• Korean Security Journal
• /
• no.8
• /
• pp.361-377
• /
• 2004

This study is to examine the relations between the big five critical crime that consist of homicide, robbery, rape, theft, violence and the private security services. To achieve this objective, this research selected the subject of study, specially, 2002 status of the private security such as the number of companies and employees classified by areas along with the big five crime mentioned above classified by area. The research data is secondary data that is from '2003 Crime Analysis' of the Supreme Public Prosecutors' Office and 'The private Security Related Data' of the National Police Agency. The selected data were analyzed according to the variables by using SPSS 10.0 statistics software program. Each hypothesis was verified around the level of significance ${\alpha}$=.05 by using the statistical techniques, such as Descriptive Statistics, Correlation, Regression, etc. The following was the result of the study, First, the total number of the big five crime affects the number of the companies at significant level. Second, the number of the security companies can be explained by the each total number of the big five crime in the order of theft, robbery, violence, rape and murder. Third, the total number of the big five crime affects the number of the security employees at significant level. Forth the number of the security employees can be explained by the each total number of the big five crime in the order of theft, robbery, violence, rape and murder.

• Korean Security Journal
• /
• no.13
• /
• pp.487-505
• /
• 2007

This study is to examine relations between the number of occurrence of big five critical crimes that consist of homicide, robbery, rape, theft, violence and the number of the security companies and the security guards, and between the number of the security companies, the security guards and the number of arrests from the big five critical crimes. To achieve this objective, this research selects a subject of study, the number of the security companies and security guards, and the number of occurrences of the big five critical crimes and arrests of the big five crimes from 1990 to 2005. The selected data are then analyzed according to the variables using SPSS 12.0. Each hypothesis is verified with the level of significance ${\alpha}$=.05 using the statistical techniques such as Correlation Analysis, Regression Analysis, etc. The following is the result of the study: First, the number of occurrences of the big five critical crimes affects the number of the security companies at a significant level. Second, the number of the security companies affects the number of arrests of the big five crime at a significant level.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.3
• /
• pp.9-21
• /
• 2010

Recently, famous online shopping websites were hit by hacking attack, and many users' personal information such as ID, password, account number, personal number, credit card number etc. were compromised. Hackers are continuing to attack online shopping websites, and the number of victims of these hacking is increasing. Especially, the exposure of credit card numbers is dangerous, because hackers maliciously use disclosed card numbers to gain money. In 2007 Financial Cryptography Conference, Ian Molly et al. firstly proposed dynamic card number generator, but it doesn't meet reuse resistant. In this paper, we analyzed security weaknesses of Ian Molly's scheme, and we proposed a new one-time virtual card number generator using a mobile device which meets security requirements of one-time virtual card numbers. Then, we propose one-time credit card number generation and transaction protocol using Integrated Authentication Center for user convenience and security enhancement.

• Journal of Information Processing Systems
• /
• v.14 no.3
• /
• pp.740-750
• /
• 2018

There are a great number of Internet-connected devices and their information can be acquired through an Internet-wide scanning tool. By associating device information with publicly known security vulnerabilities, security experts are able to determine whether a particular device is vulnerable. Currently, the identification of the device information and its related vulnerabilities is manually carried out. It is necessary to automate the process to identify a huge number of Internet-connected devices in order to analyze more than one hundred thousand security vulnerabilities. In this paper, we propose a method of automatically generating device information in the Common Platform Enumeration (CPE) format from banner text to discover potentially weak devices having the Common Vulnerabilities Exposures (CVE) vulnerability. We demonstrated that our proposed method can distinguish as much adequate CPE information as possible in the service banner.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.2
• /
• pp.145-185
• /
• 2007

A resident registration number is used to confirm and prove his/her identity in a government/non-governmental agency. It is a essential requirement to become the registered member on internet website in Korea. It is serious problem that the resident registration number and name are outflowed in internet and misused by others. So the MIC(Ministry of Information and Communication) in Korea plans and operates the identification system using I-PIN that integrate 5 alternative methods of resident registration number. In this paper, we analyze the problem about the method of 5 I-PIN services and show the security analysis on the implementation vulnerabilities of I-PIN services. we also analyze 17 websites that provides identification system using I-PIN. Finally, we analyze the overall problem of I-PIN service and propose the countermeasure about the problem.

