• Journal of The Institute of Information and Telecommunication Facilities Engineering
• /
• v.9 no.3
• /
• pp.112-118
• /
• 2010

This paper propose G-code and G-Pedigree system that are development based on the e-Pedigree and EPC, and RFID solutions for logistics management is proposed. The proposed G-Pedigree system to include the forward logistics and reverse logistics all logistics and management systems are appropriate for the event, with security features, security and accessibility of critical data was strengthened. The proposed G-code systems and the EPC code of the existing RFID readers, tags can be applied to, the more you can manage the logistics-related information.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.6 no.5
• /
• pp.762-767
• /
• 2002

In this paper, We suggest Credit Card and On-line Financial Business Method Using on Wireless Terminal. First, wireless mobile terminal of credit card member is received suity code from dealing verification system of credit card company. Second, a credit card member give security code to member store. Third, the security code is compared with security code of the member in dealing verification system of credit card company.

• International Journal of Internet, Broadcasting and Communication
• /
• v.9 no.1
• /
• pp.24-28
• /
• 2017

In the Internet of Things (IoT), resource-limited smart devices communicate with each other while performing sensing and computation tasks. Thus, these devices can be exposed to various attacks being launched and spread through network. For instance, attacker can reuse the codes of IoT devices for malicious activity executions. In the sense that attacker can craft malicious codes by skillfully reusing codes stored in IoT devices, code-reuse attacks are generally considered to be dangerous. Although a variety of schemes have been proposed to defend against code-reuse attacks, code randomization is regarded as a representative defense technique against code-reuse attacks. Indeed, many research have been done on code randomization technique, however, there are little work on analysis of the interactions between code randomization defenses and code-reuse attacks although it is imperative problem to be explored. To provide the better understanding of these interactions in IoT, we analyze how code randomization defends against code-reuse attacks in IoT and perform simulation on it. Both analysis and simulation results show that the more frequently code randomizations occur, the less frequently code-reuse attacks succeed.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.05a
• /
• pp.989-992
• /
• 2007

In this paper we introduce a new paradigm of physical layer security for wireless network. Existing security protocols like internet's transport layer security protocol has some security flaws that skilled hackers could exploit. Motivated from this point we introduce a new security protocol that works in physical layer which is much less vulnerable to hackers than any other higher layers. In our proposal, we incorporate the proposed security protocol within channel coding as channel coding is an essential part of wireless communication. We utilize the flexibility to choose a generator matrix (or generator polynomial) of a particular code that selects the code words as a core of our protocol. Each pair of wireless node will select a unique generator using their security key before they started to communicate with each other.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.1
• /
• pp.436-453
• /
• 2018

Storage cloud scheme, pushing data to the storage cloud poses much attention regarding data confidentiality. With encryption concept, data accessibility is limited because of encrypted data. To secure storage system with high access power is complicated due to dispersed storage environment. In this paper, we propose a hardware-based security scheme such that a secure dispersed storage system using erasure code is articulated. We designed a hardware-based security scheme with data encoding operations and migration capabilities. Using TPM (Trusted Platform Module), the data integrity and security is evaluated and achieved.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.5
• /
• pp.1211-1221
• /
• 2016

In IoT environment, making sure of trust of IoT devices is the most important one than others. The security threats of nowadays almost stay at exposure or tampering of information. However, if human life is strongly connected to the Internet by IoT devices, the security threats will probably target human directly. In case of devices, authentication is verified using the device-known private key. However, if attacker can modify the device physically, knowing the private key cannot be the evidence of trust any more. Thus, we need stronger verification method like code attestation. In this paper, we use software-based code attestation for efficiency. We also suggest secure code attestation method against copy of original code and implement it on embedded device and analyze its performance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.1
• /
• pp.89-96
• /
• 2007

Radio Frequency Identification system based on EPC(Electronic Product Code) Network Environment can read or write information of tagged objects, using Rf signals without direct contact. This advantage which is to provide storage ability and contactless property is better than Bar-code system. Mobile RFID system which integrates Mobile system with RFID system will provide new additional service to users. However, an advantage for obtaining information of objects using RF signal causes personal privacy problem. In this paper, we propose techniques that can protect personal privacy based on mobile. Our scheme provides privacy protection of users and is more efficiently than another application service.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.10a
• /
• pp.457-461
• /
• 2017

Barcode is widely being used in many places such as supermarket, cafeteria, library, etc. ISBN, Code 128, Code 39 are mainly used in barcode. Among them, Code 128 which is based on ASCII Code can transfer control letters that range from ASCII Code 0 to ASCII 32. Control letters intrinsically imply letters that are used to deliver information to peripheral devices such as a printer or communication joint, however, they play quite different roles if they are inputted on Windows. Generally, barcode devices doesn't verify input data, thus it enables people to tag any barcode that has specific control letters and execute the commands. Besides, most barcode recognition programs are using a database and they have more security weakness compared to other programs. On the basis of those reasons, I give an opinion that SQL Injection can attack barcode recognition programs through this study.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.6
• /
• pp.1361-1372
• /
• 2017

If an external attacker takes from a victim's smartphone a copy of a secret application or an application to which fingerprinting technique is applied, secret information can be leaked or the legitimate user can be misunderstood as an illegal redistributor, which results in a serious security problem. To solve this problem, this paper proposes an Android application code protection scheme using fingerprint authentication and dynamic loading. The proposed scheme divides one application into CLR(Class LoadeR) and SED(SEperated Dex). CLR is an APK file with the ability to dynamically load the SED, and the SED is a file containing the classes required to run the application. The SED is stored inside the smartphone after being encrypted, and the SED can be decrypted only if the user is successfully authenticated using his or her fingerprint. The proposed scheme can protect the application code from the attacker who physically acquired user's smartphone.

• Convergence Security Journal
• /
• v.10 no.3
• /
• pp.51-60
• /
• 2010

The expansion of internet technology has made convenience. On the one hand various malicious code is produced. The number of malicious codes occurrence has dramadically increasing, and new or variant malicious code circulation very serious, So it is time to require analysis about malicious code. About malicious code require set criteria for judgment, malicious code taxonomy using Algorithm of weakness difficult to new or variant malicious code taxonomy but already discovered malicious code taxonomy is effective. Therefore this paper of object is various malicious code analysis besides new or variant malicious code type or form deduction using visualization of strong. Thus this paper proposes a malicious code analysis and grouping method using visualization.