• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.11
• /
• pp.2160-2168
• /
• 2015

The SSL/TLS, one of the most popular encryption protocol, was developed as a solution of various network security problem while the network traffic has become complex and diverse. But the SSL/TLS traffic has been identified as its protocol name, not its used services, which is required for the effective network traffic management. This paper proposes a new method to generate service signatures automatically from SSL/TLS payload data and to classify network traffic in accordance with their application services. We utilize the certificate publication information field in the certificate exchanging record of SSL/TLS traffic for the service signatures, which occurs when SSL/TLS performs Handshaking before encrypt transmission. We proved the performance and feasibility of the proposed method by experimental result that classify about 95% SSL/TLS traffic with 95% accuracy for every SSL/TLS services.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.9 no.10
• /
• pp.1125-1130
• /
• 2014

The quantity and quality of contents containing information are sharply increasing with the rising network speed. In line with this rapid growth of information volume, a new communication protocol using the chaotic signal that can protect contents in communication is proposed as follows. The chaos system has the characteristic of unpredictability due to the sensitive initial values and the similarity of the signals with noise. We configured two chaos systems $F(X_n,Y_n)$ and $G(A_n,B_n)$ that have such characteristics and designed a data communication method using as encryption channel the same chaos signals generated by synchronizing the chaos system G with the F signals. The proposed method was verified with the encryption and decryption of images. The proposed method is different from the existing encrypted communication methods and is expected to lay the foundation for future studies in related areas.is an example of ABSTRACT format.

• Convergence Security Journal
• /
• v.11 no.4
• /
• pp.43-49
• /
• 2011

Web-based health information provides a lot of conveniences, however the security vulnerabilities that appear in the network environment without the risk of exposure in the use of information are growing. Web-based medical information security issues when accessing only the technology advances, without attempting to seek a safe methodology are to increase the threat element. So it is required. to take advantage of web-based information security measures as a web-based access control security mechanism-based design. This paper is based on software architecture, design, ideas and health information systems were designed based on access control security mechanism. The methodologies are to derive a new design procedure, to design architecture and algorithms that make the mechanism functio n. To accomplish this goal, web-based access control for multiple patient information architecture infrastructures is needed. For this software framework to derive features that make the mechanism was derived based on the structure. The proposed system utilizes medical information, medical information when designing an application user retrieves data in real time, while ensuring integration of encrypted information under the access control algorithms, ensuring the safety management system design.

• Journal of Korea Multimedia Society
• /
• v.10 no.1
• /
• pp.58-65
• /
• 2007

This dissertation proposes digital video protection algorithm lot moving image based on MPEG. Shuffling-based encryption algorithms using a fixed random shuffling table are quite simple and effective but vulnerable to the chosen plaintext attack. To overcome this problem, it is necessary to change the key used for generation of the shuffling table. However, this may pose a significant burden on the security key management system. A better approach is to generate the shuffling table based on the local feature of an image. In order to withstand the chosen plaintext attack, at first, we propose a interleaving algorithm that is adaptive to the local feature of an image. Secondly, using the multiple shuffling method which is combined interleaving with existing random shuffling method, we encrypted the DPCM processed 8*8 blocks. Experimental results showed that the proposed algorithm needs only 10% time of SEED encryption algorithm and moreover there is no overhead bit. In video sequence encryption, multiple random shuffling algorithms are used to encrypt the DC and AC coefficients of intra frame, and motion vector encryption and macroblock shuffling are used to encrypt the intra-coded macroblock in predicted frame.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.7
• /
• pp.1510-1516
• /
• 2011

As emergence of the ubiquitous society, it is possible to access the network for services needed to us in anytime and anywhere. The phenomena has been accelerated by revitalization of the sensor network offering the sensing information and data. Currently, sensor network contributes the convenience for various services such as environment monitoring, health care and home automation. However, sensor network has a weak point compared to traditional network, which is easily exposed to attacker. For this reason, messages communicated over the sensor network, are encrypted with symmetric key and transmitted. A number of symmetric cryptography algorithms have been researched. Among of them HIGHT algorithm in hardware and software implementation are more efficient than tradition AES in terms of speed and chip size. Therefore, it is suitable to resource constrained devices including RFID tag, Sensor node and Smart card. In the paper, we present the optimized software implementation on the ultra-light symmetric cryptography algorithm, HIGHT.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.12
• /
• pp.2933-2942
• /
• 2015

