• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.4
• /
• pp.1594-1617
• /
• 2018

In this paper, we consider a spectrum access scenario which consists of two groups of users, namely Primary Users (PUs) and Secondary Users (SUs) in Cooperative Cognitive Radio Networks (CCRNs). SUs cooperatively relay PUs messages based on Amplify-and-Forward (AF) and Decode-and-Forward (DF) cooperative techniques, in exchange for accessing some of the spectrum for their secondary communications. From the literatures, we found that the Conventional Distributed Algorithm (CDA) and Pragmatic Distributed Algorithm (PDA) aim to maximize the PU sum-rate resulting in a lower sum-rate for the SU. In this contribution, we have investigated a suit of distributed matching algorithms. More specifically, we investigated SU-based CDA (CDA-SU) and SU-based PDA (PDA-SU) that maximize the SU sum-rate. We have also proposed the All User-based PDA (PDA-ALL), for maximizing the sum-rates of both PU and SU groups. A comparative study of CDA, PDA, CDA-SU, PDA-SU and PDA-ALL is conducted, and the strength of each scheme is highlighted. Different schemes may be suitable for different applications. All schemes are investigated under the idealistic scenario involving perfect coding and perfect modulation, as well as under practical scenario involving actual coding and actual modulation. Explicitly, our practical scenario considers the adaptive coded modulation based DF schemes for transmission flexibility and efficiency. More specifically, we have considered the Self-Concatenated Convolutional Code (SECCC), which exhibits low complexity, since it invokes only a single encoder and a single decoder. Furthermore, puncturing has been employed for enhancing the bandwidth efficiency of SECCC. As another enhancement, physical layer security has been applied to our system by introducing a unique Advanced Encryption Standard (AES) based puncturing to our SECCC scheme.

• Journal of the Society of Disaster Information
• /
• v.14 no.1
• /
• pp.65-71
• /
• 2018

In this study, it is aimed to prevent the spread of pollutants in the event of a major disaster caused by CBRNE accidents and attacks and build up system to provide optimal transport environment for each patient condition By identifying characteristics of existing products and make them immediately applicable in the field. The purpose of this study is suggesting essential consideration in both functional and performance in the development of the isolation unit. As a result of the study, it suggests (1) basic function, (2) efficient field utilization, (3) isolation unit interface and combination of modules in development of isolation unit.

• Journal of Intelligence and Information Systems
• /
• v.11 no.1
• /
• pp.1-15
• /
• 2005

As organizations search fur more secure authentication methods (Dr user access, e-commerce, and other security applications, biometrics is gaining increasing attention. Biometrics offers greater security and convenience than traditional methods of personal recognition. In some applications, biometrics can replace or supplement the existing technology. In others, it is the only viable approach. Several biometric methods of identification, including fingerprint hand geometry, facial, ear, iris, eye, signature and handwriting have been explored and compared in this paper. They all are well suited for the specific application to their domain. This paper briefly identifies and categorizes them in particular domain well suited for their application. Some methods are less intrusive than others.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.4
• /
• pp.767-780
• /
• 2015

In recent years, as smart phone penetration rate is growing explosively, new forms of cyber crime data is poured out beyond the limits of management system for cyber crime investigation. These new forms of data are collected and stored in police station but, some of data are not systematically managed. As a result, investigators sometimes miss the hidden data which can be critical for a case. Crime data is usually generated by computer which produces complex and huge data and records many logs automatically, so it is necessary to simplify a collected data and cluster by crime pattern. In this paper, we categorize all kinds of cyber crime and simplify crime database and extract critical clues relative to other cases. Through data mining and network-visualization, we found there is correlation between clues of a case. From this result, we conclude cyber crime data mining helps crime prevention, early blocking and increasing the efficiency of the investigation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.397-405
• /
• 2018

Blacklist-based tools are most commonly used to effectively detect suspected malicious processes. The blacklist-based tool compares the malicious code extracted from the existing malicious code with the malicious code. Therefore, it is most effective to detect known malicious codes, but there is a limit to detecting malicious code variants. In order to solve this problem, the necessity of a white list-based tool, which is the opposite of black list, has emerged. Whitelist-based tools do not extract features of malicious code processes, but rather collect reliable processes and verify that the process that checks them is a trusted process. In other words, if malicious code is created using a new vulnerability or if variant malicious code appears, it is not in the list of trusted processes, so it can effectively detect malicious code. In this paper, we propose a method for effectively building a whitelist through research that collects reliable processes in the macOS operating system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1089-1098
• /
• 2018

