• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.7
• /
• pp.3397-3413
• /
• 2016

Considering that the layered cellular automata (LCA) are naturally fit for representing image data in various applications, a novel reverse iterative image encryption scheme based on LCA is proposed. Specifically, the plain image is set as the final configuration of an 8-layer CA, and some sequences derived from a random sequence are set as the pre-final configuration, which ensure that the same plain image will never be encrypted in the same way when encrypted many times. Then, this LCA is backward evolved by following some reversible two order rules, which are generated with the aid of a newly defined T-shaped neighborhood. The cipher image is obtained from the recovered initial configuration. Several analyses and experimental results show that the proposed scheme possesses a high security level and executive performance.

• Proceedings of the IEEK Conference
• /
• 2006.06a
• /
• pp.331-332
• /
• 2006

To enhance security and privacy in biometrics, changeable (or cancelable) biometrics have recently been introduced. The idea is to transform a biometric signal or feature into a new one for enrollment and matching. In this paper, we proposed changeable biometrics for face recognition using on PCA based approach. PCA coefficient vector extracted from an input face image. The vector is scrambled randomly and removed. When a transformed template is compromised, it is replaced by a new scrambling rule. In our experiment, we compared the performance between when PCA coefficient vectors are used for verification and when the transformed coefficient vectors are used for verification.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2002.11b
• /
• pp.1031-1034
• /
• 2002

본 논문에서는 커널수준의 침입탐지를 위한 동적 침입탐지 규칙 변경 기법을 제안한다. 제안하는 기법은 침입탐지 규칙은 규칙타입 프로토콜 타입, 패킷 헤더와 패킷 페이로드에 대한 검사를 수행하기 위한 규칙들로 세분화하여 LVR로 표현하고 이들 LVR이 계층적으로 구성된 IDRL로 관리한다. 침입탐지는 IDRL을 이용하여 수행하며, 규칙에 대한 변경은 변경된 규칙에 대한 LVR을 구성하고 LV를 이용한 포인터 변경을 이용하여 IDRL에 반영하는 방법이다. 제안하는 기법은 IDRL을 이용한 침입탐지와 탐지규칙의 변경을 IDRL에 최소한의 비용으로 수행하고, LVR을 이용하여 침입탐지 규칙을 디스크와 메모리에 동일한 형태로 저장 및 관리하여 탐지규칙 초기화 비용과 변경 비용을 최소화할 수 있다. 이를 통하여 보다 안전한 커널 수준에서의 네트워크 보안을 위한 효율적인 동적 침입탐지 규칙 변경을 지원할 수 있다는 장점을 가진다.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.18 no.4
• /
• pp.459-468
• /
• 2015

Although defense standardization is recently becoming more and more active, there are still many obstacles to achieve attainments as planned. On the other hand, national standardization already has been applied as a mandatory rule in the overall industries and R&D programs and is well supported by systematic and specialized national basis. Furthermore, advanced countries, such as U.S.A., England and NATO, are considering defense standardization as a essential element to achieve low cost and highly efficient acquisition system and to enhance interoperability among the allied forces. This study aims to form public opinion in support of importance of defense standardization and to provide the vision and various implementation tasks for improving defense standardization outcome.

• Review of KIISC
• /
• v.15 no.5
• /
• pp.100-112
• /
• 2005

유비쿼터스의 주요한 특성은 상황 인식(Context-Aware)이며 이것은 사용자의 시공간에 따라 변하는 데이터를 사용자가 직접 입력하지 않고 상황에 맞게 자동적으로 처리해 주는 것을 뜻한다. 그러나 이러한 유비쿼터스의 특성은 데이터의 보안이 취약할 경우 기존 컴퓨팅 환경보다 더 큰 문제를 가져올 수 있다. 한편, 미 벨 연구소에 의해 개발된 PCP(Privacy Conscious Personalization)는 모바일 및 유비쿼터스 환경에서 사용자의 프라이버시 문제에 Context-Aware의 특성을 반영해 준다. PCP는 위치 정보에 대한 요구를 받으면 Houdini로 명명된 Rule Engine을 작동시키며 현재의 상황 및 사용자의 설정을 고려하여 정보를 공개할지 여부를 결정한다. 또한, 네덜란드의 University of Twente는 P3P를 확장하는 P3P Extension과 상황-의존 Preference를 표현하는 XML 기반 언어를 개발하고 이를 바탕으로 WASP 플랫폼을 위한 아키텍쳐를 개발하였다. WASP Framework는 웹서비스 기반의 프라이버시 보호 아키텍쳐이며 사용자의 위치, 시간, 상태, 신원 등 다양한 Context 정보를 제공할 수 있다. 본고에서는 Location Context의 관점에서 Context Aware Computing 환경의 하나로 LBS 위치정보의 프라이버시 구조에 대한 두가지 사례 연구를 수행한다.

