• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.6
• /
• pp.37-47
• /
• 2005

Recently, the malicious e-mail worm-viruses have been widely spreaded over the Internet. If the recipient opens the e-mail attachment or an e-mail itself that contains the worm-virus, the worm-virus can be activated and then cause a tremendous damage to the system by propagating itself to everyone on the mailing list in the user's e-mail package. In this paper, we have designed and implemented two methods blocking e-mail worm-viruses. In the fist method, each e-mail is transmitted only by sender activity such as the click of button on a mail client application. In the second one, we insert the two modules into the sender side, where the one module transforms a recipient's address depending on a predefined rule only in time of pushing button and the other converts the address reversely with the former module whenever an e-mail is sent. The lader method also supports a polymorphism model in order to cope with the new types of e-mail worm-virus attacks. The two methods are designed not to work for the e-mail viruses. There is no additional fraction on the receiver's side of the e-mail system. Experimental results show that the proposed methods can screen the e-mail worm-viruses efficiently with a low overhead.

• International Journal of Computer Science & Network Security
• /
• v.22 no.11
• /
• pp.141-148
• /
• 2022

The development of the education system and the labor market today requires new conditions for unification and functioning, the introduction of an innovative culture in the field of Education. The construction of modern management of innovative development of a higher education institution requires consideration of the existing theoretical, methodological and practical planes on which its formation is based. The purpose of the article is to substantiate the modern paradigm of organizing the mechanism of managing the innovative development of higher education institutions. Innovation in education is represented not only by the final product of applying novelty in educational and managerial processes in order to qualitatively improve the subject and objects of management and obtain economic, social, scientific, technical, environmental and other effects, but also by the procedure for their constant updating. The classification of innovations in education is presented. Despite the positive developments in the development of Education, numerous problems remain in this area, which is discussed in the article. The concept of innovative development of higher education institutions is described, which defines the prerequisites, goals, principles, tasks and mechanisms of university development for a long-term period and should be based on the following principles: scientific, flexible, efficient and comprehensive. The role of the motivational component of the mechanism of innovative development of higher education institutions is clarified, which allows at the strategic level to create an innovative culture and motivation of innovative activity of each individual, to make a choice of rational directions for solving problems, at the tactical level - to form motives for innovative activity in the most effective directions, at the operational level - to monitor the formation of a system of motives and incentives, to adjust the directions of motivation. The necessity of the functional component of the mechanism, which consists in determining a set of steps and management decisions aimed at achieving certain goals of innovative development of higher education institutions, is proved. The monitoring component of the mechanism is aimed at developing a special system for collecting, processing, storing and distributing information about the stages of development of higher education institutions, prediction based on the objective data on the dynamics and main trends of its development, and elaboration of recommendations.

• Informatization Policy
• /
• v.29 no.1
• /
• pp.24-37
• /
• 2022

Amid rapid changes in the ICT environment attributed to the 4th Industrial Revolution, the development of information & communication technology, and COVID-19, the existing internet developed without considering security, mobility, manageability, QoS, etc. As a result, the structure of the internet has become complicated, and problems such as security, stability, and reliability vulnerabilities continue to occur. In addition, there is a demand for a new concept of the internet that can provide stability and reliability resulting from digital transformation-geared advanced technologies such as artificial intelligence and IoT. Therefore, in order to suggest a way of implementing the Korean future internet that can strengthen cybersecurity, this study suggests the direction and strategy for promoting the future internet that is suitable for the Korean cyber environment through analyzing important key factors in the implementation of the future internet and evaluating the trend and suitability of domestic & foreign research related to future internet. The importance of key factors in the implementation of the future internet proceeds in the order of security, integrity, availability, stability, and confidentiality. Currently, future internet projects are being studied in various ways around the world. Among numerous projects, Bright Internet most adequately satisfies the key elements of future internet implementation and was evaluated as the most suitable technology for Korea's cyber environment. Technical issues as well as strategic and legal issues must be considered in order to promote the Bright Internet as the frontrunner Korean future internet. As for technical issues, it is necessary to adopt SAVA IPv6-NID in selecting the Bright Internet as the standard of Korean future internet and integrated data management at the data center level, and then establish a cooperative system between different countries. As for strategic issues, a secure management system and establishment of institution are needed. Lastly, in the case of legal issues, the requirement of GDPR, which includes compliance with domestic laws such as Korea's revised Data 3 Act, must be fulfilled.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.4
• /
• pp.61-75
• /
• 2011