• Journal of the Korea Society of Computer and Information
• /
• v.26 no.12
• /
• pp.283-288
• /
• 2021

The purpose of this paper is to provide basic data for related studies by comparing and analyzing crimes committed by security guards through criminal statistical analysis, and to contribute to the sound development of the private security industry by strengthening the professional ethics of security guards and reducing guard crimes. The purpose. As a results of a comparative analysis of the number of crimes by security guards and the crime rate are as follows. Although the total number of crimes committed in Korea and the number of crimes committed by security guards decreased every year, the crime rate of security guards was higher than the average crime rate. felonious crimes, violent crimes, customs crimes, and special economic crimes were consistently high. As a countermeasure against the results, first, interest in security guard crimes as perpetrators rather than as victims, second, reinforcement of professional ethics education through new training and job training, third, academic development and systematic It appeared as a specification of the definition and current status of security guards for the study.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.65 no.12
• /
• pp.2240-2250
• /
• 2016

MIFARE Classic is the most popular contactless smart card, which is primarily used in the management of access control and public transport payment systems. It has several security features such as the proprietary stream cipher Crypto 1, a challenge-response mutual authentication protocol, and a random number generator. Unfortunately, multiple studies have reported structural flaws in its security features. Furthermore, various attack methods that target genuine MIFARE Classic cards or readers have been proposed to crack the card. From a practical perspective, these attacks can be partitioned according to the attacker's ability. However, this measure is insufficient to determine the optimal attack flow due to the refined random number generator. Most card-only attack methods assume a predicted or fixed random number, whereas several commercial cards use unpredictable and unfixable random numbers. In this paper, we propose optimal MIFARE Classic attack procedures with regards to the type of random number generator, as well as an adversary's ability. In addition, we show actual attack results from our portable experimental setup, which is comprised of a commercially developed attack device, a smartphone, and our own application retrieving secret data and sector key.

• ETRI Journal
• /
• v.42 no.6
• /
• pp.951-964
• /
• 2020

This paper presents a lightweight true random number generator (TRNG) using beta radiation that is useful for Internet of Things (IoT) security. In general, a random number generator (RNG) is required for all secure communication devices because random numbers are needed to generate encryption keys. Most RNGs are computer algorithms and use physical noise as their seed. However, it is difficult to obtain physical noise in small IoT devices. Since IoT security functions are required in almost all countries, IoT devices must be equipped with security algorithms that can pass the cryptographic module validation programs of each country. In this regard, it is very cumbersome to embed security algorithms, random number generation algorithms, and even physical noise sources in small IoT devices. Therefore, this paper introduces a lightweight TRNG comprising a thin-film beta-radiation source and integrated circuits (ICs). Although the ICs are currently being designed, the IC design was functionally verified at the board level. Our random numbers are output from a verification board and tested according to National Institute of Standards and Technology standards.

• International Journal of Computer Science & Network Security
• /
• v.24 no.4
• /
• pp.77-86
• /
• 2024

Using random numbers to represent uncertainty and unpredictability is essential in many industries. This is crucial in disciplines like computer science, cryptography, and statistics where the use of randomness helps to guarantee the security and dependability of systems and procedures. In computer science, random number generation is used to generate passwords, keys, and other security tokens as well as to add randomness to algorithms and simulations. According to recent research, the hardware random number generators used in billions of Internet of Things devices do not produce enough entropy. This article describes how raw data gathered by IoT system sensors can be used to generate random numbers for cryptography systems and also examines the results of these random numbers. The results obtained have been validated by successfully passing the FIPS 140-1 and NIST 800-22 test suites.

• Journal of information and communication convergence engineering
• /
• v.9 no.6
• /
• pp.701-705
• /
• 2011

RFID is a widely adopted in the field of identification technology these days. Radio Frequency IDentification (RFID) has wide applications in many areas including manufacturing, healthcare, and transportation. Because limited resource RFID tags are used, various risks could threaten their abilities to provide essential services to users. A number of RFID protocols have done by researcher in order to protect against some malicious attacks and threat. Existing RFID protocols are able to resolve a number of security and privacy issues, but still unable to overcome other security & privacy related issues. In this paper, we analyses security schemes and vulnerability in RFID application. Considering this RFID security issues, we survey the security threats and open problems related to issues by means of information security and privacy. Neither a symmetric nor an asymmetric cryptographic deployment is necessarily used with light weighted algorithm in the future.