알아보고 이에 대한 포렌식 수사 기법의 동향을 살펴보고자 한다.