• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.9
• /
• pp.1374-1381
• /
• 2022

Existing research on security technology related to network attack response has focused on research using hardware network security technology, network attacks that wiretap and wiretap network packets, denial of service attack that consumes server resources to bring down the system, and network by identifying vulnerabilities before attack. It is classified as a scanning attack. In addition, methods for increasing network security, antivirus vaccines and antivirus systems have been mainly proposed and designed. In particular, many users do not fully utilize the security function of the router. In order to overcome this problem, it is classified according to the network security level to block external attacks through layered security management through layer-by-layer experiments. The scope of the study was presented by examining the security technology trends of edge routers, and suggested methods and implementation examples to protect from threats related to edge router-based network attacks.

• Journal of Internet of Things and Convergence
• /
• v.10 no.4
• /
• pp.65-70
• /
• 2024

In the Internet of Things environment, new security requirements are changing rapidly. In this rapid change, if a breach occurs due to a security threat, great damage will occur. The SASE (Secure Access Service Edge) environment is highly vulnerable to security threats, and if a breach occurs, serious damage will occur. In order to strengthen the security of the SASE environment, a specialized curriculum that covers the unique characteristics and problem solving of SASE is required. In this paper, we propose a curriculum model for responding to security incidents in the SASE environment. The proposed curriculum model is designed to cover various aspects of SASE security, including threat types, breach scenarios, and response procedures. The goal of this model is to increase security awareness and prepare professionals to effectively handle security incidents within a SASE framework.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.05a
• /
• pp.639-641
• /
• 2022

With the increasing of aging population, a lot of researches on monitoring systems for solitary senior citizens are under study. In general, a monitoring system provides a monitoring service by computing the information of vision, sensors, and measurement values on a server. Design considering data security is essential because a risk of data leakage exists in the structure of the system employing the server. In this paper, we propose a intelligent monitoring system for solitary senior citizens with vision-based security architecture. The proposed system protects privacy by ensuring high security through an architecture that blocks communication between a camera module and a server by employing an edge AI module. The edge AI module was designed with Verilog HDL and verified by implementing on a Field Programmable Gate Array (FPGA). We tested our proposed system on 5,144 frame data and demonstrated that a dangerous detection signal is generated correctly when human motion is not detected for a certain period.

• Review of KIISC
• /
• v.12 no.5
• /
• pp.70-75
• /
• 2002

GSM(Global System for Mobile Communications)은 현재 가장 광범위하게 사용되고 있는 디지털 이동 통신의 표준이다. 또한 GSM 표준에서 데이터 전송의 최종 evolution 버전인 EDGE(Enhanced Data for GSM Evolution)와 GSM Phase2＋ 개발의 일부분인 GSM 망에서 packet switching을 구현하는 기술인 GPRS(General Packet Radio Service)가 현재 유럽의 정보통신 표준화 기구인 ETSI(European Telecommunications Standards Institute)에 의해 표준화가 진행 중에 있다. GSM 시스템은 사용자 데이터의 기밀성을 보장하기 위한 암호화 알고리즘 A5를 사용하고 있지만 그 취약성이 계속 보고되고 있다. $^{[10,11]}$ 따라서 GSM의 강화된 암호화 알고리즘과 EDGE와 GPRS에서 사용자 데이터를 보호하기 위한 새로운 암호화 알고리즘의 개발이 요구되어왔다. 최근 ETSI의 SAGE(Security Algorithms Group of Experts)는 이러한 목적을 달성할 수 있는 새로운 표준 암호화 알고리즘 A5/3과 GEA3을 개발하였다. $^{[3,4,5,6]}$본 고에서는 GSM, EDGE, GPRS에서의 새로운 표준 암호화 알고리즘 A5/3과 GEA3을 분석하여 정리하고자 한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.12
• /
• pp.5654-5668
• /
• 2018

Driven by security and real-time demands of Internet of Things (IoT), the timing of fog computing and edge computing have gradually come into place. Gateways bear more nearby computing, storage, analysis and as an intelligent broker of the whole computing lifecycle in between local devices and the remote cloud. In fog computing, the edge broker requires X-aware capabilities that combines software programmability, stream processing, hardware optimization and various connectivity to deal with such as security, data abstraction, network latency, service classification and workload allocation strategy. The prosperous of Field Programmable Gate Array (FPGA) pushes the possibility of gateway capabilities further landed. In this paper, we propose a software-defined gateway (SDG) scheme for fog computing paradigm termed as Fog Computing Zero-Knowledge Gateway that strengthens data protection and resilience merits designed for industrial internet of things or highly privacy concerned hybrid cloud scenarios. It is a proxy for fog nodes and able to integrate with existing commodity gateways. The contribution is that it converts Privacy-Enhancing Technologies rules into provable statements without knowing original sensitive data and guarantees privacy rules applied to the sensitive data before being propagated while preventing potential leakage threats. Some logical functions can be offloaded to any programmable micro-controller embedded to achieve higher computing efficiency.

