• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.3
• /
• pp.383-393
• /
• 2013

Data stream mining is a technique to obtain the useful information by analyzing the data generated in real time. In data stream mining technology, frequent itemset mining is a method to find the frequent itemset while data is transmitting, and these itemsets are used for the purpose of pattern analyze and marketing in various fields. Existing techniques of finding frequent itemset mining are having problems when a malicious attacker sniffing the data, it reveals data provider's real-time information. These problems can be solved by using a method of inserting dummy data. By using this method, a attacker cannot distinguish the original data from the transmitting data. In this paper, we propose a method for privacy preserving frequent itemset mining by using the technique of inserting dummy data. In addition, the proposed method is effective in terms of calculation because it does not require encryption technology or other mathematical operations.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.05a
• /
• pp.291-293
• /
• 2017

Security services that support electric energy service gateway require relatively high reliability. In particular, the application services that accompany communications and data are run organically. Each of the security services should support a secure service platform that supports a secure, scalable life cycle for existing services which should be extends security layer of Universal Middleware such as OSGi platform. In this convergence platform, it is the study of security transfer modular services that allow independent life cycle management of systems through Universal middleware. First, It is modular in terms of energy consumption service and data, enabling real-time operation, communications, remote management and applications. Second, the life cycle of the secure module to support the life cycle of secure, delete, start and updating of the security module by applying the security policy module layer concept. It is modular in terms of power generation and accountability, enabling us to distinguish between reliability and accountability in a large volume of data models in the smart grid, the service was intended to be standardized and applied to the security service platform.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.6
• /
• pp.99-119
• /
• 2007

The USB flash drive is common used for portable storage. That is able to store large data and transfer data quickly and carry simply. But when you lose your USB flash drive without any security function in use, all stored data will be exposed. So the new USB flash drive supported security function was invented to compensate for the problem. In this paper, we analyze vulnerability of 6 control access program for secure USB flash drives. And we show that exposed password on communication between secure USB flash drive and PC. Also we show the vulnerability of misapplication for initialization. Further we develop a protection profile for secure USB flash drive based on the common criteria version 3.1. Finally, we examine possible threat of 6 secure USB flash drives and supports of security objectives which derived from protection profile.

• Journal of Internet Computing and Services
• /
• v.22 no.6
• /
• pp.91-97
• /
• 2021

The United States is responding to evolving cyberattacks through the Commercial Solutions for Classified Program (CSfC). Authorized safety evaluation and certification are being carried out so that US government agencies can quickly introduce civilian commercial security products into the national pavilion. Commercial security products registered in the CSfC process can be used by defense agencies through a rapid approval process. Defense agencies approve commercial security products without duplicate evaluation. Approved security products can reduce the time, cost, and cost of the approval process required to implement the defense information system. In this study, security control for 4 types of network security architecture MSC (Multi-Site Connectivity), MA (Mobile Access), Campus WLAN, and DAR (Data at Rest) proposed by the US National Security Agency (NSA) for introduction to national defense A detailed analysis was performed on the items.

• Convergence Security Journal
• /
• v.15 no.7
• /
• pp.47-53
• /
• 2015

Recently, the Internet of Things is an important technology with a Cloud computing services and a Big data in the IT fields. and The Internet of Things is widely used in various industries. This trend may be referred to as the emergence of significant based technologies for realizing a ubiquitous times. But the security problems of Internet of things are expected to increase with being realized in a variety of industries. and it will be have to provide a corresponding technology to the security threat for this. Therefore, this paper will be analyzed to the security threats of the Internet of Things by the cases. Thereby this is expected to be utilized as a basis for the countermeasure of Internet of Things in a future.

