• The Journal of the Korea institute of electronic communication sciences
• /
• v.4 no.2
• /
• pp.152-161
• /
• 2009

Insider threat is becoming a very serious issue in most organizations and management is responsible for security implementation. This study is to develop a personnel security management indicators in the areas of Personnel Assurance, Personnel Competence, and Security Environment and protection against insider threats. In this study, the information security management system.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.7
• /
• pp.111-118
• /
• 2019

In this age where the social environment is changing rapidly and unpredictably, interest in safety from crime is increasing in Korean society. As the desire to live a life free from the fear of crime increases, interest in the construction of safe cities is also rising nationwide. For this, it is important to develop precision-positioning technology and support-service and intelligent security-service technology based on spatial information. Therefore, this study analyzes cases of multiple CCTV collaboration technology from among the intelligent-security technologies, and evaluates the technology's guarantee system through the evaluation system of the Technology Guarantee Fund, and evaluates continuity based on innovation, spreadability, usability, and proposed commercialization in order to enable utilization and commercialization. As a result of analyzing multiple CCTV collaborative technologies through the evaluation system of the Technology Guarantee Fund, the technology with the highest outlook was given five points, and the others were rated as excellent in terms of spreadability, usability, and differentiation. For innovation, the score was three points lower than the other evaluation items, but we expect to overcome that by introducing the latest technology and converging it with other technologies, such as the Internet of Things.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.4
• /
• pp.747-761
• /
• 2024

Recently, modern vehicles have been controlled by Electronic Control Units (ECUs), by which the safety and convenience of drivers are highly improved. It is known that a luxury vehicle has more than 100 ECUs to electronically control its function. However, the modern vehicles are getting targeted by cyber attacks because of this computer-based automotive system. To address the cyber attacks, automotive manufacturers have been developing some methods for securing their vehicles, such as automotive Intrusion Detection System (IDS). This development is only allowed to the automotive manufacturers because they have databases for their in-vehicle network (i.e., DBC Format File) which are highly confidential. This confidentiality poses a significant challenge to external researchers who attempt to conduct automotive security researches. To handle this restricted information, in this paper, we propose a method to partially understand the DBC Format File by analyzing in-vehicle network traffics. Our method is designed to analyze Controller Area Network (CAN) traffics so that checksum signals are identified in CAN Frame Data Field. Also, our method creates a Lookup Set by which a checksum signal is correctly estimated for a given message. We validate our method with the publicly accessible dataset as well as one from a real vehicle.

• Journal of Internet Computing and Services
• /
• v.19 no.1
• /
• pp.27-35
• /
• 2018

This paper is a study to classify malicious applications in Android environment. And studying the threat and behavioral analysis of malicious Android applications. In addition, malicious apps classified by machine learning were performed as experiments. Android behavior analysis can use dynamic analysis tools. Through this tool, API Calls, Runtime Log, System Resource, and Network information for the application can be extracted. We redefined the properties extracted for machine learning and evaluated the results of machine learning classification by verifying between the overall features and the main features. The results show that key features have been improved by 1~4% over the full feature set. Especially, SVM classifier improved by 10%. From these results, we found that the application of the key features as a key feature was more effective in the performance of the classification algorithm than in the use of the overall features. It was also identified as important to select meaningful features from the data sets.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.11 no.4
• /
• pp.728-736
• /
• 2007

The more improved the Internet and the information technology, the stronger cryptographic system is required which can satisfy the information security on the platform of personal hand-held devices or smart card system. This paper introduces a case study of designing an elliptic curve cryptographic processor of a high performance that can be suitably used in a wireless communicating device or in an embedded system. To design an efficient cryptographic system, we first analyzed the operation hierarchy of the elliptic curve cryptographic system and then implemented the system by adopting a serial cell multiplier and modified Euclid divider. Simulation result shows that the system was correctly designed and it can compute thousands of operations per a secdond.

• The KIPS Transactions:PartC
• /
• v.11C no.5
• /
• pp.697-702
• /
• 2004

As for the digital content, a reproduction is easy and manuscript is identical with original copy. Because of these characteristics, there are difficulties on prevention of an illegal reproduction and an illegal currency. In recent days various digital content service systems based on a web are commercialized. An appropriate copyright protection technology is required so that these systems develop as a profit model. Generally we use encrypted digital content transmission method for the copyright protection on a web base system. At the time of this, it is increased sire of encrypted digital content. As for this, it be increased time required on an execution process. Therefore, a design of the system that considered a execution time and a security is required. In this study, we designed the digital content transmission system that considered execution time and a security through a partial encryption based on a digital content copyright management technique. Also we evaluated performance of a proposed system through analysis.

