• KIPS Transactions on Computer and Communication Systems
• /
• v.9 no.12
• /
• pp.307-314
• /
• 2020

The video surveillance service is being widely deployed around our lives and the service stores sensitive data such as video streams in the cloud over the Internet or the centralized data store in an on-premise environment. The main concerning of these services is that the user should trust the service provider how secure the video or data is stored and handled without any concrete evidence. In this paper, we proposed the approach to protecting video by PKI (public key infrastructure) with a blockchain network. The video is encrypted by a symmetric key, then the key is shared through a blockchain network with taking advantage of the PKI mechanism. Therefore, the user can ensure the sensitive data is always kept secure and traceable in its lifecycle.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.11
• /
• pp.1507-1518
• /
• 2020

High-quality images have a lot of information, so sensitive data is stored by encryption for private company, military etc. Encrypted images can only be decrypted with a secret key, but the original data cannot be retained when attacked by the Shear attack and Noise pollution attack techniques that overwrite some pixel data with arbitrary values. Important data is the more necessary a countermeasure for the recovery method against attack. In this paper, we propose a random number generator PingPong256 and a shuffling method that rearranges pixels to resist Shear attack and Noise pollution attack techniques so that image and video encryption can be performed more quickly. Next, the proposed PingPong256 was examined with SP800-22, tested for immunity to various noises, and verified whether the image to which the shuffling method was applied satisfies the Anti-shear attack and the Anti-noise pollution attack.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37C no.9
• /
• pp.841-850
• /
• 2012

Most of banks in Korea provide smartphone banking services. To use the banking service, public key certificates with private keys, which are stored in personal computers, should be installed in smartphones. Many banks provides intermediate servers that relay certificates to smartphones over the Internet, because the transferring certificates via USB cable is inconvenient. In this paper, we analyze the certificate transfer protocol between personal computer and smartphone, and consider a possible attack based on the results of the analysis. We were successfully able to extract a public key certificate and password-protected private key from encrypted data packets. In addition, we discuss several solutions to transfer public key certificates from personal computers to smartphones safely.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.21 no.5
• /
• pp.658-664
• /
• 2018

In this paper, we propose a group key management scheme for very high confidential information in tactical wireless networks. For the proposed scheme, we consider the tactical networks that has a hierarchical topology and the nature of high confidential information. The leader node, which may have higher probability of good channel state than others, provides some data to all the network member in order to generate a geographical group key and it transmits the encrypted information with minimum transmission power level to others. By this scheme, the security and reliability for sharing confidential information is ensured. The performance of the proposed scheme is validated by mathematical analysis. It shows that the proposed scheme makes nodes to share a high confidential information securely if the proper parameters for network design are selected.

• KEPCO Journal on Electric Power and Energy
• /
• v.2 no.4
• /
• pp.563-567
• /
• 2016

In this paper, the chaos-based secure scheme for power line communication is proposed for the first time. A digitalized chaotic generator based Lorenz system is utilized for generating nonlinear dynamic chaotic signal for masking the information signal instead of reported analog chaotic generators. A simple method of encryption and decryption is also given. In order to confirm the feasibility of the proposed scheme, the system is simulated using a simplified encryption/decryption method in Proteus. The gained results from simulation demonstrated that by using the chaos-based security method, the data can be encrypted and easily transmitted through the power line network efficiently.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.4
• /
• pp.807-816
• /
• 2015

During the last decade most of coordinated security breaches are performed by the means of botnets, which is a large overlay network of compromised computers being controlled by remote botmaster. Due to high volumes of traffic to be analyzed, the challenge is posed by managing tradeoff between system scalability and accuracy. We propose a novel Hadoop-based P2P botnet detection method solving the problem of scalability and having high accuracy. Moreover, our approach is characterized not to require labeled data and applicable to encrypted traffic as well.

• The KIPS Transactions:PartD
• /
• v.9D no.5
• /
• pp.931-938
• /
• 2002

We implement the PBSM (Protocol-Based Security Module) system which guarantees the secure data transmission under web circumstances. There are two modules to implement for the PBSM architecture. One is Web Server Security Module (WSSM) which is working on a web server, the other is the Winsock Client Security Module (WSCSM) which is working on a client. The WSCSM security module decrypts the encrypted HTML document that is received from the security web server The decrypted HTML document is displayed on the screen of a client. The WSSM module contains the encryption part for HTML file and the decryption part for CGI (Common Gateway Interface). We also implement the proposed idea at the web system.

• Journal of KIISE:Information Networking
• /
• v.34 no.3
• /
• pp.175-185
• /
• 2007

In IEEE 802.15.4 (Low-Rate Wireless Personal Area Network) specification, a successful reception and validation of a data or MAC command frame can be confirmed with an acknowledgment. However, the specification does not support security for acknowledgment frame; the lack of a MAC covering acknowledgments allows an adversary to forge an acknowledgment for any frame. This paper proposes an identity authentication mechanism at the link layer for acknowledgment frame in IEEE 802.15.4 network. With the proposed mechanism there is only three bits for authentication, which can greatly reduce overhead of device. The encrypted bit stream for identity authentication will be transmitted to device by coordinator within association process. Statistical method and simulation results prove that our mechanism is successful in handling MAC layer attack.

• Journal of Korea Multimedia Society
• /
• v.11 no.5
• /
• pp.588-596
• /
• 2008

For the patients' privacy, secure access control of medical images is essentially necessary. In this paper, two types of Region of Interest (ROI)-based selective encryption schemes are proposed, which concentrate on the security of crucial parts in medical images. The first scheme randomly inverts the most significant bits of ROI coefficients in several high frequency subbands in the transform domain, which only incurs little loss on compression efficiency. The second scheme employs a symmetric key encryption to encrypt selectively the ROI data in the final code-stream, which provides sufficient confidentiality. Both of two schemes are backward compatible so as to ensure a standard bitstream compliant decoder so the encrypted images can be reconstructed without any crash.

• The Journal of the Korea Contents Association
• /
• v.1 no.1
• /
• pp.74-82
• /
• 2001

Visual cryptography made it possible to decrypt the Information encrypted by thresholding scheme not with digital system but with human vision system. This method, however, has some limit in it because of the rack of resolution in both the spatial and amplitude domain. Optical visual cryptography, which used laser system instead of human eyesight, was proposed by conjunction of the optical theory with the cryptography. However, it also had some difficulties because it did not overcome the existing problem of visual cryptography completely. The problem occurred in the process of transferring data processing system from visual to optics. Therefore, it is appropriate to approach these problems in terms of optics. In this paper, we analysis, in the aspect of frequency, the security characteristics and the noise level occurred in the process of optical visual encryption.