• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.2
• /
• pp.241-251
• /
• 2015

In public-key cryptographic system based on finite field arithmetic, it is very important to challenge for implementing high speed operation. In this paper, we focused on 8-bit ATmega128 processor and concentrated on enhancing efficiency of reduction operation which uses irreducible polynomial $f(x)=x^{271}+x^{207}+x^{175}+x^{111}+1$ and $f(x)=x^{193}+x^{145}+x^{129}+x^{113}+1$. We propose optimized reduction algorithms which are designed to reduce repeated memory accesses by calculating final reduced values of Fast reduction. There are 53%, 55% improvement when proposed algorithm is implemented using assembly language, compare to previous Fast reduction algorithm.

• Convergence Security Journal
• /
• v.7 no.2
• /
• pp.101-106
• /
• 2007

Recently, Ubiquitous innovation is being promoted so that they can support the uHealthcare provide management to human's health. It is thus necessary to conduct such research on the medical care environment where there is a high demand for utilization of status information. In the current situation, there is a lack of research on measures of security processing and monitoring patient status information produced from rapid growth of infra within Medical environment. This study suggests a solution of using RFID to gather patient information such as inpatient information, location of treatment room, progress of patient, humidity, temperature, and diagnostic status, after which the information are protect and processed using security level method.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.5 no.5
• /
• pp.477-486
• /
• 2010

This Study suggests security directions to reconstruct separate network of Smart Grid and information communication network as one communications system and implement Smart Grid integrated information communication network. In addition, it suggests prevention directions to prevent future cyber attacks by reorganizing network as the key three-stage network and separating TCP/IP four layers that consist of existing information communication network from Smart Grid. Moreover, it suggests the foundation for the study and the test by providing current problems of Smart Grid, weak points, and three security models. This study is meaningful to suggest development directions and situations as a technology of future-oriented electric industries, integrate attacks and preventions of TCP/IP Layers with Smart Grid, and seek for a new technology of Smart Grid and future tasks for Smart Grid information security.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.15 no.5
• /
• pp.3086-3092
• /
• 2014

The FTP that provides file transfer capabilities to/from another station cannot provides data confidentialities. The FTPS and SFTP can support a security functionalities. The FTPS needs a SSL layer and SFTP use a functions of SSH. And therefore the FTPS or SFTP needs an additional modules such as SSL or SSH. In this paper, we propose a new Secured FTP protocol that can support the security functions without extra security system. The Secured FTP uses Diffie-Hellman key agreement algorithm for shared secret key generation and AES-Counter algorithm for data encryption algorithm. Our designed Secured FTP is implemented in Linux environments and the proper operations of implemented Secured FTP is verified.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.835-845
• /
• 2019

File Carving is a technique for attempting to recover a file without metadata, such as a formated storage media or a damaged file system, and generally looks for a specific header / footer signature and data structure of the file. However, file carving is faced with the problem of recovering fragmented files for a long time, and it is very important to propose a solution for digital forensics because important files are relatively fragmented. To overcome these limitations, various carving techniques and tools are continuously being developed, and data sets from various researches and institutions are provided for functional verification. However, existing data sets are ineffective in verifying tools because of their limited environmental conditions. Therefore, this paper refers to the importance of fragmented file carving and develops 16 images for carving tool verification based on scenarios. The developed images' carving rate and accuracy of each media is shown through Foremost which is well known as a commercial carving tool.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.4
• /
• pp.719-731
• /
• 2012

One of the most important point in the Internet crime investigation is tracing back and pointing out a criminal host. However, criminals can forge a crime record stored in the crime host, or can utilize malicious applications in order not to leave a crime record. In addition, criminals can change the source IP address of a crime host and deny their involvement. In this study, we suggests the Network Forensic Evidence Generation and Verification Scheme (NFEGVS) to rectify the current limitation of Network Forensic technologies. This scheme can prove who and when the crime has occurred. In addition, this prevents leaking of symmetric key for guaranteeing certification and integrity of Forensic Evidence by proposing the Timestamp Secret Key Distribution Scheme, and minimizes performance degradation of router when generating forensic evidence with the Flow-Based Selection Scheme. In this paper, we implement the proposed scheme and evaluate overall performance of the proposed system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.6
• /
• pp.49-61
• /
• 2009

Recently, a great attention has been paid to a vehicle black box device in the auto markets since it provides an accident re-construction based on the data which contains audio, video, and some meaningful driving informations. It is expected that the device will get to promote around commercial vehicles and the market will greatly grow within a few years. Drivers who equips the device in their car believes that it can find the origin of an accident and help an objective judge. Unfortunately, the current one does not provide the integrity of the data stored in the device. That is the data can be forged or modified by outsider or insider adversary because it is just designed to keep the latest data produced by itself. This fact cause a great concern in car insurance and law enforcement, since the unprotected data cannot be trusted. To resolve the problem, in this paper, we propose a novel real-time integrity protection scheme for vehicle black box device. We also present the evaluation results by simulation using our software implementation.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.13 no.3
• /
• pp.9-15
• /
• 2013

Recently, Intrusion detection system is an important technology in computer network system because of has seen a dramatic increase in the number of attacks. The most of intrusion detection methods do not detect intrusion on real-time because difficult to analyze an auditing data for intrusions. A network intrusion detection system is used to monitors the activities of individual users, groups, remote hosts and entire systems, and detects suspected security violations, by both insider and outsiders, as they occur. It is learns user's behavior patterns over time and detects behavior that deviates from these patterns. In this paper has rule-based component that can be used to encode information about known system vulnerabilities and intrusion scenarios. Integrating the two approaches makes Intrusion Detection System a comprehensive system for detecting intrusions as well as misuse by authorized users or Anomaly users (unauthorized users) using RFM analysis methodology and monitoring collect data from sensor Intrusion Detection System(IDS).

• Korean Security Journal
• /
• no.36
• /
• pp.493-523
• /
• 2013

The purpose of this research is to deduce the frailties of the operating condition of Korea's national crisis management system through a comprehensive perspective analysis. It is then to present efficient measures through the enhancement of these infirmities. For this, after examining the fundamental theory, we presented a development direction based on the current status of the 6 key systems composing the national crisis management system. We also included items regarding each of the policy proposal in our conclusion. The fundamental theory of Korea's national crisis management system has been integrated based on a comprehensive security concept. However, the system development which drives the integrated structure still remains solely as a legal and structural category. Thus, operating, informing-oriented, supporting management, and rearing professional manpower systems have yet to be cultivated with efficiency. In conclusion, this research is to present a development direction from a conceptual dimension and to analyze the current status of the 6 key systems which are law, organization, operation, information-oriented, support management, training, and education. Finally, this research highlights the policy measures to fully maximize system efficiency.

• Journal of Korean Society of Disaster and Security
• /
• v.6 no.1
• /
• pp.9-17
• /
• 2013

Government ministries operate various system dealing with filed civil appeals. There are representative systems such as Safety Monitoring System of the Ministry of Public Administration and Security (MOPAS), Disaster Premonitory Information System of the National Emergency Management Agency (NEMA), Facilities Hazard Information System of the Ministry of Land, Transportation and Maritime Affairs (MLTM), Environmantal Monitoring System of the Ministry of Environment (ME). The purpose managing these systems is to reduce casualties and to improve safety by preventing disasters and accidents in local communities. This study suggests the method to effectively operate a safety monitoring system which fits to local situations based on the statistical analysis performed on filed complaint cases in Gangdong-gu as a sample region. The cases has been collected since 2012 through the voluntary safety monitoring activity of a specialist who had finished the Emergency and Safety maneger's master course.