• International Journal of Computer Science & Network Security
• /
• 제24권7호
• /
• pp.123-127
• /
• 2024

Cloud computing services has gained increasing popularity in recent years for supporting various on demand and scalable services for IT consumers where there is a need of less investment towards infrastructure. While storage architecture of cloud enjoys a more robust and fault-tolerant cloud computing network, such architecture also poses a number of security challenges especially when applied in applications related to social networks, Financial transactions, etc. First, as data are stored and maintained by individual virtual machines so Cloud resources are prone to hijacked. Such attacks allow attackers to create, modify and delete machine images, and change administrative passwords and settings successfully. hence, it is significantly harder to ensure data security. Second, Due to dynamic and shared nature of the Cloud, data may be compromised in many ways. Last but not least, Service hijacking may lead to redirect client to an illegitimate website. User accounts and service instances could in turn make a new base for attackers. To address the above challenges, we propose in this paper a distributed data access control scheme that is able to fulfil fine-grained access control over cloud data and is resilient against strong attacks such as compromise and user colluding. The proposed framework exploits a novel cryptographic primitive called attribute-based encryption (ABE), tailors, and adapts it for cloud computing with respect to security requirements

• International Journal of Computer Science & Network Security
• /
• 제21권8호
• /
• pp.111-118
• /
• 2021

Banking systems are sensitive to data privacy since users' data, if not well protected, may be used to perform fake transactions. Blockchains, public and private, are frequently used in such systems thanks to their efficiency and high security. Public blockchains fail to fully protect users' data, despite their power in the accuracy of the transactions. The private blockchain is better used to protect the privacy of the sensitive data. They are not open and they apply authorization to login into the blockchain. However, they have a lower security compared to public blockchain. We propose in this paper a hybrid public-private architecture that profits from network virtualization. The main novelty of this proposal is the use of network virtualization that helps to reduce the complexity and efficiency of the computations. Simulations have been conducted to evaluate the performance of the proposed solution. Findings prove the efficiency of the scheme in reducing complexity and enhancing data privacy by guarantee high security. The contribution conducted by this proposal is that the results are verified by the centralized controller that ensures a correct validation of the resulted blockchains. In addition, computation complexity is to be reduced by profiting from the cooperation performed by the virtual agents.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제17권10호
• /
• pp.2822-2843
• /
• 2023

All aspects of human life have become increasingly dependent on data in the last few decades. The development of several applications causes an enormous issue on data volume in current years. This information must be safeguarded and kept in safe locations. Massive volumes of data have been safely stored with cloud computing. This technology is developing rapidly because of its immense potentials. As a result, protecting data and the procedures to be handled from attackers has become a top priority in order to maintain its integrity, confidentiality, protection, and privacy. Therefore, it is important to implement the appropriate security measures in order to prevent security breaches and vulnerabilities. An improved version of Modular Encryption Standard (IMES) based on layered modelling of safety mechanisms is the major focus of this paper's research work. Key generation in IMES is done using a logistic map, which estimates the values of the input data. The performance analysis demonstrates that proposed work performs better than commonly used algorithms against cloud security in terms of higher performance and additional qualitative security features. The results prove that the proposed IMES has 0.015s of processing time, where existing models have 0.017s to 0.022s of processing time for a file size of 256KB.

• Journal of Information Technology Applications and Management
• /
• 제22권4호
• /
• pp.225-251
• /
• 2015

This paper analyzed factors for employees to violate information security policy in financial companies based on the theory of reasoned action (TRA), general deterrence theory (GDT), and information security awareness and moderating effects of perceived sensitivity of customer information. Using the 376 samples that were collected through both online and offline surveys, statistical tests were performed. We found that the perceived severity of sanction and information security policy support to information policy violation attitude and subjective norm but the perceived certainty of sanction and general information security awareness support to only subjective norm. Also, the moderating effects of perceived sensitivity of customer information against information policy violation attitude and subjective norm were supported. Academic implications of this study are expected to be the basis for future research on information security policy violations of financial companies; Employees' perceived sanctions and information security policy awareness have an impact on the subjective norm significantly. Practical implications are that it can provide a guide to establish information security management strategies for information security compliance; when implementing information security awareness training for employees to deter violations by emphasizing the sensitivity of customer information, a company should make their employees recognize that the customer information is very sensitive data.

