• Journal of Convergence Society for SMB
• /
• v.5 no.3
• /
• pp.15-20
• /
• 2015

There have been consumer needs for mobile payment system due to the rapid increase in the number of smartphones and the use of them. In tum, the market has been expanding as IT companies begin to participate in the mobile payment system business. Moreover, since the system supports better services not only covering payment service but also interworking with various apps in devices, it has been maximizing the consumer convenience. Although the convenience increased due to the mobile payment system, the vulnerability in security also increased; and smartphone users have been afraid of using the mobile payment system. This study is to examine Samsung Pay and Apple Pay, to present the vulnerability, and to suggest a countermeasure.

• Journal of the Korea Society of Computer and Information
• /
• v.11 no.6 s.44
• /
• pp.211-219
• /
• 2006

As the wireless network is popular and expanded, it is necessary to development the IDS(Intrusion Detection System)/Filtering System from the malicious wireless traffic. We propose the W-Sensor SW which detects the malicious wireless traffic and the W-TMS system which filters the malicious traffic by W-Sensor log in this paper. It is efficient to detect the malicious traffic and adaptive to change the security rules rapidly by the proposed W-Sensor SW. The designed W-Sensor by installing on a notebook supports the mobility of IDS in compare with the existed AP based Sensor.

• Journal of Electrical Engineering and Technology
• /
• v.8 no.3
• /
• pp.633-637
• /
• 2013

A wide range of applications for Foot Print Recognition System is discussed in this paper. The whole concept works under the principle that foot print is a parameter associated with biometrics that is very common as well as distinct. Its foremost application is at the government hospitals in the under developed and third world nations where there aren't the best of facilities. This system can be applied in the maternity ward of the hospitals for the identification or differentiation of the infants. Till date there has been no specialized system adopted for this purpose. The Foot Print Recognition System will overcome all the defects of any biometrics when applied here. Since the child will be very delicate for an iris scan and it will not be able to open its eyes wide or to correctly place its finger print on the sensor since the hands of a new born infant will be closed for a while. The Foot Print Recognition system can also be implemented in temples where there are cases of theft often reported. This can be used to grant access to the karpagraham of the deity by authorized users alone. These 2 applications of FPRS are discussed in this paper.

• Journal of Information Processing Systems
• /
• v.16 no.2
• /
• pp.301-317
• /
• 2020

An enterprise patch-management system (PMS) typically supplies a single point of failure (SPOF) of centralization structure. However, a Blockchain system offers features of decentralization, transaction integrity, user certification, and a smart chaincode. This study proposes a Hyperledger Fabric Blockchain-based distributed patch-management system and verifies its technological feasibility through prototyping, so that all participating users can be protected from various threats. In particular, by adopting a private chain for patch file set management, it is designed as a Blockchain system that can enhance security, log management, latest status supervision and monitoring functions. In addition, it uses a Hyperledger Fabric that owns a practical Byzantine fault tolerant consensus algorithm, and implements the functions of upload patch file set, download patch file set, and audit patch file history, which are major features of PMS, as a smart contract (chaincode), and verified this operation. The distributed ledger structure of Blockchain-based PMS can be a solution for distributor and client authentication and forgery problems, SPOF problem, and distribution record reliability problem. It not only presents an alternative to dealing with central management server loads and failures, but it also provides a higher level of security and availability.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.2
• /
• pp.628-649
• /
• 2017

Security and resource-saving are both demands of the fifth generation (5G) wireless networks. In this paper, we study the secrecy spectrum efficiency (SSE) and secrecy energy efficiency (SEE) of a K-tier massive multiple-input multiple-output (MIMO) enabled heterogeneous cellular network (HetNet), in which artificial noise (AN) are employed for secrecy enhancement. Assuming (i) independent Poisson point process model for the locations of base stations (BSs) of each tier as well as that of eavesdroppers, (ii) zero-forcing precoding at the macrocell BSs (MBSs), and (iii) maximum average received power-based cell selection, the tractable lower bound expressions for SSE and SEE of massive MIMO enabled HetNets are derived. Then, the influences on secrecy oriented spectrum and energy efficiency performance caused by the power allocation for AN, transmit antenna number, number of users served by each MBS, and eavesdropper density are analyzed respectively. Moreover, the analysis accuracy is verified by Monte Carlo simulations.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.16 no.1
• /
• pp.99-109
• /
• 2020

