• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.3
• /
• pp.493-501
• /
• 2020

For the obfuscation of Flow Analysis on the Android operating system, the size of the Flow Graph can be large enough to make analysis difficult. To this end, a library in the form of aar was implemented so that it could be inserted into the application in the form of an external library. The library is designed to have up to five child nodes from the entry point in the dummy code, and for each depth has 2n+1 numbers of methods from 100 to 900 for each node, so it consists of a total of 2,500 entry points. In addition, entry points consist of a total of 150 views in XML, each of which is connected via asynchronous interface. Thus, the process of creating a Inter-procedural Control Flow Graph has a maximum of 14,175E+11 additional cases. As a result of applying this to application, the Inter Procedure Control Flow Analysis too generates an average of 10,931 edges and 3,015 nodes with an average graph size increase of 36.64%. In addition, in the APK analyzing process showed that up to average 76.33MB of overhead, but only 0.88MB of execution overhead in the user's ART environment.

• The Transactions of the Korea Information Processing Society
• /
• v.7 no.3
• /
• pp.879-890
• /
• 2000

Designing a multilevel database application is a complex process, and the entities and their associated security levels must be represented using an appropriate model unambiguously. It is also important to capture the semantics of a multilevel databse application as accurate and complete as possible. Owing to the focus of the IDEA Methodology for designing the non-secure database applications on the data-intensive systems, the Object Model describes the static structure of the objects in an application and their relationships. That is, the Object Model in the IDEA Methodology is an extended Entity-Relationship model giving a static description of objects. The IDEA Methodology has not been developed the multilevel secure database applications, but by using an existing methodology we could take advantage of the various techniques that have already been developed for that methodology. That is, this way is easier to design the multilevel secure schema than to develop a new model from scratch. This paper adds the security features 새？ Object Model in the IDEA Methodology, and presents the transformation from this model to a multilevel secure object oriented schema. This schema will be the preliminary work which can be the general scheme for the automatic mapping to the various commercial multilevel secure database management system such as Informix-Online/Secure, Trusted ORACLE, and Sybase Secure SQL Server.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.77-91
• /
• 2019

Recent Linux operating systems having been increasingly used, ranging from automotive consoles, CCTV, IoT devices, and mobile devices to various versions of the kernel. Because these devices can be used as strong evidence in criminal investigations, there is a risk of destroying evidence through file deletion. Ext filesystem forensics has been studied in depth because it can recovery deleted files without depending on the kind of device. However, studies have been carried out without consideration of characteristics of file system which may vary depending on the kernel. This problem can lead to serious situations, such as those that can impair investigative ability and cause doubt of evidence ability, when an actual investigation attempts to analyze a different version of the kernel. Because investigations can be performed on various distribution and kernel versions of Linux file systems at the actual investigation site, analysis of the metadata changes that occur when files are deleted by Linux distribution and kernel versions is required. Therefore, in this paper, we analyze the difference of metadata according to the Linux kernel as a solution to this and recovery deleted file. After that, the investigating agency needs to consider the metadata change caused by the difference of Linux kernel version when performing Ext filesystem forensics.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.6
• /
• pp.17-28
• /
• 2002

XTR is a new method to represent elements of a subgroup of a multiplicative group of a finite field GF( $p^{6m}$) and it can be generalized to the field GF( $p^{6m}$)$^{[6,9]}$ This paper progress optimal extention fields for XTR among Galois fields GF ( $p^{6m}$) which can be aplied to XTR. In order to select such fields, we introduce a new notion of Generalized Opitimal Extention Fields(GOEFs) and suggest a condition of prime p, a defining polynomial of GF( $p^{2m}$) and a fast method of multiplication in GF( $p^{2m}$) to achieve fast finite field arithmetic in GF( $p^{2m}$). From our implementation results, GF( $p^{36}$ )longrightarrowGF( $p^{12}$ ) is the most efficient extension fields for XTR and computing Tr( $g^{n}$ ) given Tr(g) in GF( $p^{12}$ ) is on average more than twice faster than that of the XTR system on Pentium III/700MHz which has 32-bit architecture.$^{［6,10］/ ［6,10］/6,10］}$

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.1
• /
• pp.19-26
• /
• 2003

Recently, the number of internet service companies is increasing and so is the number of malicious attackers. Damage such as distrust about credit and instability of the service by these attacks may influence us fatally as it makes companies image failing down. One of the frequent and fatal attacks is DoS(Denial-of-Service). Because the attacker performs IP spoofing for hiding his location in DoS attack it is hard to get an exact location of the attacker from source IP address only. and even if the system recovers from the attack successfully, if attack origin has not been identified, we have to consider the possibility that there may be another attack again in near future by the same attacker. This study suggests to find the attack origin through MAC address marking of the attack origin. It is based on an IP trace algorithm, called Marking Algorithm. It modifies the Martins Algorithm so that we can convey the MAC address of the intervening routers, and as a result it can trace the exact IP address of the original attacker. To improve the detection time, our algorithm also contains a technique to improve the packet arrival rate. By adjusting marking probability according to the distance from the packet origin we were able to decrease the number of needed packets to traceback the IP address.