Recently, there is significant increasing of massive attacks, which try to infect PCs that visit websites containing pre-implanted malicious code. When visiting the websites, these hidden malicious codes can gain monetary profit or can send various cyber attacks such as BOTNET for DDoS attacks, personal information theft and, etc. Also, this kind of malicious activities is continuously increasing, and their evasion techniques become professional and intellectual. So far, the current signature-based detection to detect websites, which contain malicious codes has a limitation to prevent internet users from being exposed to malicious codes. Since, it is impossible to detect with only blacklist when an attacker changes the string in the malicious codes proactively. In this paper, we propose a novel approach that can detect unknown malicious code, which is not well detected by a signature-based detection. Our method can detect new malicious codes even though the codes' signatures are not in the pattern database of Anti-Virus program. Moreover, our method can overcome various obfuscation techniques such as the frequent change of the included redirection URL in the malicious codes. Finally, we confirm that our proposed system shows better detection performance rather than MC-Finder, which adopts pattern matching, Google's crawling based malware site detection, and McAfee.

• Journal of Positioning, Navigation, and Timing
• /
• v.4 no.2
• /
• pp.67-72
• /
• 2015

Power grid techniques are distributed over general power systems ranging from power stations to power transmission, power distribution, and users. To monitor and control the elements and performance of a power system in real time in the extensive area of power generation, power transmission, wide-area monitoring (WAM) and control techniques are required (Sattinger et al. 2007). Also, to efficiently operate a power grid, integrated techniques of information and communication technology are required for the application of communication network and relevant equipment, computing, and system control software. WAM should make a precise power grid measurement of more than once per cycle by time synchronization using GPS. By collecting the measurement values of a power grid from substations located at faraway regions through remote communication, the current status of the entire power grid system can be examined. However, for GPS that is used in general national industries, unexpected dangerous situations have occurred due to its deterioration and jamming. Currently, the power grid is based on a synchronization system using GPS. Thus, interruption of the time synchronization system of the power system due to the failure or abnormal condition of GPS would have enormous effects on each field such as economy, security, and the lives of the public due to the destruction of the synchronization system of the national power grid. Developed countries have an emergency substitute system in preparation for this abnormal situation of GPS. Therefore, in Korea, a system that is used to prepare for the interruption of GPS reception should also be established on a long-term basis; but prior to this, it is required that an evaluation technique for the time synchronization performance of a GPS receiver using an atomic clock within the power grid. In this study, a monitoring system of time synchronization based on GPS at a power grid was implemented, and the results were presented.

• Korean Journal of Optics and Photonics
• /
• v.17 no.3
• /
• pp.248-255
• /
• 2006

Most optical security systems use a 4-f correlator, Mach-Zehnder interferometer, or a joint transform correlator(JTC). Of them, the JTC does not require an accurate optical alignment and has a good potential for real-time processing. In this paper, we propose an image encryption system using a position shift property of the JTC in the Fourier domain and a random phase image. Our encryption system uses two keys: one key is a random phase mask and the other key is a position shift factor. By using two keys, the proposed method can increase the security level of the encryption system. An encrypted image is produced by the Fourier transform for the multiplication image, which resulted from adding position shift functions to an original image, with a random phase mask. The random phase mask and position shift value are used as keys in decryption, simultaneously. For the decryption, both the encrypted image and the key image should be correctly located on the JTC. If the incorrect position shift value or the incorrect key image is used in decryption, the original information can not be obtained. To demonstrate the efficiency of the proposed system, computer simulation is performed. By analyzing the simulation results in the case of blocking of the encrypted image and affecting of the phase noise, we confirmed that the proposed method has a good tolerance to data loss. These results show that our system is very useful for the optical certification system.

