• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.225-234
• /
• 2019

Bitcoin is a cryptocurrency with characteristics such as de-centralization and distributed ledger, and these features are maintained through a mining system called "proof of work". In the mining system, mining difficulty is adjusted to keep the block generation time constant. However, Bitcoin's current method to update mining difficulty does not reflect the future hash power, so the block generation time can not be kept constant and the error occurs between designed time and real time. This increases the inconsistency between block generation and real world and causes problems such as not meeting deadlines of transaction and exposing the vulnerability to coin-hopping attack. Previous studies to keep the block generation time constant still have the error. In this paper, we propose a machine-learning based method to reduce the error. By training with the previous hash power, we predict the future hash power and adjust the mining difficulty. Our experimental result shows that the error rate can be reduced by about 36% compared with the current method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.719-728
• /
• 2019

Recently, there has been a growing market for shared mobility businesses that share 'transport' such as cars and bikes, and many operators offer a variety of services. However, if the fare can not be charged normally because of security vulnerability, the operator can not continue the business. So there should be no security loopholes. However, there is a lack of awareness and research on shared mobility security. In this paper, we analyzed security vulnerabilities exposed in application log of shared bike service in Korea. We could easily obtain the password of the bike lock and the encryption key of the AES-128 algorithm through the log, and confirmed the data generation process for unlocking using software reverse engineering. It is shown that the service can be used without charge with a success rate of 100%. This implies that the importance of security in shared mobility business and new security measures are needed.

• The Journal of Society for e-Business Studies
• /
• v.23 no.4
• /
• pp.153-169
• /
• 2018

Previous e-financial anomalies analysis and detection technology collects large amounts of electronic financial transaction logs generated from electronic financial business systems into big-data-based storage space. And it detects abnormal transactions in real time using detection rules that analyze transaction pattern profiling of existing customers and various accident transactions. However, deep analysis such as attempts to access e-finance by insiders of financial institutions with large scale of damages and social ripple effects and stealing important information from e-financial users through bypass of internal control environments is not conducted. This paper analyzes the management status of e-financial security programs of financial companies and draws the possibility that they are allies in security control of insiders who exploit vulnerability in management. In order to efficiently respond to this problem, it will present a comprehensive e-financial security management environment linked to insider threat monitoring as well as the existing e-financial transaction detection system.

• Convergence Security Journal
• /
• v.19 no.2
• /
• pp.21-28
• /
• 2019

The emergence of a hyper-connected-super-intelligence society, called the era of the Fourth Industrial Revolution, brought about a new change in the security environment. With ICT (Information Communication Technology) convergence and high-tech technologies introduced across the board, the person-centered driving force that moved the real space is replaced by the code-oriented cyberspace, and its dependency is constantly increasing. Paradoxically, however, these technological changes serve as another security vulnerability that threatens our society, and have brought about the justification for building a cyber defense system while simultaneously facing the opportunities and challenges brought by technology. In this study, the theory of self-defense was put forward on the basis of the theoretical basis for actively responding to the increasingly intelligent and mass-evolving cyberattacks, and firstly, the need to enact a cybersecurity law, secondly, and thirdly, the need to develop a response cooperation system with the U.S. and other cyber powers.

• Journal of the Korea Convergence Society
• /
• v.10 no.5
• /
• pp.9-16
• /
• 2019

In this paper, it will analyze security problems, so technology's potential can apply to business security area. First, in order to deep learning do security tasks sufficiently in the business area, deep learning requires repetitive learning with large amounts of data. In this paper, to acquire learning ability to do stable business tasks, it must detect abnormal IP packets and attack such as normal software with malicious code. Therefore, this paper will analyze whether deep learning has the cognitive ability to detect various attack. In this paper, to deep learning to reach the system and reliably execute the business model which has problem, this paper will develop deep learning technology which is equipped with security engine to analyze new IP about Session and do log analysis and solve the problem of mathematical role which can extract abnormal data and distinguish infringement of system data. Then it will apply to business model to drop the vulnerability and improve the business performance.

