• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.2
• /
• pp.13-24
• /
• 2006

We consider a privacy-preserving cooperative computation protocol evaluating a beneficial function of all participants' secret inputs, such that each party finally holds a share of the function output. We propose a practical privacy-preserving cooperative computation protocol for solving the linear system of equations problem md the linear least-squares problem. Solutions to these problems are widely used in many areas such as banking, manufacturing, and telecommunications. Our multi-party protocol is an efficiently extended version of the previous two-party model.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.3
• /
• pp.65-76
• /
• 2006

This paper deals with an effective algerian aimed at improving the port scan detection in an intrusion detection system (IDS). In particular, a detection correlation algerian is proposed to maximize the detection capability in the network-based IDS whereby the 'misuse' is flagged for analysis to establish intrusion profile in relation to the overall port scan detection process. In addition, we establish an appropriate system maintenance policy for port scan detection as preprocessor for improved port scan in IDS, thereby achieving minimum false positive in the misuse detection engine while enhancing the system performance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.6
• /
• pp.1001-1020
• /
• 2023

As massive increase in remote work since COVID-19, the boundaries between the inside and outside of corporate networks have become blurred. As a result, traditional perimeter security has stagnated business productivity and made it difficult to manage risks such as information leakage. The zero trust architecture model has emerged, but it is difficult to apply to IT environments composed of various companies. Therefore, using the remote work system configuration as an example, we presented a configuration and methodology that can apply zero trust models even in various network environments such as on-premise, cloud, and network separation. Through this, we aim to contribute to the creation of a safe and convenient cyber environment by providing guidance to companies that want to apply zero trust architecture, an intelligent system that actively responds to cyber threats.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2003.05a
• /
• pp.435-438
• /
• 2003

The MS card data transfer system using blue-tooth protocol ran communicate the MS card data wirelessly and does not take an extra communication expense which is a weakness point of existing wireless communication system. This Blue-tooth system, which has excellent security and no extra communication expense, can efficiently communicate data of the place ,where can be solved with small scale wireless network, such as the theme-park or gasoline-station. Existing wireless communication system compose network using wireless-LAN protocol which has extra communication expense, or with RF protocol which has poor security. But this system suitable for LAN because it has not extra communication expense and it has excellent security cause frequency-hopping of Blue-tooth protocol. The MS card data transfer system using blue-tooth protocol has low power, high performance RISC processor and large scale 16-gray graphic LCD which is suitable for portable unit. The MS card data transfer system can efficiently control depot for a long time because it has low power, excellent security and no extra communication expense.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.18 no.5
• /
• pp.267-274
• /
• 2018

This paper introduces a smart door system composed of security system and secretary system. As ratio of single households increase, the security of household became more important. Also already there were a lot of artificial intelligence secretary system based on voice called smart home technology. But It has limits. It can not work without user's requests. That mean it is not automatic. And the voice recognition depend on user's pronounce. Thus in this paper, we design and develop smart door system that is added function of security and secretary. That can inform users that there are outsider in front of their house in real time. Also that can speak information such as user's requirements, delivery and weather information using TTS. As a result they can prevent crimes and use convenient secretary system.

• Journal of Advanced Navigation Technology
• /
• v.18 no.4
• /
• pp.353-358
• /
• 2014

In the past, security on control system was guaranteed by isolation of control system networks from external networks. However as devices of the control systems became more various and interaction between the devices became necessary, effective management system for such network emerged and this triggered connection between control system networks and external system networks. This made management of control system easier but also made control system exposed to various cyber attack threats, Therefore researches on appending security measures on each protocols are in progress. This paper focused on DNP(distributed network protocol)3 protocol which is used for communication between control center and substations. It describes characteristics of DNP3 protocol and research on adding security elements to the protocol. It also analyzed known vulnerabilities of DNP3 protocol and proposed data mining methodology for detecting such vulnerabilities.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.445-446
• /
• 2021

Union file system is a technology that can be used as a single file system by integrating various files and directories. It has the advantage of maintaining the source file/directory used for integration, so it is used in many applications like container platform. When using the union file system, the user accesses the write-able layer, to which the security technology provided by the operating system can be applied. However, there is a disadvantage in that it is difficult to apply a separate security technology to the source file and directory used to create the union file system. In this study, we intend to propose an access control mechanism to deny security threats to source file/directory that may occur when using the union file system. In order to verify the effectiveness of the access control mechanism, it was confirmed that the access control mechanism proposed in this study can protect the source file/directory while maintaining the advantages of the union file system.

• Convergence Security Journal
• /
• v.20 no.1
• /
• pp.41-47
• /
• 2020

In the corporate information system environment, detecting and controlling suspicious behaviors occurring at the end point of the actual business application is the most important area to secure the organization's business environment. In order to accurately detect and block threats from inside and outside, it is necessary to be able to monitor all areas of all terminals in the organization and collect relevant information. In other words, in order to maintain a secure business environment of a corporate organization from the constant challenge of malicious code, everything that occurs in a business terminal such as a PC beyond detection and defense-based client security based on known patterns, signatures, policies, and rules that have been universalized in the past. The introduction of an EDR solution to enable identification and monitoring is now an essential element of security. In this study, we will look at the essential functions required for EDR solutions, and also study the design and development plans of smart EDR systems based on active and proactive detection of security threats.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.719-728
• /
• 2019

Recently, there has been a growing market for shared mobility businesses that share 'transport' such as cars and bikes, and many operators offer a variety of services. However, if the fare can not be charged normally because of security vulnerability, the operator can not continue the business. So there should be no security loopholes. However, there is a lack of awareness and research on shared mobility security. In this paper, we analyzed security vulnerabilities exposed in application log of shared bike service in Korea. We could easily obtain the password of the bike lock and the encryption key of the AES-128 algorithm through the log, and confirmed the data generation process for unlocking using software reverse engineering. It is shown that the service can be used without charge with a success rate of 100%. This implies that the importance of security in shared mobility business and new security measures are needed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.3
• /
• pp.365-378
• /
• 2024

The operating system (OS) of mobiles or embedded devices is based on the Linux kernel. These OSs request random numbers from the Linux kernel for system operation, such as encryption keys and security features. To provide random numbers reliably, the Linux kernel has a dedicated random number generator (Linux Pseudo Random Number Generator, LPRNG). Recently, LPRNG has undergone a major structural changes. However, despite the major changes, no security analysis has been published on the structure of the new LPRNG. Therefore, we analyze these structural changes as a preliminary study to utilize the security analysis of the new LPRNG. Furthermore, the differences between before and after the changes are divided into cryptographic and performance perspectives to identify elements that require security analysis. This result will help us understand the new LPRNG and serve as a base for security analysis.