• Journal of Intelligence and Information Systems
• /
• v.28 no.2
• /
• pp.57-74
• /
• 2022

Recently, artificial intelligence parking control systems have increased the recognition rate of vehicle license plates using deep learning, but there is a problem that they cannot determine vehicles with fake license plates. Despite these security problems, several institutions have been using the existing system so far. For example, in an experiment using a counterfeit license plate, there are cases of successful entry into major government agencies. This paper proposes an improved system over the existing artificial intelligence parking control system to prevent vehicles with such fake license plates from entering. The proposed method is to use the degree of matching of the front feature points of the vehicle as a passing criterion using the ORB algorithm that extracts information on feature points characterized by an image, just as the existing system uses the matching of vehicle license plates as a passing criterion. In addition, a procedure for checking whether a vehicle exists inside was included in the proposed system to prevent the entry of the same type of vehicle with a fake license plate. As a result of the experiment, it showed the improved performance in identifying vehicles with fake license plates compared to the existing system. These results confirmed that the methods proposed in this paper could be applied to the existing parking control system while taking the flow of the original artificial intelligence parking control system to prevent vehicles with fake license plates from entering.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.15 no.4
• /
• pp.257-270
• /
• 2022

In this paper, we design a smart factory risk improvement system and risk improvement method using AI edge devices. The smart factory risk improvement system collects, analyzes, prevents, and promptly responds to the worker's work performance process in the smart factory using AI edge devices, and can reduce the risk that may occur during work with improving the defect rate when workers perfom jobs. In particular, based on worker image information, worker biometric information, equipment operation information, and quality information of manufactured products, it is possible to set an abnormal risk condition, and it is possible to improve the risk so that the work is efficient and for the accurate performance. In addition, all data collected from cameras and IoT sensors inside the smart factory are processed by the AI edge device instead of all data being sent to the cloud, and only necessary data can be transmitted to the cloud, so the processing speed is fast and it has the advantage that security problems are low. Additionally, the use of AI edge devices has the advantage of reducing of data communication costs and the costs of data transmission bandwidth acquisition due to decrease of the amount of data transmission to the cloud.

• Journal of Digital Convergence
• /
• v.12 no.1
• /
• pp.229-239
• /
• 2014

Smartwork technology, using teleworking, smartwork centers and mobile terminal, provides a flexible work environments without constraints of time and space. Smartwork system to increase the work efficiency has the information protection threats according to their convenience. Thus, in order to build smartwork, it is proper to provide information protection audit to help ensure the information protection. In this paper, we have proposed an infortaion protection audit model at the practical and technical level for building a smartwork environment. We were classified as a terminal, network and server area for information protection, and derived a professional information protection check items. Further, by establishing a smartwork information protection audit time to map ISMS control items, we have proposed an audit model so that it is possible to improve the security and efficiency. It also verified whether the proposed model is suitable or not by doing a survey if deduced audit domain and check items correspond with the purpose of the smartwork information protection audit to auditors and IT specialists. As the result, this study was 97% satisfaction out of 13 check items.

• Journal of Internet Computing and Services
• /
• v.16 no.1
• /
• pp.9-20
• /
• 2015

Nowadays, Smart Wallet technology trend that is able to save users' consuming costs and also retain users' redundant behaviors such as Single-tapping, One-way communication, Integrated ID, has been issued in recent Mobile Industrial Fields. As one of Smart Wallet functions, Integrated ID is proposed for users' convenience, handiness, and immediate responses. It is designed for the effective management of users' IDs which are easy to be forgot because of its unusual structures. To be detail, instead of user, Integrated ID system can certificate users identification from various online sites (where user resisted) authorization requests via one-clicking, not putting identification data in each sites. So, this technology would be helpful much to a certain user who has lots ID and its Password in multiple Online shopping companies by establishing integrated ID. However, although Integrated ID has lots advantages to be used, most Mobile Service Companies has hesitated to apply Integrated ID service in their shopping systems because this technology requires them sharing their users' data. They have worried that this service would be not helpful to gain their profits. Furthermore, Users who join in multiple shopping companies and use Integrated ID services also are difficult to decide which company they have to save their points in before payment because this system could not show any financial benefit analysis data to their users. As following facts, via this paper majorly we propose the advanced Integrated ID system which concern shopping point management. Basically, this system has a strong security payment service and secure network services like other mobile Shopping systems. Additionally, this system is able to service (or to support) shopping -point -saving guide for customers' financial benefits and conveniences.