• Nuclear Engineering and Technology
• /
• v.50 no.6
• /
• pp.820-828
• /
• 2018

The growing nuclear threat has amplified the need for developing diverse and accurate nuclear forensics analysis techniques to strengthen nuclear security measures. The work presented here is part of a research effort focused on developing a methodology for reactor-type discrimination of weapons-grade plutonium. To verify the developed methodology, natural $UO_2$ fuel samples were irradiated in a thermal neutron spectrum at the University of Missouri Research Reactor (MURR) and produced approximately $20{\mu}g$ of weapons-grade plutonium test material. Radiation transport simulations of common thermal reactor types that can produce weapons-grade plutonium were performed, and the results are presented here. These simulations were needed to verify whether the plutonium produced in the natural $UO_2$ fuel samples during the experimental irradiation at MURR was a suitable representative to plutonium produced in common thermal reactor types. Also presented are comparisons of fission product and plutonium concentrations obtained from computational simulations of the experimental irradiation at MURR to the nondestructive and destructive measurements of the irradiated natural $UO_2$ fuel samples. Gamma spectroscopy measurements of radioactive fission products were mostly within 10%, mass spectroscopy measurements of the total plutonium mass were within 4%, and mass spectroscopy measurements of stable fission products were mostly within 5%.

• Information Systems Review
• /
• v.17 no.3
• /
• pp.65-76
• /
• 2015

This paper examines the influence of neutralization techniques and voluntary actions on intention to comply information security policy. Data were collected through an online survey and hypothesis results were all hypotheses were supported. The results of this study improve understanding on the voluntary nature of employee behavior for participating in the organization's policies and the rationalization of the employees trying weakening the organization's policy intentions. The organization shoud implement specific education and training in order to suppress the rationalization of employees and develop a plan to have a kinship with the employees of the organization.

• Smart Media Journal
• /
• v.7 no.3
• /
• pp.64-71
• /
• 2018

Utilization of unmanned aerial vehicles (UAVs) are rapidly expanding to various fields ranging from defense, industry, entertainment and personal hobbies. Due to the increased activities of unmanned airplanes, many security problems have emerged, including flight path errors to undesired destinations, secondary threats due to exposed securities caused by the capture of unmanned airplanes in hostile countries. In this paper, we find security vulnerabilities in UAVs such as GPS spoofing, hacking captured video information, malfunction due to signal attenuation through jamming, and exposure of personal information due to image shooting. In order to solve this problem, the stability of the unstructured data is secured by setting the encryption of the video shooting information section using the virtual private network (VPN) to prevent the GPS spoofing attack. In addition, data integrity was ensured by applying personal information encryption and masking techniques to minimize the secondary damage caused by exposure of the UAV and to secure safety. It is expected that it will contribute to the safe use and stimulation of industry in the application field of UAV currently growing.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.11 no.1
• /
• pp.206-215
• /
• 2007

Ad-Hoc network technology is a mobile internet technology of the future that will be used widely not only in Mobile Network but also in Wireless Personal Area Network (WPAN) and Ubiquitous Network For this to occur, distributed routing protocol design, loop prevention for link information reduction in overhead for control messages and route restoration algorithm must be improved or complemented. Security techniques that can guarantee safe com-munication between Ad-Hot nodes net also be provided. This study proposes and evaluates a new authentication mechanism for MANET. The mechanism segregates the roles of certification authority to keep with the dynamic mobility of nodes and handle rapid and random topological changes with minimal over-head. That is, this model is characterized by its high expandability that allows the network to perform authentication service without the influence of joining and leaving nodes. The efficiency and security of this concept was evaluated through simulation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.6
• /
• pp.1127-1136
• /
• 2021

In the field of power analysis attacks, electrical noise and misalignment of the power consumption trace are the major factors that determine the success of the attack. Therefore, several studies have been conducted to overcome this problem, and one of them is a signal processing method based on wavelet transform. Up to now, discrete wavelet transform, which can compress the trace, has been mostly used for power side-channel power analysis because continuous wavelet transform techniques increase data size and analysis time, and there is no efficient scale selection method. In this paper, we propose an efficient scale selection method optimized for power analysis attacks. Furthermore, we show that the analysis performance can be greatly improved when using the proposed method. As a result of the CPA(Correlation Power Analysis) and DDLA(Differential Deep Learning Analysis) experiments, which are non-profiling attacks, we confirmed that the proposed method is effective for noise reduction and trace alignment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.205-214
• /
• 2019