As the development of quantum computers becomes visible, the researches on post-quantum cryptography to alternate the present cryptography system have actively pursued. To substitute RSA and Elliptic Curve Cryptosystem, post-quantum cryptography must also consider side channel resistance in implementation. In this paper, we propose a side channel analysis on NTRU, based on the implementation made public in the NIST standardization. Unlike the previous analysis which exploits a thousands of traces, the proposed attack can recover the private key using a single power consumption trace. Our attack not only reduces the complexity of the attack but also gives more possibility to analyze a practical public key cryptosystem. Furthermore, we suggested the countermeasure against our attacks. Our countermeasure is much more efficient than existing implementation.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.3
• /
• pp.558-564
• /
• 2016

The network interference gives positive and negative effects to security and QoS simultaneously by disturbing the decoding of receiver and eavesdropper. The transmission of artificial noise enables to indirectly control these contradicting effects. This paper proposed the secrecy enhancement technique via artificial noise with protected zones of transmitter and receiver and investigated its gain by using stochastic geometry. For given arbitrary artificial noise power ratio, we first analyzed connection outage probability and secrecy outage probability for four different scenarios (separated, overlapped, included secrecy protected zones- type A, B) according to distance and size of protected zones of the transmitter and receiver. We then derive the secrecy transmission rate and find the optimal artificial noise power ratio to maximize it. Finally, with numerical examples, we investigate the effects of the system parameters such as size of protected zones of transmitter and receiver on the optimal artificial noise power ratio.

• Journal of Advanced Navigation Technology
• /
• v.17 no.4
• /
• pp.421-428
• /
• 2013

Voice over IP refers to technology that enables routing of voice conversations over the Internet or a TCP/IP network. VoIP communication costs cheaper than traditional analog phone. Phone calls can be made to anywhere / anyone: Both to VoIP numbers as well as people with normal phone numbers. VoIP protocol equipment available today follows the SIP standard. Older VoIP equipment though would follow H 323, MGCP, Megaco/H.248. A SIP server is the main component of an IP PBX, dealing with the setup of all SIP calls in the TCP/IP network. A SIP server is also referred to a Asterisk IP-PBX. A VoIP telephone, also known as a SIP phone or a softphone, allows the user to make phone calls to any softphone, mobile or PC by using App store. A VoIP telephone can be a simple software-based softphone. However, the SIP Server and the program is vulnerable to VoIP attacks. In this paper, eavesdropping attacks tested by using the Asterisk SIP server. Eavesdropping attacks and TLS security methods apply to VoIP system. TLS can be applied to determine whether the eavesdropping available for VoIP Environments.

• Korean journal of communication and information
• /
• v.81
• /
• pp.329-362
• /
• 2017

This study starts from the awareness that 'rebellious communication' is still being regulated in various ways even though 'rebellious communication' was declared unconstitutional in a decision by the Constitutional Court in 2002. The meaning of 'rebellious' has been amplified and transformed at various points through the censorship systems established during the Japanese colonial era, the US military period, and the regime of Park Jung-hee. In particular, 'rebellious communication' is regulated to protect 'national security' and 'social customs' from the perspective of power. This study analyzed discourses containing judgement about the Park Jung-geun case and the violation of the National Security Law using retweet accounts or posts related to North Korea. This study explores the genealogy of 'rebellious communication' based on its relationship to the characteristics of Twitter and specific individuals.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.2
• /
• pp.313-320
• /
• 2015

While various phishing attacks are getting to be increased in constant, their response methods still stay on the stage of responding after identifying an attack. To detect a phishing site ahead of an attack, a method has been suggested with utilizing the Referer header field of HTTP. However, it has a limitation to implement a traffic gathering system for each of prospective target hosts. This paper presents a unknown phishing site detection method in the Interior network environment. Whenever a user try to connect a phishing site, its traffic is pre-processed with considering of the characteristics of HTTP protocol and phishing site. The phishing site detection phase detects a suspicious site under phishing with analysing HTTP content. To validate the proposed method, some evaluations were conducted with 100 phishing URLs along with 100 normal URLs. The experimental results show that our method achieves higher phishing site detection rate than that of existing detection methods, as 66% detection rate for the phishing URLs, and 0% false negative rate for the normal URLs.