• KIPS Transactions on Computer and Communication Systems
• /
• v.6 no.1
• /
• pp.43-50
• /
• 2017

Use-After-Free security problem is rapidly growing in popularity, especially for attacking web browser, operating system kernel, local software. This security weakness is difficult to detect by conventional methods. And if local system or software has this security weakness, it cause internal security problem. In this paper, we study ways to remove this security weakness in software development by summarize the cause of the Use-After-Free security weakness and suggest ways to remove them.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.621-635
• /
• 2012

Although most proposed security schemes have scrutinized their own security models for protecting different types of threats and attacks, this naturally causes a problem as follows-- if a security analysis tool would fit a certain scheme, it may not be proper to other schemes. In order to address this problem, this paper analyzes how security requirements of each paper could be different by comparing with two schemes: Agrawal et al.'s scheme OPES (Order Preserving Encryption Scheme) and Zdonik et al.'s FCE (Fast Comparison Encryption). Zdonik et al. have formally disproved the security of Agrawal et al.'s scheme OPES. Thereafter, some scholars have wondered whether the OPES can guarantee its applicability in a real world for its insecurity or not. However, the analysis by Zdonik et al. does not have valid objectivity because they used the security model INFO-CPA-DB for their scheme FCE to analyze Agrawal et al.'s scheme OPES, in spite of the differences between two schemes. In order to analyze any scheme correctly and apply it to a real world properly, the analysis tool should be comprehensively standardized. We re-analyze Zdonik et al.'s analysis for OPES and then propose general formalizations of security and privacy for all of the encrypted retrieval systems. Finally, we recommend the minimum level of security requirements under our formal definitions. Additional considerations should be also supplemented in accordance with the conditions of each system.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2024.01a
• /
• pp.105-108
• /
• 2024

랜섬웨어는 Ransom(몸값)과 Software(소프트웨어)의 합성어로, 데이터를 암호화하여 이를 인질로 금전을 요구하는 악성 프로그램이다. 블랙캣(BlackCat)과 같은 랜섬웨어가 스위스 항공 서비스 기업의 시스템을 마비시키는 공격을 시도하였으며, 이와 같은 랜섬웨어로 인한 피해는 지속적으로 발생하고 있다. 랜섬웨어에 의한 피해 감소 및 방지를 위하여, 다양한 랜섬웨어 탐지방안이 등장하였으며, 최근 행위 기반 침입탐지 시스템에 인공지능 기술을 결합하여 랜섬웨어를 탐지하는 방안이 연구되는 실정이다. 인공지능 기술은 딥러닝 및 하드웨어의 발전으로 데이터를 처리할 수 있는 범위가 넓어지면서, 다양한 분야와 접목하여 랜섬웨어 탐지를 위한 시스템에 적용되고 있지만, 국내는 국외만큼 활발하게 연구되지 않고 연구 개발 단계에 머물러 있다. 따라서 본 논문에서는 랜섬웨어에 감염된 파일에서 나타나는 특징 중 하나인 엔트로피를 데이터 분석에 활용함으로써, 랜섬웨어를 탐지하는 시스템을 제안하고 설계하였다.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2024.01a
• /
• pp.485-488
• /
• 2024

본 논문에서는 전기차 시장의 성장 및 수요 증가로 인한 충전 인프라 부족에 대한 문제를 해소하기 위한 방안으로, 센서를 활용한 각 자리별 빈 주차 자리 확인 기능과 전기차 충전 자리의 남은 대기 시간에 대한 정보를 실시간 모니터링 할 수 있는 시스템을 구현하였다. 기존의 LED 표시등의 정보를 웹사이트를 통해 시각적으로 전달하며, 실시간으로 주차 여유 공간과 전기차 충전 자리의 대기 시간을 확인할 수 있게 하였다. 더불어 발레 파킹 서비스와의 융합을 통해 충전 완료 후 차량 이동의 불편함 및 인프라 운영의 효율을 늘리는 방안을 제안해본다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.05a
• /
• pp.727-730
• /
• 2011

본 논문에서는 무선 센서네트워크 환경에 적용할 수 있는 외부 노드의 침입을 탐지하는 방법을 제안하였다. 센서노드의 무선통신을 지원하는 네트워크 장치에 고유하게 부여된 MAC 주소를 이용하여 외부로부터의 허락되지 않는 노드의 네트워크 내부로의 침입을 감지하는 방안을 제안하였다. 실제 센서노드를 이용한 침입탐지 시스템을 개발, 실험을 통하여 효율성을 확인하였다.