• Smart Media Journal
• /
• v.10 no.1
• /
• pp.88-98
• /
• 2021

As blockchain technology has emerged as a security issue for IoT, technology which integrates block chain into IoT is being studied. In this paper is a research concerning token-based IoT service access control technology for data sharing, which propose a possessor focused data sharing technic by using the permissioned blockchain. To share IoT health data, a Hyperledger Fabric Network consisting of three organizations was designed to provide a way to share data by applying different access control policies centered on device owners for different services. In the proposed system, the device owner issues access control tokens with different security levels applied to the participants in the organization, and the token issue information is shared through the distributed ledger of the HFN. In IoT, it is possible to lightweight the access control processing of IoT devices by granting tokens to service requesters who request access to data. Furthmore, by sharing token issuance information among network participants using HFN, the integrity of the token is guaranteed and all network participants can trust the token. The device owners can trust that their data is being used within their authorized rights, and control the collection and use of data.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.1
• /
• pp.67-75
• /
• 2022

When acquiring a product having an OS, it is very important to identify the exact kernel version of the OS. This is because the product's administrator needs to keep checking whether a new vulnerability is found in the kernel version. Also, if there is an acquisition requirement for exclusion or inclusion of a specific kernel version, the kernel identification becomes critical to the acquisition decision. In the case of the Linux kernel used in various equipment, sometimes it becomes difficult to pinpoint the device's exact version. The reason is that many manufacturers often modify the kernel to produce their own firmware optimized for their device. Furthermore, if a kernel patch is applied to the modified kernel, it will be very different from its base kernel. Therefore, it is hard to identify the Linux kernel accurately by simple methods such as a specific file existence test. In this paper, we propose a static method to classify a specific kernel version by analyzing function names stored in the symbol table. In an experiment with 100 Linux devices, we correctly identified the Linux kernel version with 99% accuracy.

• Journal of Korean Society of Disaster and Security
• /
• v.16 no.1
• /
• pp.105-113
• /
• 2023

Jeollanam-do has 25 land-to-island and island-to-island bridges, the largest number in Korea. It is a local government rich in specialized marine and tourism resources centered on the archipelago and the sea bridges connecting them. However, in the case of sea-crossing bridges, when strong winds or typhoons occur, there is an issue that increases anxiety among users and local residents due to excessive vibration of the bridge, apart from structural safety of the bridge. In fact, in the case of Cheonsa Bridge in Shinan-gun, which was recently opened in 2019, vehicle traffic restrictions due to strong winds and excessive vibrations frequently occurred, resulting in complaints from local residents and drivers due to increased anxiety. Therefore, based on the data measured using IoT measurement technology, it is possible to relieve local residents' anxiety about the safety management of marine bridges by providing quantitative and accurate bridge vibration levels related to traffic and wind conditions of bridges in real time to local residents. This study uses the existing measurement system and IoT sensor to constantly observe the wind speed and vibration of the marine bridge, and transmits it to local residents and managers to relieve anxiety about the safety and traffic of the sea-crossing bridge, and strong winds and to develop technologies capable of preemptively responding to large-scale disasters.

• International Journal of Computer Science & Network Security
• /
• v.23 no.1
• /
• pp.112-119
• /
• 2023

Traditionally used for networking computers and communications, the Internet has been evolving from the beginning. Internet is the backbone for many things on the web including social media. The concept of social networking which started in the early 1990s has also been growing with the internet. Social Networking Sites (SNSs) sprung and stayed back to an important element of internet usage mainly due to the services or provisions they allow on the web. Twitter and Facebook have become the primary means by which most individuals keep in touch with others and carry on substantive conversations. These sites allow the posting of photos, videos and support audio and video storage on the sites which can be shared amongst users. Although an attractive option, these provisions have also culminated in issues for these sites like posting offensive material. Though not always, users of SNSs have their share in promoting hate by their words or speeches which is difficult to be curtailed after being uploaded in the media. Hence, this article outlines a process for extracting user reviews from the Twitter corpus in order to identify instances of hate speech. Through the use of MPCA (Modified Principal Component Analysis) and ECNN, we are able to identify instances of hate speech in the text (Enhanced Convolutional Neural Network). With the use of NLP, a fully autonomous system for assessing syntax and meaning can be established (NLP). There is a strong emphasis on pre-processing, feature extraction, and classification. Cleansing the text by removing extra spaces, punctuation, and stop words is what normalization is all about. In the process of extracting features, these features that have already been processed are used. During the feature extraction process, the MPCA algorithm is used. It takes a set of related features and pulls out the ones that tell us the most about the dataset we give itThe proposed categorization method is then put forth as a means of detecting instances of hate speech or abusive language. It is argued that ECNN is superior to other methods for identifying hateful content online. It can take in massive amounts of data and quickly return accurate results, especially for larger datasets. As a result, the proposed MPCA+ECNN algorithm improves not only the F-measure values, but also the accuracy, precision, and recall.

• Informatization Policy
• /
• v.30 no.1
• /
• pp.41-66
• /
• 2023

This study aims to reveal the direction of municipal ordinances for smart cities, while focusing on 74 municipal ordinances from 72 municipal governments through topic modeling. As a result, the main keywords that show a high frequency belong to establishment and operations of the Smart City Committee. From the result of topic modeling Latent Dirichlet Allocation(LDA), it classifies municipal ordinances for smart cities into eight topics as follows: Topic 1(security for process of smart cities), Topic 2(promotion of smart city industry), Topic 3(composition of a smart city consultative body for local residents), Topic 4(support system for smart cities), Topic 5(management for personal information), Topic 6(use of smart city data), Topic 7(implementation for intelligent public administration), and Topic 8(smart city promotion). As for topic categorization by region, Topics 5, 6, and 8 which are mostly related to the practical operation of smart cities have a significant portion of municipal ordinances for smart cities in the Seoul metropolitan area. Then, Topics 2, 3, and 4 which are mostly related to the initial implementation of smart cities have a significant portion of municipal ordinances for smart cities in provincial areas.