• The Transactions of the Korea Information Processing Society
• /
• v.7 no.3
• /
• pp.808-817
• /
• 2000

Component specification languages in consideration of reuse are essential factor in classification, verification and retrieval of components. A number of legacy specification languages have already been used, however, they are complex and include many necessary elements in the specification for implementation. In this paper, we present XML-based component specification and software architecture specification language to solve these problems of legacy specification languages. The presented specification languages consist of component specification, which is composed of signature specification, interface specification and message specification, and software architecture specification providing graphical notations and textural notations. Component specification supports component retrieval with behavioral match and black-box reuse of component. In addition to this, it improves the efficiency of retrieval and document management with XML-based component specification. Software architecture specification supports the structural reuse of architecture, which is white-box reuse, through mesage-based architecture specification.

• Proceedings of the KSRS Conference
• /
• 2003.11a
• /
• pp.519-521
• /
• 2003

Within the paper an approach for the automatic extraction and reconstruction of buildings in urban built-up areas base on fusion of high-resolution satellite image and LIDAR data is presented. The presented data fusion scheme is essentially motivated by the fact that image and range data are quite complementary. Raised urban objects are first segmented from the terrain surface in the LIDAR data by making use of the spectral signature derived from satellite image, afterwards building potential regions are initially detected in a hierarchical scheme. A novel 3D building reconstruction model is also presented based on the assumption that most buildings can be approximately decomposed into polyhedral patches. With the constraints of presented building model, 3D edges are used to generate the hypothesis and follow the verification processes and a subsequent logical processing of the primitive geometric patches leads to 3D reconstruction of buildings with good details of shape. The approach is applied on the test sites and shows a good performance, an evaluation is described as well in the paper.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.3
• /
• pp.1659-1673
• /
• 2019

Android platform provides In-app Billing service for purchasing valuable items inside mobile applications. However, it has become a major target for attackers to achieve valuable items without actual payment. Especially, application developers suffer from automated attacks targeting all the applications in the device, not a specific application. In this paper, we propose a novel scheme detecting automated attacks with probabilistic tests. The scheme tests the signature verification method in a non-deterministic way, and if the method was replaced by the automated attack, the scheme detects it with very high probability. Both the analysis and the experiment result show that the developers can prevent their applications from automated attacks securely and efficiently by using of the proposed scheme.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.04a
• /
• pp.1288-1291
• /
• 2009

네트워크 트래픽 모니터링과 분석은 엔터프라이즈 네트워크의 효율적인 운영과 안정적 서비스를 제공하기 위한 필수적인 요소이다. 다양한 트래픽 분석 방법 중 시그니쳐 기반의 분석 방법은 가장 높은 분석률을 보이지만 모든 시그니쳐를 수작업으로 추출하기 때문에 응용프로그램의 변화와 출현에 유연하게 대응하지 못한다. 따라서 본 논문에서는 응용프로그램 시그니쳐 생성 과정의 단점을 보완할 수 있는 시그니쳐 자동 생성 시스템을 제안한다. 응용프로그램 시그니쳐는 페이로드 내의 고유한 바이트 시퀀스로 정의하며 응용프로그램이 발생시키는 모든 트래픽을 대상으로 추출한다. 또한 생성 시스템의 실효성을 증명할 수 있는 검증 시스템 및 검증 네트워크를 제시한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2020.05a
• /
• pp.540-543
• /
• 2020

본 논문에서는 대표적인 이미지 분류 모델인 CNN(Convolutional Neural Network)과 시간에 따른 이미지의 변화를 학습할 수 있는 LSTM(Long Short-Term Memory) 기반의 온라인 서명인식 모델을 제안한다. 실제로는 위조서명을 미리 구하기 어렵다는 사실을 고려해 서명검증 대상자가 아닌 타인의 진서명과 대상자의 일반 필기 데이터를 음의 데이터로서 학습에 사용하였다. 실험 결과, 전체 이미지 중 서명 부분의 비율에 따라 좋은 성능을 보이는 검증 모델이 다르며 Accuracy 성능지표를 통해 이 비율이 높거나 낮을 경우 CNN-LSTM 이, 중간일 경우 CNN 이 적합하다는 것을 확인하였다.