• Convergence Security Journal
• /
• v.14 no.3_2
• /
• pp.3-12
• /
• 2014

The government was fully aware of the gravity of a recent massive leak of personal information of credit card users. Meanwhile, the government just took a light disciplinary action by imposing a fine, but it showed its intention to strengthen the regulations by taking the severest disciplinary action. The tightened regulations against personal information leak will be applied to the private security industry without exception to protect individual people's property and lives if such an incident occurs in that industry that deals with a wide variety of personal information such as CCTV data or privacy information all the time. The purpose of this study was to examine the state of the protection and management of personal information for service users among private security firms in an effort to suggest some reform measures. The findings of the study were as follows: First, administrators or managers who are involved with personal information protection should make a full-fledged effort to gather information. Second, counseling or related programs should be provided for small and mid-sized security firms to guarantee thorough personal information protection. Third, Korea Security Association should improve the educational system related to personal information protection to resolve problems with this education currently provided for managers and employees of these companies.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2003.05a
• /
• pp.439-442
• /
• 2003

In this paper, a system that implementation of Access Control System Using Biometric System. Biometrics is science which deals with verifying or recognizing using physiological or behavioral characteristic Access Control System uses Biometric system to make an access control system. Biometrics goes under the study of bio-recognition or bio-measurement. It is a technology or study that identifies individuals using one's Biometric character. Access control system is a system used to identify one's entrance and exit, personal management, and security. Access control system can be joined with Biometric system to produce easier use and more sufficient effects. Access control system using Wiegand (Data Format) signal output, can replace earlier RF Card systems and make an access control (security) system. It uses RS-232, Rs-422 or TCP/IP type communication with the computer so an embedded system can be controlled using the software.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.11
• /
• pp.4145-4162
• /
• 2021

During the period of epidemic prevention and control, contact tracing systems are developed in many countries, to stop or slow down the progression of COVID-19 contamination. However, the privacy issues involved in the use of contact tracing apps have also attracted people's attention. First, we divide contact tracing techniques into two types: Bluetooth Low Energy (BLE) based and Global Positioning System (GPS) based techniques. In order to clear understand the system structure and its elements, we create data flow diagram (DFD) of each types. Second, we analyze the possible privacy threats contained in various types of contact tracing apps by applying LINDDUN, which is a threat modeling technique for personal information protection. Third, we make a comparison and analysis of various contact tracing techniques from privacy point of view. These studies can facilitate improve tracing and security performance to contact tracing apps through comparisons between different types.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2001.11a
• /
• pp.147-152
• /
• 2001

This research aims to unravel the significant features of the human immune system, which would be successfully employed for a novel network intrusion detection model. Several salient features of the human immune system, which detects intruding pathogens, are carefully studied and the possibility and the advantages of adopting these features for network intrusion detection are reviewed and assessed.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.4
• /
• pp.239-248
• /
• 2007

There's been a difficulty for general corporate to adopt recent incident response study because those studies focus on nation wide CERT Coordination Center or large organization aspect. This study is focus on study and design on security ticket based CERT system through analysis Security management's threat element, attack element, response element and it also help general corporate establish incident response process that is adjusted on IT operation. Confirmed CERT model's effectiveness and effect of quantitative Security incident management way that propose executing Security incident response experiment on the basis of this way. This study which provides general corporate oriented CERT model can be used to improve corporate's capability of responding incident by quantified management technique and select incident response SLA indicator. Already, formation which operate CERT can heighten corporation's information protection level by measure Security incident response result as metrical and analyze and improve problem continuously.