• Smart Media Journal
• /
• v.12 no.7
• /
• pp.27-42
• /
• 2023

The development of cloud services and IoT technology has radically changed the cloud environment, and has evolved into a new concept called fog computing and F2C (fog-to-cloud). However, as heterogeneous cloud/fog layers are integrated, problems of access control and security management for end users and edge devices may occur. In this paper, an F2C-based IoT smart health monitoring system architecture was designed to operate a medical information service that can quickly respond to medical emergencies. In addition, a role-based service access control technology was proposed to enhance the security of user's personal health information and sensor information during service interoperability. Through simulation, it was shown that role-based access control is achieved by sharing role registration and user role token issuance information through blockchain. End users can receive services from the device with the fastest response time, and by performing service access control according to roles, direct access to data can be minimized and security for personal information can be enhanced.

• Advances in nano research
• /
• v.15 no.6
• /
• pp.513-520
• /
• 2023

The exponential proliferation of cutting-edge computing technologies has spurred organizations to outsource their data and computational needs. In the realm of cloud-based computing environments, ensuring robust security, encompassing principles such as confidentiality, availability, and integrity, stands as an overarching imperative. Elevating security measures beyond conventional strategies hinges on a profound comprehension of malware's multifaceted behavioral landscape. This paper presents an innovative paradigm aimed at empowering cloud service providers to adeptly model user behaviors. Our approach harnesses the power of a Particle Swarm Optimization-based Probabilistic Neural Network (PSO-PNN) for detection and recognition processes. Within the initial recognition module, user behaviors are translated into a comprehensible format, and the identification of malicious nano-structures behaviors is orchestrated through a multi-layer neural network. Leveraging the UNSW-NB15 dataset, we meticulously validate our approach, effectively characterizing diverse manifestations of malicious nano-structures behaviors exhibited by users. The experimental results unequivocally underscore the promise of our method in fortifying security monitoring and the discernment of malicious nano-structures behaviors.

• Journal of Information Processing Systems
• /
• v.20 no.3
• /
• pp.375-390
• /
• 2024

Edge computing architecture has effectively alleviated the computing pressure on cloud platforms, reduced network bandwidth consumption, and improved the quality of service for user experience; however, it has also introduced new security issues. Existing anomaly detection methods in big data scenarios with cloud-edge computing collaboration face several challenges, such as sample imbalance, difficulty in dealing with complex network traffic attacks, and difficulty in effectively training large-scale data or overly complex deep-learning network models. A lightweight deep-learning model was proposed to address these challenges. First, normalization on the user side was used to preprocess the traffic data. On the edge side, a trained Wasserstein generative adversarial network (WGAN) was used to supplement the data samples, which effectively alleviates the imbalance issue of a few types of samples while occupying a small amount of edge-computing resources. Finally, a trained lightweight deep learning network model is deployed on the edge side, and the preprocessed and expanded local data are used to fine-tune the trained model. This ensures that the data of each edge node are more consistent with the local characteristics, effectively improving the system's detection ability. In the designed lightweight deep learning network model, two sets of convolutional pooling layers of convolutional neural networks (CNN) were used to extract spatial features. The bidirectional long short-term memory network (BiLSTM) was used to collect time sequence features, and the weight of traffic features was adjusted through the attention mechanism, improving the model's ability to identify abnormal traffic features. The proposed model was experimentally demonstrated using the NSL-KDD, UNSW-NB15, and CIC-ISD2018 datasets. The accuracies of the proposed model on the three datasets were as high as 0.974, 0.925, and 0.953, respectively, showing superior accuracy to other comparative models. The proposed lightweight deep learning network model has good application prospects for anomaly traffic detection in cloud-edge collaborative computing architectures.

• International Journal of Internet, Broadcasting and Communication
• /
• v.9 no.4
• /
• pp.59-66
• /
• 2017

Cloud computing has evolved into a core computing infrastructure for the internet that encompasses content, as well as communications, applications and commerce. By providing powerful computing and communications capabilities in the palm of the hand everywhere with a variety of smart devices, mobile applications such as virtual reality, sensing and navigation have emerged and radically changed the patterns people live. The data that is generated is getting bigger. Cloud computing, on the other hand, has problems with system load and speed due to the collection, processing and control of remote data. To solve this problem, fog computing has been proposed in which data is collected and processed at an edge. In this paper, we propose a system that dynamically selects a fog server that acts as a cloud in the edge. It serves as a mediator in the cloud, and provides information on the services and systems belonging to the cloud to the mobile device so that the mobile device can act as a fog. When the role of the fog system is complete, we provide it to the cloud to virtualize the fog. The heterogeneous problem of data of mobile nodes can be solved by using mDBaaS (Mobile DataBase as a Service) and we propose a system design method for this.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.9
• /
• pp.1703-1710
• /
• 2017

This paper propose a 3D point clouds (depth) security technique for digital holographic display service. Image contents encryption is a method to provide only authorized right owners with the original image information by encrypting the entire image or a part of the image. The proposed method detected an edge from a depth and performed quad tree decomposition, and then performed encryption. And encrypts the most significant block among the divided blocks. The encryption effect was evaluated numerically and visually. The experimental results showed that encrypting only 0.43% of the entire data was enough to hide the constants of the original depth. By analyzing the encryption amount and the visual characteristics, we verified a relationship between the threshold for detecting an edge-map. As the threshold for detecting an edge increased, the encryption ratio decreased with respect to the encryption amount.