• 한국컴퓨터정보학회논문지
• /
• 제25권6호
• /
• pp.219-224
• /
• 2020

이 연구의 목적은 뉴스 빅데이터 분석사이트인 '빅카인즈'를 통해 민간경비의 시대적 구분과 업무에 따라 언론에 보도된 자료들을 통하여 민간경비의 인식과 흐름을 분석하여 민간경비산업의 이론적 근거를 제시하는 데 주된 목적을 두고 있다. 연구방법은 다양하게 흩어져있는 비정형 데이터를 분석이 가능하도록 정형화된 데이터로 바꾸고, 민간경비 성장기에 민간경비 업무별 키워드 트렌드와 연관어 분석을 실시하였다. 연구결과에 따른 민간경비 인식은 각종 범죄 및 사건·사고 및 정규직 관련 이슈를 통해서 언론에 많이 노출되었다. 또한 민간경비업무 영역별로 인식하지 못하고 단순 경비원으로 인식하는 경향이 강했으며 민간경비와 경찰의 연관성이 높은 것으로 보아 경찰력을 보조하는 역할로 인식함은 물론이고 치안을 담당하는 공동의 주체로서 인식되고 있다고 볼 수 있다. 따라서 민간경비에 대한 인식을 객관적으로 판단하고 이를 통해 국가의 안전을 책임지고 사회질서를 유지하는 주체로써 민간경비를 인식하는 초석이 되어야 할 것으로 사료된다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제6권11호
• /
• pp.2940-2955
• /
• 2012

In this paper, we propose aggregate signcryption for achieving data security in UWSNs. The main challenge of these networks established in sensitive environments is offline sink visiting. Moreover, the sensors must retain collected data for long enough time to offload them onto the itinerant sink. Thus, the unattended nature of data collection intervals might offer the adversary the opportunity to apply various attacks without detection. In this paper, employing low order operations (in time and space), we propose a new secure scheme in which various security goals such as confidentiality (through encrypting), authentication and integrity (through signing) are achieved. In addition, the aggregation process of our scheme reduces the space and communication overheads both for sensors and sink, i.e. the proposed technique efficiently enables the sensors and sink to protect, verify and recover all the related data. We further compare our scheme with the best alternative work in the literature.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제11권4호
• /
• pp.2219-2236
• /
• 2017

With cloud storage services, users can handle an enormous amount of data in an efficient manner. However, due to the widespread popularization of cloud storage, users have raised concerns about the integrity of outsourced data, since they no longer possess the data locally. To address these concerns, many auditing schemes have been proposed that allow users to check the integrity of their outsourced data without retrieving it in full. Yuan and Yu proposed a public auditing scheme with a deduplication property where the cloud server does not store the duplicated data between users. In this paper, we analyze the weakness of the Yuan and Yu's scheme as well as present modifications which could improve the security of the scheme. We also define two types of adversaries and prove that our proposed scheme is secure against these adversaries under formal security models.

• 대한임베디드공학회논문지
• /
• 제6권4호
• /
• pp.255-261
• /
• 2011

In this paper, we propose a security-enhanced storing method for the voice data obtained during the flight. When an emergency occurs during flight, the flight data in the storage device such as DTS or Blackbox can be exposed to antagonist or enemy. Currently, zeroize function is embedded in these devices in order to prevent this situation. However, this could not be operated if the system is malfunctioned or the pilot is wounded in the emergency. In order to solve this problem, the voice data compressed by the ADPCM is encrypted in the proposed method composed of the AES algorithm and a reordering method. The simulation results show that the security for the voice date is further enhanced due to the proposed method.

• International Journal of Internet, Broadcasting and Communication
• /
• 제13권3호
• /
• pp.42-49
• /
• 2021

As cyber attacks become more intelligent, there is difficulty in detecting advanced attacks in various fields such as industry, defense, and medical care. IPS (Intrusion Prevention System), etc., but the need for centralized integrated management of each security system is increasing. In this paper, we collect big data for intrusion detection and build an intrusion detection platform using deep learning and CNN (Convolutional Neural Networks). In this paper, we design an intelligent big data platform that collects data by observing and analyzing user visit logs and linking with big data. We want to collect big data for intrusion detection and build an intrusion detection platform based on CNN model. In this study, we evaluated the performance of the Intrusion Detection System (IDS) using the KDD99 dataset developed by DARPA in 1998, and the actual attack categories were tested with KDD99's DoS, U2R, and R2L using four probing methods.

• 정보보호학회논문지
• /
• 제25권6호
• /
• pp.1525-1540
• /
• 2015

금융 산업과 IT 기술의 결합으로 지불 방법이 간편화됨에 따라 소비자의 지불 수단이 현금 결제에서 신용카드, 모바일 소액결제, 앱카드 등을 이용한 전자결제로 변화되고 있다. 이에 전자금융결제를 악용하여 이상거래를 시도하는 사례가 증가하는 추세로, 금융사는 이상거래로부터 소비자를 보호하기 위해 FDS(Fraud Detection System)를 구축하고 있다. 이상거래 탐지 시스템은 실시간으로 이용자 정보와 결제 정보를 분석하여 높은 정확도로 이상거래를 식별하는 것이 목표이다. 본 연구에서는 결제로그 분석 및 데이터 마이닝을 이용한 이상거래 탐지 연구 동향을 조사하였으며, 이상거래 탐지에 사용된 데이터 마이닝 알고리즘을 정리하고 이상거래 탐지 연구를 사용된 데이터 셋, 알고리즘, 연구 관점으로 분류하였다.