This paper proposes a new method which traces significant element of 2-dimensional natural images and encrypts them by using Fresnelet transform (FRNLT). After analyzing property of the subbands obtained by the FRNLT, we estimated the information for ciphering 2D images. Considering FRNLT levels, energy of subbands, and visual effect, we estimated the optimized point for encryption. By selecting various levels and encrypting region, we can encrypt 2D image with various robustness. Encryption effectiveness was showed by analyzing numerical result, executing time for encryption, area of encrypted region, and visual observation. Therefore encryption for various application can be applied by using the suggested parameters without additional analysis. Identifying the experimental result, in the case of $L_{TH}=4$ and $L_{TH}=4$, an image was not recognized through encrypting only 0.42% among the entire data.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.11
• /
• pp.148-154
• /
• 2016

Video security has recently emerged as an important issue owing to CCTV video image spill accidents over the Internet. KISA recommends the use of encryption protocols for remote access through its guidelines for CCTV personal video information protection. But still, many products do not adhere to the guidelines, and those products are easily exposed to security threats, such as hacking. To solve these security vulnerabilities, this paper proposes a CCTV system that connects from remote locations, and is implemented by using secure shell (SSH) tunneling techniques. The system enhances security by transmitting encrypted data by using SSH. By using the tunneling technique, it also solves the problem of not being able to access a CCTV recorder located inside a firewall. For evaluation of the system, this paper compares various CCTV remote access schemes and security. Experimental results on the effectiveness of the system show it is possible to obtain remote access without a significant difference in transmission quality and time. Applying the method proposed in this paper, you can configure a system secure from the threats of hacking.

• Journal of Arbitration Studies
• /
• v.21 no.2
• /
• pp.47-64
• /
• 2011

The China International Economic and Trade Arbitration Commission(CIETAC) released online arbitration rules which apply the resolution of disputes over electronic commerce transactions, as well as other economic and trade disputes in which the parties agree to do. The evidence submitted by the parties may be electronic evidence created, sent, received or stored by electronic, optical or magnetic means. Electronic evidence with a reliable electronic signature shall carry the same effect and probative force as a document with a hand-written signature. Where a case is tried in a tribunal, the arbitration tribunal shall conduct an online trial hearing using internet video conference or other electronic or computer communication means. Unless the parties have another agreement, summary procedure shall apply to cases where the amount in dispute exceeds RMB 100,000 but no more than RMB 1 million, or where the amount in dispute exceeds RMB 1 million and a party submits a written application for summary procedure after obtaining the written consent of the other party. Unless the parties have agreed otherwise, fast-track procedure shall apply to cases where the amount in dispute does not exceed RMB 100,000 or where the amount in dispute exceeds RMB 100,000 and a party submits a written application for fast-track procedure after obtaining the written consent of the other party. Notable features of the Online Rules are as follows; first, there is not detailed consideration for online arbitration. Second, communications between the parties and the tribunal are allowed only through the Secretariat. Third, elaborate provisions regarding the electronic submission and transmission of documents is provided for. Forth, various factors must be considered by the tribunal in deciding the evidence's reliability. Fifth, reasonable endeavours is levied on CIETAC to keep data communications secure and encrypted. Sixth, the tribunal has the right to investigate and collect relevant evidence. And finally different procedures are provided for in consideration of the various types of E-commerce.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.3
• /
• pp.603-611
• /
• 2013

In this paper, we propose a new method which estimates and encrypts significant component of digital image such as digital cinema using discrete wavelet packet transform (DWPT). After analyzing the characteristics of images in spatial and frequency domain, the required information for ciphering an image was extracted. Based on this information an ciphering method was proposed with wavelet transform and packetization of subbands. The proposed algorithm can encrypt images in various robust from selecting transform-level and energy threshold. From analyzing the encryption effect numerically and visually, the optimized parameter for encryption is presented. Without additional analyzing process, one can encrypt efficiently digital image using the proposed parameter. Although only 0.18% among total data is encrypted, the reconstructed image dose not identified. The paketization information of subbands and the cipher key can be used for the entire secret key.

• Journal of KIISE:Computer Systems and Theory
• /
• v.36 no.5
• /
• pp.387-395
• /
• 2009

The establishment of security architecture is essential because security vulnerabilities occur such as user's unjustifiable connection for the opened gateway and access to resources without permission in OSGi service platform environment. In this paper, it proposes a authentication technique for an Automatic user authentication which is used the Symmetric Key and the Service bundle authentication to consider the constraints of the hardware in the OSGi service platform environment. Typically, the type of entering a password is used for the user authentication mechanism however OSGi platform environment studies not entering the password but using MAC address and encrypted identifier of the automatic user authentication mechanism because the devices are limited in their input. In this paper, the Symmetric Key is used for bundle authentication mechanism. Therefore operation becomes quick and secure authentication process has been successfully completed by using the time data and a ticket which contains a license. Based on these two different authentication mechanisms, it could eliminate the constraints of resources and improve the convenience of users and administrators. Also it shows an effect from omitting the waiting time to enter a password and reducing operations which need for authentication in the OSGi service platform environment.