• Journal of Korean Society of Disaster and Security
• /
• v.14 no.1
• /
• pp.41-50
• /
• 2021

As a method of predicting the displacement of river levee in advance, Differential Interferometry (D-InSAR) kind of InSAR techniques was used to identify weak points in the area of the levee collapes near Gumgok Bridge (Somjin River) in Namwon City, which occurred in the summer of 2020. As a result of analyzing the displacement using five images each in the spring and summer of 2020, the Variation Index (V) of area where the collapse occurred was larger than that of the other areas, so the prognostic sysmptoms was detected. If the levee monitoring system is realized by analyzing the correlations with displacement results and hydrometeorological factors, it will overcome the existing limitations of system and advance ultra-precise, automated river levee maintenance technology and improve national disaster management.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.6
• /
• pp.143-148
• /
• 2007

In the context of mass traffic, firewall system cannot record normal log files against DDoS attack. The loss of log record causes that a firewall system does not know whether a packet is normally filtered or not, and firewall log, which is an essential data for the counter measure of violation accident, cannot be verified as trusted. As a network speed increases, these problems happen more frequently and largely. Accordingly, the method to use simply additional hardware devices is not recommended for the popularization of firewall. This paper is devoted to verify the loss of iptable log that is the mother's womb of most domestic firewall systems and show that the log handling methods for conventional firewall systems are needed to improve.

• The Journal of Korean Institute of Information Technology
• /
• v.17 no.12
• /
• pp.125-134
• /
• 2019

As the limitations of the passive recognition domain, which is not guaranteed transparency of the operation process, AI technology has a vulnerability that depends on the data. Human error is inherent because raw data for artificial intelligence learning must be processed and inspected manually to secure data quality for the advancement of AI learning. In this study, we examine the necessity of learning data management before machine learning by analyzing inaccurate cases of AI learning data and cyber security attack method through the approach from cyber security perspective. In order to verify the learning data integrity, this paper presents the direction of data-preserving artificial intelligence system, a blockchain-based learning data environment model. The proposed method is expected to prevent the threats such as cyber attack and data corruption in providing and using data in the open network for data processing and raw data collection.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1031-1041
• /
• 2020

Cloud computing technology plays an important role in the deep learning industry as deep learning services are deployed frequently on top of cloud infrastructures. In such cloud environment, virtualization technology provides logically independent and isolated computing space for each tenant. However, recent studies demonstrate that by leveraging vulnerabilities of virtualization techniques and shared processor architectures in the cloud system, various side-channels can be established between cloud tenants. In this paper, we propose a novel attack scenario that can steal internal information of deep learning models by exploiting the Meltdown vulnerability in a multi-tenant system environment. On the basis of our experiment, the proposed attack method could extract internal information of a TensorFlow deep-learning service with 92.875% accuracy and 1.325kB/s extraction speed.

• 한국노년학
• /
• v.41 no.3
• /
• pp.353-371
• /
• 2021

The purpose of this study is to provide clues to social welfare policy making by revealing discourse on social intervention and response based on big data on elderly living alone in the COVID-19 situation. Keyword analysis, network analysis, and topic analysis were utilized to explore the ways in which news media have portrayed challenges facing older individuals and the ways in which the central and local government as well as private organization have responded to them. Results are as follows. First, networks(degree, closeness, betweenness) were formed around region, delivery, society, support, and vulnerability, suggesting an increased demand for economic assistance and social support as well as stronger service delivery systems. Second, key topics derived included "establishing public delivery systems", "establishing local networks", "Managing care gap", "Establishing a private economic support system", and "Establishing service organization system". Based on the research results, discourse on the organic role of government, communities and the private sector has been presented, suggesting policy and practical implications by proposing a discussion on how to intervene for elderly living alone in disaster situations such as COVID-19.