• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.2
• /
• pp.245-261
• /
• 2024

The COVID-19 pandemic has led to the widespread adoption of contactless transactions, resulting in a noticeable increase in the trend towards fully unmanned stores. In such stores, all operational processes are automated, primarily using artificial intelligence (AI) technology. However, this AI technology has several security vulnerabilities, which can be critical in the environment of fully unmanned stores. This paper analyzes the security vulnerabilities that AI-based fully unmanned stores may face, focusing particularly on the object detection model YOLO, demonstrating that Hiding Attacks and Altering Attacks using adversarial patches are possible. It is confirmed that objects with adversarial patches attached may not be recognized by the detection model or may be incorrectly recognized as other objects. Furthermore, the paper analyzes how Data Augmentation techniques can mitigate security threats by providing a defensive effect against adversarial patch attacks. Based on these results, we emphasize the need for proactive research into defensive measures to address the inherent security threats in AI technology used in fully unmanned stores.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.199-204
• /
• 2004

Operating systems and application programs have security vulnerabilities derived from the software development process. Recently, incident cases related with the abuses of these vulnerabilities are increasing and the damages caused by them are becoming very important security issues all over the nations. Patch management is one of the most important processes to fix vulnerabilities of softwares and to ensure a security of systems. Since an institute or a company has distributed hierarchical and heterogeneous systems, it is not easy to update patches promptly. In this paper, we propose patch management framework to safely distribute and install the patches on Windows, Linux, and Solaris client systems. Besides, we censidered extensibility and hierarchical structure for our patch management framework to support large scaled network environment.

• Journal of Information Processing Systems
• /
• v.13 no.6
• /
• pp.1516-1526
• /
• 2017

Many organizations today use patch management systems to uniformly manage software vulnerabilities. However, the patch management system does not guarantee the integrity of the patch in the process of providing the patch to the client. In this paper, we propose a method to guarantee patch integrity through dual electronic signatures. The dual electronic signatures are performed by the primary distribution server with the first digital signature and the secondary distribution server with the second digital signature. The dual electronic signature ensures ensure that there is no forgery or falsification in the patch transmission process, so that the client can verify that the patch provided is a normal patch. The dual electronic signatures can enhance the security of the patch management system, providing a secure environment for clients.

• International Journal of Computer Science & Network Security
• /
• v.23 no.1
• /
• pp.120-124
• /
• 2023

Strong surface waves among collinearly arranged patch antenna arrays pose unwanted inter element coupling particularly when high permittivity dielectric materials are used. In order to avert those waves, a novel Defected Ground Structure (DGS) is carved out systematically between two E-plane patch antenna elements. The introduced low profile μ shaped structure consequently improves impedance bandwidth and reflection coefficient by suppressing surface waves considerably. Parametric simulation results are analyzed and discussed.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.12
• /
• pp.179-188
• /
• 2022

In this paper, we propose an efficient and procedural software patch management phases. Every year, organizations have tens of thousands of known vulnerabilities and spend tens of thousands of hours and millions of dollars or more patching them. Despite these efforts, research has shown that the time it takes for an exploit to appear for a given patched vulnerability is shortening. As various types of organizations such as companies and universities manage patches in inconsistent ways, problems such as security problems, system instability, information leakage and work delay due to patches occur. In this paper, we look at the basics required for software patch management and define the factors to be considered for patch management and the effective steps for patch management. Therefore, this study will be used as a method to efficiently and procedurally execute the organization's patch management policy in the process of updating and patching the software in the organization to a new version as a solution to software function modification and security vulnerability.

• Convergence Security Journal
• /
• v.13 no.1
• /
• pp.79-86
• /
• 2013

The objective of DDoS Attacks is to simply disturb the services. In recent years, the DDoS attacks have been evolved into Multi-Vector Attacks which use diversified and mixed attacking techniques. Multi-Vector Attacks start from DDoS Attack and Malware Infection, obtain inside information, and make zombie PC to reuse for the next DDoS attacks. These forms of Multi-Vector Attacks are unable to be prevented by the existing security strategies for DDoS Attacks and Malware Infection. This paper presents an approach to effectively defend against diversified Multi-Vector attacks by using Reverse Proxy Group and PMS(Patch Management Server).

• Journal of Information Processing Systems
• /
• v.18 no.4
• /
• pp.489-499
• /
• 2022

Recently, the number of Internet of Things (IoT) devices has been increasing exponentially. These IoT devices are directly connected to the internet to exchange information. IoT devices are becoming smaller and lighter. However, security measures are not taken in a timely manner compared to the security vulnerabilities of IoT devices. This is often the case when the security patches cannot be applied to the device because the security patches are not adequately applied or there is no patch function. Thus, security vulnerabilities continue to exist, and security incidents continue to increase. In this study, we classified and analyzed the most common security vulnerabilities for IoT devices and identify the essential vulnerabilities of IoT devices that should be considered for security when producing IoT devices. This paper will contribute to reducing the occurrence of security vulnerabilities in companies that produce IoT devices. Additionally, companies can identify vulnerabilities that frequently occur in IoT devices and take preemptive measures.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.11a
• /
• pp.1011-1014
• /
• 2005

1.25 대란을 일으켰던 SQL Slammer 웜과 최근 IRCBot웜을 비롯한 다양한 악성코드들은 보안 취약점을 이용하여 전파되고 있다. 이러한 공격의 대부분은 사전에 보안패치를 적용하는 것만으로 막을 수 있기 때문에, 네트워크의 각 시스템들이 최신 패치 버전으로 업데이트 되었는지 점검하고 필요한 보안패치를 분배하는 자동화된 도구의 필요성은 강조되어 왔다. 본 논문에서는 보안패치 관리도구가 관리대상 컴퓨터의 취약점을 분석하는 방안을 제시하고, 제시한 방안을 적용한 보안패치 관리도구를 설계 및 구현하였다.

• International Journal of Computer Science & Network Security
• /
• v.21 no.9
• /
• pp.358-361
• /
• 2021

In this paper, we have simulated a rectangular microstrip patch antenna for aerospace applications based on graphen as a conductor and a multilayer substrate .as a result of the use of the graphen patch we obtained a reconfigurable antenna on the frequency range (0.6-0.7 terahertz) with a gain up to 12 db. The simulation of this antenna has been performed by using CST Microwave Studio, which is a commercially available finite integral based electromagnetic simulator.

• Proceedings of the Korean Information Science Society Conference
• /
• 2007.10d
• /
• pp.100-103
• /
• 2007

소프트웨어가 증가하면서 소프트웨어에서 발생되는 프로그램의 오류도 증가하게 되었고, 이런 프로그램 오류를 해결하기 위한 패치도 증가하게 되었다. 하루가 다르게 급수적으로 증가하는 패치를 효율적으로 관리하기 위해서 관공서나 기업에서는 패치를 별도로 관리할 수 있는 패치 관리시스템을 구성하여 운영하고 있으며, 학교 및 연구기관에서는 안전하게 패치가 분배될 수 있도록 연구를 진행하고 있다. 하지만, 기존의 연구는 안전한 패치분배에 집중되고 있으며, 급수적으로 늘어나는 패치를 효율적으로 관리할 수 있는 방안에 대해서는 연구가 부진한 것이 현실이다. 본 논문에서는 다양한 패치를 효율적으로 관리할 수 있는 범용적 패치관리 데이터베이스를 제안한다.