• 한국정보통신설비학회:학술대회논문집
• /
• 2008.08a
• /
• pp.159-162
• /
• 2008

Generally, sensor nodes can be easily compromised and seized by an adversary because sensor nodes are hostile environments after dissemination. An adversary may be various security attacks into the networks using compromised node. False data injection attack using compromised node, it may not only cause false alarms, but also the depletion of the severe amount of energy waste. Dynamic en-route scheme for Filtering False Data Injection (DEF) can detect and drop such forged report during the forwarding process. In this scheme, each forwarding nodes verify reports using a regular probability. In this paper, we propose verification probability adjustment scheme of forwarding nodes though a fuzzy rule-base system for the Dynamic en-route filtering scheme for Filtering False Data Injection in sensor networks. Verification probability determination of forwarding nodes use false traffic rate and distance form source to base station.

• Transactions of the Korean Society for Noise and Vibration Engineering
• /
• v.19 no.2
• /
• pp.200-207
• /
• 2009

Complex systems are made of many subsystems, those are developed and manufactured by many part companies. Even though the information for a part is necessary to analyze the performance of the other part, it is not so easy to get the information for that part from other companies due to many reasons like security or compatibilities. If the modal parameters of a system between the connecting points are available, we can reconstruct a reduced model for that system in a physical coordinate not in a generalized coordinate. The assemble of the equations of motion for the main system and the reduced equations of motion for the connected system can give a response of the main system considering the effects of connected systems. The results show that the proposed method can give the response of a system accurately. The rule for the selection of modes is to use the fundamental modes whose natural frequencies are low.

• Journal of the Korea Society of Computer and Information
• /
• v.6 no.4
• /
• pp.119-124
• /
• 2001

In the paper, is proposed a secure role-based access control model that not only has s functions such as security, integrity and flow control, but also can easily meet access requirements of role-based social organizations. The proposed role-based access control mod designed based on proven existing rule-based access control mechanisms in order to be app real access control systems. The model proposed in the paper is simple and secure. It can be used for the web-based application systems working on the Internet.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2010.11a
• /
• pp.244-247
• /
• 2010

최근 Application 의 취약성을 악용한 해커들의 시스템 공격 사례가 증가하고 있다. 본 논문에서 다루는 코드 분석기는 이러한 해커의 공격을 사전에 차단하기 위해 사용자로부터 입력받은 Application 의 소스 코드가 사전에 탑재해 놓은 일련의 보안 규칙(Security Rule)을 제대로 준수하는지의 여부를 어휘 분석(Lexical Analysis)과 구문 분석(Semantic Analysis)을 통해 판별해 낸다. 본 코드 분석기는 미국 카네기멜론대학(CMU) 산하의 인터넷 해킹 보안 기구인 CERT 에서 제시하는 규칙을 그대로 적용하여 분석 결과의 정확도와 객관성을 높였으며, 이 분석기를 통해 프로그래머가 신뢰도와 보안성이 높은 소프트웨어를 개발할 수 있도록 하였다.

• Journal of KIISE:Information Networking
• /
• v.33 no.6
• /
• pp.407-419
• /
• 2006

As substituting IPv6 network for all IPv4 network in a short time seems unattainable due to high cost and technical limitation, IPv4 and IPv6 are expected to coexist for a certain period of time. Under the co]existing environment of IPv4 and IPv6, interworking brings a number of extra security considerations even if it may have no security problem for each protocol respectively. Thus, the analysis and solutions for those various attacks toward IPv4/IPv6 interworking-related security are inevitably required for the sake of effective transition and settlement to IPv6. In this paper we carried out a proper rule of packet filtering for IPv6-in-IPv4 tunneling interworking environment to protect the IPv4/IPv6 interworking-related security attacks. Design and implementation of the packet filtering system suitable for IPv4/IPv6 tunneling environment in the form of Linux netfilter and ip6tables are also shown. Thru this study, the packet filtering system was found operating correctly ill the tunneling mechanism.