Android uses app cache files to improve app execution performance. However, this optimization technique may raise security issues that need to be examined. In this paper, we present a practical design of "Android app cache manipulation attack" to intentionally modify the cache files of a target app, which can be misused for stealing personal information and performing malicious activities on target apps. Even though the Android framework uses a checksum-based integrity check to protect app cache files, we found that attackers can effectively bypass such checks via the modification of checksum of the target cache files. To demonstrate the feasibility of our attack design, we implemented an attack tool, and performed experiments with real-world Android apps. The experiment results show that 25 apps (86.2%) out of 29 are vulnerable to our attacks. To mitigate app cache manipulation attacks, we suggest two possible defense mechanisms: (1) checking the integrity of app cache files; and (2) applying anti-decompilation techniques.

• Journal of Convergence for Information Technology
• /
• v.9 no.1
• /
• pp.92-98
• /
• 2019

Due to the development of hologram display technology, various studies are being conducted to provide realistic contents for augmented reality. In the case of the HMD for hologram, since augmented reality objects must be rendered by a small processor, it is necessary to use a low-capacity content. To solve this problem, there is a need for a technique of rendering resources by providing resources through a network. In the case of the existing augmented reality system, there is no problem of contents modulation because the resources are loaded and rendered in the internal storage space. However, when providing resources through the network, security problems such as content tampering and malicious code insertion should be considered. Therefore, in this paper, we propose a network rendering technique applying security techniques to provide augmented reality contents in a holographic HMD device.

• Convergence Security Journal
• /
• v.19 no.1
• /
• pp.145-152
• /
• 2019

In the era of the 3rd Offset Strategy led by the 4th Industrial Revolution, the use of robots with AI and autonomous abilities is becoming more active in military field. The 3rd Offset Strategy is based on the technology of the 4th Industrial Revolution, and S. Korea is heavily dependent on US military technology and is directly and indirectly influenced by the military revolutionary strategy and the alliance relationship. There are many issues that need to be addressed beyond technical maturity for both strategies to be successfully applied in the military. However, there are few discussions about these limitations in many studies and media reports in comparison with the advantages of the techniques. This research describes robot ethics & technology unbalance, problems of autonomous functions, display fatigue induced by VR/AR/MR, cyber/network security to be solved for successful strategies, also the solutions are addressed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.4
• /
• pp.153-166
• /
• 2008

According to the growth of the internet and the usage of software agents, the CAPTCHA that is a method for taking apart humans and computers has been widely deployed and used. As the results of many research activities, the CAPTCHA, which is spoken for a distorted image material including random text, has known to be easily breakable via artificial intelligence techniques. As one of alternatives for those text-based CAPTCHAs, methods using photos are concerned and various image-based CAPTCHAs are suggested. However, image-based CAPTCHAs still have some problems. In this paper, we discuss what are the problems in each image-based CAPTCHA and propose a new image-based CAPTCHA using image composition as the solution of those problems. Furthermore, for the secure operation of the CAPTCHA, we suggest a communication protocol that works without the virtual session and consider possible security and usability problems in the protocol.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.3
• /
• pp.135-144
• /
• 2003

An intrusion detection system shows different result over overall detection area according to its detection characteristics of inner detection algorithms or techniques. To expand detection areas, we requires an integrated detection which can be archived both by deploying a few detection systems which detect different detection areas and by combining their results. In addition to expand detection areas, we need to decrease the workload of security managers by false alarms and improve the correctness by minimizing false alerts which happen during the process of integration. In this paper, a method for aggregation detection use fuzzy inference to integrate a vague detection results which imply the characteristics of detection systems. Their analyzed detection characteristics are expressed as fuzzy membership functions and fuzzy rule bases which are applied through the process of fuzzy control. And, it integrate a vague decision results and minimize the number of false alerts by reflecting the characteristics of detection systems. Also it does minimize inference objects by applying thresholds decided through several experiments.