In the past, conservative concepts have been applied in terms of the characteristic of nuclear power plants(NPPs), resulting in analog-based equipment and closed networks. However, as digital technology has recently been applied to the design, digital-based facilities and communication networks have been used in nuclear power plants, increasing the risk of cybersecurity than using analog-based facilities. Nuclear power plant facilities are divided into a safety system and a non-safety system. It is essential to identify the difference and cope with cybersecurity threats to the safety system according to its characteristics. In this paper, we examine the cybersecurity regulatory guidelines for safety systems in nuclear power plant facilities. Also, we analyze cybersecurity threats to a programmable logic controller of the safety system and suggest cybersecurity requirements be applied to it to respond to the threats. By implementing security functions suitable for the programmable logic controller according to the suggested cybersecurity requirements, regulatory guidelines can be satisfied, and security functions can be extended according to other system requirements. Also, it can effectively cope with cybersecurity attacks that may occur during the operation of nuclear power plants.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.2
• /
• pp.338-343
• /
• 2006

This paper describes about the design concept and the architecture of an economic VPN system which can perform fast crypto operations with cheap cost. The essence of the proposed system architecture is consisting of the system with two companion chips dedicated to VPN: one chip is a multi-purpose network processor for security machine and the other is a crypto acceleration chip which encrypt and decrypt network packets in a high speed. This study also addresses about some realizations that is required for fast prototyping such as the porting of an operating system, the establishment of compiler tool chain, the implementation of device drivers and the design of IPSec security engine. Especially, the second chip supports the most time consuming block cipher algorithms including 3DES, AES, and SEED and its performance was evaluated.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1994.11a
• /
• pp.51-66
• /
• 1994

A divisible off-line electronic cash system based on cut-and-choose has first been proposed by [OO91] and recently more efficient single term divisible cash system was presented in [EO94] which is based on Brand's scheme [Bra93]. In this paper, we present a different type of single term divisible electronic cash system which is more efficient than previously proposed systems such as [OO91], [YLR93], and [EO94] in the standpoint of the amount of communication, the number of modular multiplications required in the payment transactions, and the storage requirement in the withdrawal protocol. Our scheme is a modified version of [LL93], where the major improvement has been made in its withdrawal transaction to introduce untraceability and multi-spendability. We have borrowed the idea of the withdrawal protocol of our scheme from [EO94] with minor modifications. Transferability in our scheme allows only a finite number of transfer. Our scheme satisfies an the desirable properties of an electronic cash system such as untraceability, divisibility and transferability. In addition, we present a n-spendable cash. The basic idea of extension to multi-spendability has been borrowed from [Bra93] with minor modifications.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.4
• /
• pp.177-186
• /
• 2003

DRM(Digital Rights Management) is a technology that manages secure distributions and copyrights of digital contents on the Internet. It is general giving the rights to use the encrypted contents that are downloaded by a simple authorization process in the existing DRM system. Once this is done you are allowed to access. In this paper, we use RTP(Real-time Transport Protocol) for end-to-end real-time data transmission. And the system is designed to make it Possible to Protect copyrights and to distribute contents with safety through periodic authentication. We implemented DRM system to stand this basis. The proposed system vests only authorized users with authority to access the license. Hence it prevents contents to be distributed and copied illegally on networks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.2
• /
• pp.295-311
• /
• 2023

Cloud computing has evolved significantly, intending to provide users with fast, dependable, and low-cost services. With its development, malicious users have become increasingly capable of attacking both its internal and external security. To ensure the security of cloud services, encryption, authorization, firewalls, and intrusion detection systems have been employed. However, these single monitoring agents, are complex, time-consuming, and they do not detect ransomware and zero-day vulnerabilities on their own. An innovative Record and Replay-based hybrid Honeynet (R2NET) system has been developed to address this issue. Combining honeynet with Record and Replay (RR) technology, the system allows fine-grained analysis by delaying time-consuming analysis to the replay step. In addition, a machine learning algorithm is utilized to cluster the logs of attackers and store them in a database. So, the accessing time for analyzing the attack may be reduced which in turn increases the efficiency of the proposed framework. The R2NET framework is compared with existing methods such as EEHH net, HoneyDoc, Honeynet system, and AHDS. The proposed system achieves 7.60%, 9.78%%, 18.47%, and 31.52% more accuracy than EEHH net, HoneyDoc, Honeynet system, and AHDS methods.