• Journal of the Korea Society of Computer and Information
• /
• v.19 no.3
• /
• pp.45-54
• /
• 2014

In this paper, an improved two-step P2P traffic classification scheme is proposed to overcome the limitations of the existing methods. The first step is a signature-based classifier at the packet-level. The second step consists of pattern heuristic rules and a statistics-based classifier at the flow-level. With pattern heuristic rules, the accuracy can be improved and the amount of traffic to be classified by statistics-based classifier can be reduced. Based on the analysis of different decision tree algorithms, the statistics-based classifier is implemented with REPTree. In addition, the ensemble algorithm is used to improve the performance of statistics-based classifier Through the verification with the real datasets, it is shown that our hybrid scheme provides higher accuracy and lower overhead compared to other existing schemes.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.1
• /
• pp.87-100
• /
• 2020

Researches on Post-quantum blockchain, which is a synthesis of blockchain and post-quantum cryptography[1], are relatively unrevealed areas but have needs to be studied with the regard to the quantum computers. However there could be several fundamental problems, e.g. unsustainably large size of public key and signature, or too lengthy time for sign and verification, if any post-quantum cryptography is adopted to the existing blockchain to implement post-quantum blockchain. Thus, a new method was proposed in this paper that produces fixed length of references for massive signatures and corresponding public keys to enable relatively lightweight transactions. This paper proposed the mechanism that included a new transaction structure and protocols, and demonstrated a post-quantum blockchain that the proposed mechanism was adopted. Through this research, it could enhance compatibility of blockchain regarding post-quantum digital signature, possibly reducing weights of the whole blockchain.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.3
• /
• pp.9-21
• /
• 2008

In this paper, we revisit a generally accepted opinion: implementing Elliptic Curve Cryptosystem (ECC) over GF$(2^m)$ on sensor motes using small word size is not appropriate because partial XOR multiplication over GF$(2^m)$ is not efficiently supported by current low-powered microprocessors. Although there are some implementations over GF$(2^m)$ on sensor motes, their performances are not satisfactory enough due to the redundant memory accesses that result in inefficient field multiplication and reduction. Therefore, we propose some techniques for reducing unnecessary memory access instructions. With the proposed strategies, the running time of field multiplication and reduction over GF$(2^{163})$ can be decreased by 21.1% and 24.7%, respectively. These savings noticeably decrease execution times spent in Elliptic Curve Digital Signature Algorithm (ECDSA) operations (Signing and verification) by around $15{\sim}19%$.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.4
• /
• pp.71-84
• /
• 2003

Self-certified public keys need not be accompanied with a separate certificate to be authenticated by other users because the public keys are computed by both the authority and the user. At this point, verifiable self-certified public keys are proposed that can determine which is wrong signatures or public keys if public keys are used in signature scheme and then verification of signatures does not succeed. To verify these public keys, key generation center's public key trusted by users is required. If all users trust same key generation center, public keys can be verified simply. But among users in different domains, rusty relationship between two key generation centers must be accomplished. In this paper we propose inter-domain verifiable self-certified public keys that can be verified without certificate between users under key generation centers whose trusty relationship is accomplished. Also we present the execution of signature and key distribution between users under key generation centers use different public key parameters.

• KIPS Transactions on Computer and Communication Systems
• /
• v.7 no.2
• /
• pp.49-58
• /
• 2018

A certificate is a means to certify users by conducting the identification of the users, the prevention of forgery and alteration, and non-repudiation. Most people use an accredited certificate when they perform a task using online banking, and it is often used for the purpose of proving one's identity in issuing various certificates and making electronic payments in addition to online banking. At this time, the issued certificate exists in a file form on the disk, and it is possible to use the certificate issued in an existing device in a new device only if one copies it from the existing device. However, most certificate duplication methods are a method of duplication, entering an 8-16 digit verification code. This is inconvenient because one should enter the verification code and has a weakness that it is vulnerable to security issues. To solve this weakness, this study proposes a method for enhancing security certificate duplication in a multi-channel using TCP and BLE. The proposed method: 1) shares data can be mutually authenticated, using BLE Advertising data; and 2) encrypts the certificate with a symmetric key algorithm and delivers it after the certification of the device through an ECC-based electronic signature algorithm. As a result of the implementation of the proposed method in a mobile environment, it could defend against sniffing attacks, the area of security vulnerabilities in the existing methods and it was proven that it could increase security strength about $10^{41}$ times in an attempt of decoding through the method of substitution of brute force attack existing method.