• The KIPS Transactions:PartC
• /
• v.10C no.1
• /
• pp.17-26
• /
• 2003

Mobile agent system comes into the spotlight since it contributes largely to mobile computing on distributed network environment. However, this system has a number of significant security Problems. In this Paper, we analyze suity attacks to mobile agent system Presented by NIST[3]. In order to protect this system from them, we suggest a security protocol for mobile agent system by employing R based key distribution and digital multi-signature scheme. To solve these problems described in NIST, securities for mobile agent and agent platform shouid be accomplished. Comparing with other protocols, our protocol performs both of these securities, while other protocols mentioned only one of them. Proposed Protocol satisfies simplicity of key management, providing security service such as confidentiality, integrity, authentication and preventing reputation, liveness guarantee, protection of excution-result data and preventing replay attack. Furthermore, it is designed to detect message modification immediately by verifying each step of agent execution at a corresponding server.

• Journal of the Korea Society of Computer and Information
• /
• v.22 no.5
• /
• pp.21-28
• /
• 2017

As technology related to digital imaging equipment is developed and generalized, digital imaging system is used for various purposes in fields of society. The object tracking technology from digital image data in real time is one of the core technologies required in various fields such as security system and robot system. Among the existing object tracking technologies, cam shift technology is a technique of tracking an object using color information of an object. Recently, digital image data using infrared camera functions are widely used due to various demands of digital image equipment. However, the existing cam shift method can not track objects in image data without color information. Our proposed tracking algorithm tracks the object by analyzing the color if valid color information exists in the digital image data, otherwise it generates the lightness feature information and tracks the object through it. The brightness feature information is generated from the ratio information of the width and the height of the area divided by the brightness. Experimental results shows that our tracking algorithm can track objects in real time not only in general image data including color information but also in image data captured by an infrared camera.

• Korean Security Journal
• /
• no.36
• /
• pp.387-416
• /
• 2013

This study's purpose is to present the improvement of effectiveness of security activity for international conference which can be held hereafter. On the basis of security activity problems originating in G20 summit meeding that had been held in Seoul in 2010. I made up questions three times to on the members of the police, military, fire figher and national intelligence service who had experienced in Seoul G20 summit meeding and recognition of possible problem and possibility of improvement on each item of questions was analyzed by Delphi Method. Also interviews with 4 security experts selected from each security agency were conducted to present improvement in each part of problem. The results obtained from the face to face interview with four experts of security-enforcement agency about the role of event site activity stage for international conference are as followings; First, 'security protocol section' protocol and security are needed mutual win-win enough to be compared with adaptative relationship, thereby being demanded the closer cooperation and information exchange. Second, 'situation management section' there is a need of reinforcing the cooperative system between situation rooms of each agency in order to possibly operate all of the security manpower integrally, which are dispersed by function and by event site, in addition to the swift and organic information exchange between wide-area local government and all the security agencies focusing on a preparation planning group. Third, 'security manpower resource management section' there is a need of encouragement and interest in the leadership in order to devise system that all of the security manpower can concentrate on event and to be possibly satisfied the given conditions. Fourth, 'local government cooperative support section' the wide-area local government of a hosting city as international city operates several kinds of the facilities for international conference, supports operation of conference, achieves a ripple effect of event such as tourism, maximizes service of accomodations, and performs the primary responsibility for the maintenance of the traffic facilities, thereby needing to execute special inspection under the responsibility of Si-Do governors.

• Journal of Korean Institute of Industrial Engineers
• /
• v.35 no.1
• /
• pp.51-57
• /
• 2009

There are a variety of users and devices in a context-aware computing environment. In this environment, the service provided to a user may be the composition of diverse services rather than one independent service. Before user's devices provide the composite service to the user, they should perceive user's needs by gathering related information segments from other surrounding devices and/or sensors. We consider a context-aware computing environment providing composite and adapted service to users and propose an information processing model that characterizes the device where the collected data should be processed through services and/or applications. Based on this model, we provide an analytical tool to obtain some performance measures of the context-aware computing environment.