• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.235-255
• /
• 2019

Recent technological advances and industry changes, the game industry is maximizing fun by supporting cross-play that can be enjoyed by different platform users in PC, Mobile and Console games. If the boundaries are lost through the cross play, unexpected security threats can occur due to new services, even if existing security is maintained above a certain level. The existing online game security researches are mostly fraud detection that can occur in PC and mobile environment, but it is also necessary to study the security of the console game as cross play becomes possible. Therefore, this paper systematically identifies the security threats that can occur when enjoying cross play against console game users using STRIDE and LINDDUN threat modeling, derives security requirements using the international common evaluation standard.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.6
• /
• pp.119-132
• /
• 2011

Mobile devices such as smart phones have brought big changes to be called as 'mobile big bang' against which we can't go. Mobile banking service and MTS(Mobile Trading System) are freely available at any time, anywhere and we are able to activate communications between financial company staffs out of the office and take care of business works even remotely by using mobile devices. Mobile devices are approaching as 'smart mobile innovation' to improve an enterprise productivity and competitiveness, but threats which engaged in unfair trading behaviors or unwholesome business works in finance companies are increasing and the customer's information can be leaked out by using the nonpublic official information and mobile devices. Therefore, we have to analyze the potential problems and take the necessary countermeasures with preemptive steps to protect the customer's information and improve the financial trading soundness and fairness. In this paper, we would like to suggest countermeasures and threats against using the financial company's mobile devices focusing on the financial investment companies by 'Capital Market and Financial Investment Business Act'.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37C no.10
• /
• pp.986-992
• /
• 2012

As the utilization of smart mobile devices such as smartphones increases, the desire to utilize such devices to control and monitor combat situations also arises. As smart mobile devices with various ICT get integrated with various weaponry system, a new phase of future warfare can be introduced. Moreover, smartphone-based real-time information technology for joint battle command system will be converged with surveillance control to become a leading example of convergence of cyber defense and information technology. Furthermore, mobile device security technology ideal for mobile wireless network environments can be applied to military robots. The following paper will give an overview of smart mobile device usage used for military purposes in battle command system, various security threats and the mobile device security technology to correspond to such security threats.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.3
• /
• pp.525-532
• /
• 2013

Recently. smartphones have been popularized rapidly and now located deep in our daily life, providing a variety of services from banking, SNS (Social Network Service), and entertainment to smart-work mobile office through apps. Such smartphone apps can be easily downloaded from what is known as app store which, however, bears many security issues as software developers can just as easily upload to it. Military apps will be exposed to a myriad of security threats if distributed through internet-basis commercial app store. In order to mitigate such security concerns, this paper suggests a security guidelines for establishing a military-excusive app store and security verification system which prevent the security hazards that can occur during the process of development and distribution of military-use mobile apps.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.2
• /
• pp.439-449
• /
• 2019

The development of information technology represented by ICBMA (IoT, Cloud, Big Data, Mobile, AI), is leading to a surge in data and a numerical and quantitative increase in data centers to accommodate it. As the data center is recognized as a social infrastructure, It is very important to identify physical security threats in advance in order to secure safety, such as responding to a terrorist attack. In this paper, we develop physical security threat breakdown structure (PS-TBS) for easy identification and classification of threats, and verify the feasibility and effectiveness of the PS-TBS through expert questionnaires. In addition, we intend to contribute to the improvement of physical security level by practical use in detailed definition on items of PS-TBS.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2007.10a
• /
• pp.717-720
• /
• 2007

With the convergence of mobile devices and the Internet ubiquitous computing promises to revolutionalize the way that we access services and run application. However, ubiquitous computing environments, in particular, mobile and wireless environments interfaced with the Internet, currently possess security vulnerabilities that are ripe for attack from cyber-threats. Thus, this paper discusses the Limitation of current security mechanisms in ubiquitous computing environments

• Journal of Korea Multimedia Society
• /
• v.18 no.11
• /
• pp.1342-1350
• /
• 2015

Due to rapid development of mobile device technologies, the mobile banking through Internet has become a major service of banking information systems as a security-critical information systems. Recently, lots of mobile banking information systems which handle personal and transaction information have been exposed to security threats in vulnerable security control and management processes, mainly software systems. Therefore, in this paper, we propose a process model for software security improvements in mobile banking information system by application of fault tree analysis(FTA) and failure modes and effects analysis(FMEA) on the most important activities such as 'user authentication' and 'access control' and 'virus detection and control' processes which security control and management of mobile banking information systems are very weak.

• IEIE Transactions on Smart Processing and Computing
• /
• v.2 no.3
• /
• pp.176-187
• /
• 2013

Message replay, malicious Access Point (AP) associations and Denial of Service (DoS) attacks are the major threats in Wireless LANs. These threats are possible due to a lack of proper authentication and insecure message communications between wireless devices. Current wireless authentication & key exchange (AKE) schemes and security protocols (WEP, WPA and IEEE 802.11i) are not sufficient against these threats. This paper presents a novel Secure WLAN Authentication Scheme (SWAS). The scheme introduces the delegation concept of mobile authentication in WLANs, and provides mutual authentication to all parties (Wireless Station, Access Point and Authentication Server). The messages involved in the process serve both authentication and key refreshing purposes. The scheme enhances the security by protecting the messages through cryptographic techniques and reduces the DoS impact. The results showed that cryptographic techniques do not result in extra latencies in authentication. The scheme also reduces the communication cost and network overhead.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.9 no.3
• /
• pp.119-127
• /
• 2013

The merits of Smartphone are portability, convenience and especially a lot of information can be stored in the device. Especially in Smartphone, users can install programs that cannot install to normal cell phone and users can use many different services through these Smartphone programs. Also Smartphone can connect to Internet through network, so it can access information anytime, anywhere easily. Security of personal information and variety of information which stored in Smartphone are in risk. In Chapter 2 of thesis, it will discuss the definition and features of the Smartphone and market trends. In Chapter 3 of thesis, it will discuss security vulnerabilities of Smartphone and it will analyze and research security vulnerabilities of Smartphone in Chapter 4. In conclusion, it will check users' identification twice in useful application especially application that relate to finance and mobile payment. By checking users' identification several times, it will help to defend from security threats. Users can use Smartphone safely and convenience by know how to prevent from mobile hacking for personal and private information. the quality of APIs matching by the clustering and hierarchical relationships mechanism.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.3
• /
• pp.121-134
• /
• 2010

With the help of various Layer 2 triggers, Fast Handover for Mobile IPv6 (FMIPv6) considerably reduces the latency and the signaling messages incurred by the handover. Obviously, if not secured, the protocol is exposed to various security threats and attacks. In order to protect FMIPv6, several security protocols have been proposed. To our best knowledge, there is lack of analysis and comparison study on them though the security in FMIPv6 is recognized to be important. Motivated by this, we provide an overview of the security protocols for FMIPv6, followed by the comparison analysis on them. Also, the security threats and requirements are outlined before the protocols are explored. The comparison analysis result shows that the protocol presented by You, Sakurai and Hori is more secure than others while not resulting in high computation overhead. Finally, we introduce Proxy MIPv6 and its fast handover enhancements, then emphasizing the need for a proper security mechanism for them as a future work.