• International Journal of Computer Science & Network Security
• /
• v.22 no.2
• /
• pp.175-184
• /
• 2022

Voice over Internet Protocol (VoIP) has grown in popularity as a low-cost, flexible alternative to the classic public switched telephone network (PSTN) that offers advanced digital features. However, additional security vulnerabilities are introduced by the VoIP system's flexibility and the convergence of voice and data networks. These additional challenges add to the normal security challenges that a VoIP system's underlying IP data network infrastructure confront. As a result, the VoIP network adds to the complexity of the security assurance task faced by businesses that use this technology. It's time to start documenting the many security risks that a VoIP infrastructure can face, as well as analyzing the difficulties and solutions that could help guide future efforts in research & development. We discuss and investigate the challenges and requirements of VoIP security in this research. Following a thorough examination of security challenges, we concentrate on VoIP system threats, which are critical for present and future VoIP deployments. Then, towards the end of this paper, some future study directions are suggested. This article intends to guide future scholars and provide them with useful guidance.

• Journal of the Korea Society of Computer and Information
• /
• v.6 no.2
• /
• pp.1-7
• /
• 2001

The database development is in need or transaction management composed of operations about data, efficiency database management and security of information data in necessity of as well as the new thinking about data security. When users approach data, transaction concurrency is controlled by the users security authentication and security level of data. So, existing secure algorithm occurred the problems which don't satisfy serializability of high level transaction which is delayed high level transaction repeatedly by the low level transaction, because existing secure algorithm is focused on the part which removes the security channel. Therefore this proposed algorithm which prevents waste of resource from the high level transaction reexecution and delay by stopping serializability offense problem by the increase of efficiency of concurrency control.

• Journal of Korea Multimedia Society
• /
• v.10 no.12
• /
• pp.1655-1662
• /
• 2007

Although the PKl-based user authentication solution has been widely used, the security of it can be deteriorated by a simple password. This is because a long and random private key may be protected by a short and easy-to-remember password. To handle this problem, many biometric-based user authentication solutions have been proposed. However, protecting biometric data is another research issue because the compromise of the biometric data will be permanent. In this paper, we present an implementation to improve the security of the typical PKI-based authentication by protecting the private key with a fingerprint. Compared to the unilateral authentication provided by the typical biometric-based authentication, the proposed solution can provide the mutual authentication. In addition to the increased security, this solution can alleviate the privacy issue of the fingerprint data by conglomerating the fingerprint data with the private key and storing the conglomerated data in a user-carry device such as a smart card. With a 32-bit ARM7-based smart card and a Pentium 4 PC, the proposed fingerprint-based PKI authentication can be executed within 1.3second.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.12
• /
• pp.5058-5072
• /
• 2015

Quaternions have been commonly employed in color image processing, but when the existing pure quaternion representation for color images is used in perceptual hashing, it would degrade the robustness performance since it is sensitive to image manipulations. To improve the robustness in color image perceptual hashing, in this paper a full quaternion representation for color images is proposed by introducing the local image luminance variances. Based on this new representation, a novel Full Quaternion Discrete Cosine Transform (FQDCT)-based hashing is proposed, in which the Quaternion Discrete Cosine Transform (QDCT) is applied to the pseudo-randomly selected regions of the novel full quaternion image to construct two feature matrices. A new hash value in binary is generated from these two matrices. Our experimental results have validated the robustness improvement brought by the proposed full quaternion representation and demonstrated that better performance can be achieved in the proposed FQDCT-based hashing than that in other notable quaternion-based hashing schemes in terms of robustness and discriminability.

• Convergence Security Journal
• /
• v.13 no.4
• /
• pp.69-75
• /
• 2013

Customer is the base factor of income for some corporations, so that effective CRM (Customer Relationship Management) is very important to develop the business. In order to use CRM efficiently, we should figure out customers' demands and provide services or products that the customers want. However, it is getting difficult to comprehend customers' demands because they have complicated form and getting more diverse. Recently, social media like Twitter and Facebook let customers to express their demands, and using big data is a very effective method for efficient CRM. This research suggests how to utilize big data for hotel CRM, which considers customer itself as asset of business. In addition, we discuss security problems of big data service and propose the solution for that.