• Journal of IKEEE
• /
• v.24 no.1
• /
• pp.52-58
• /
• 2020

This paper describes a hardware implementation of a true random number generator (TRNG) for information security applications. A new approach for TRNG design was proposed by adopting random transition rules in cellular automata and applying different transition rules at every time step. The TRNG circuit was implemented on Spartan-6 FPGA device, and its hardware operation generating random data with 100 MHz clock frequency was verified. For the random data of 2×10⁷ bits extracted from the TRNG circuit implemented in FPGA device, the randomness characteristics of the generated random data was evaluated by the NIST SP 800-22 test suite, and all of the fifteen test items were found to meet the criteria. The TRNG in this paper was implemented with 139 slices of Spartan-6 FPGA device, and it offers 600 Mbps of the true random number generation with 100 MHz clock frequency.

• Journal of the Ergonomics Society of Korea
• /
• v.30 no.3
• /
• pp.419-426
• /
• 2011

Objective: The objective of this study was to evaluate a work of guards, using an ergonomic method(work analysis and posture analysis). Background: Most studies about guards were conducted in the field of medical, problems of shift, and the physical problems of old workers and social problems. But, guards consist of vulnerability group so it needs an ergonomic research in musculoskeletal disorders. Method: A head of an ergonomic estimation was work analysis(determination of combined task, work tool, work time and frequency of combined task) and posture analysis(upper body and lower body) of workers based on the video. Results: The result showed that combined task of guards was classification of patrolling, security, cleaning and waiting. The security indicated the highest ratio in the work time of combined tasks. The results of posture analysis for guards indicated high value in neutral. But, lower arm indicated high value in bending(left: 59%, right: 50%). Conclusion: The results of ergonomic methods indicated that guards' physical work load was not high during work, but comfortable work environment would be required for old guards. Application: If an ergonomic rule can be integrated into existing work environments, the risk of occupational injuries and stress will be reduced.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.3
• /
• pp.455-464
• /
• 2020

With a variety of data types and high utilization of data, non-relational databases are a popular data storage because it supports better availability and scalability. The increasing use of this technology also brings the risk of NoSQL injection attacks. Existing works mostly discuss the rule-based detection of NoSQL injection attacks that it is hard to deal with NoSQL queries beyond the coverage of the rules. In this paper, we propose a model for detecting NoSQL injection attacks. Our model is based on deep learning algorithms that select features from NoSQL queries using CNN, and classify NoSQL queries using RNN. Also, we experiment the proposed model to compare with existing models, and find that our model outperforms traditional models in terms of detection rate.

• International Journal of Computer Science & Network Security
• /
• v.21 no.8
• /
• pp.327-341
• /
• 2021

The knowledge management was considered as the inevitable result of the rule of knowledge in this era, and its importance became clear in being the main source for achieving success, the need to consider and manage knowledge as an independent field that must be addressed with a clear scientific methodology has become intangible - they are very valuable and a strategic asset. On the other hand, the innovation process relates to all parts of the organization, and helps to improve the behavioral patterns of individuals and their attitudes towards adopting modern and innovative ideas, it is a purposeful process adopted by the senior management and works to provide the capabilities and requirements for embodying the innovative behavior in it. In the field of dealing with the market, it is a product of the organization's innovative approach, which aims at advancement, change, and intended and organized renewal. The main objective of this article is to determine the most appropriate ways to integrate knowledge management mechanisms to employ innovation factors within universities based on the role of universities in supporting innovation. This was achieved through reviewing many relevant research and listing the most prominent concepts of knowledge management, its importance, objectives, and processes determining the stages of knowledge management application, the requirements for applying knowledge management, and the obstacles that impede its application; Then the statement "Innovation in universities, through which it addressed the concept of innovation, its importance, stages, and requirements for its application, as well as identifying the most prominent models of innovation, and obstacles to innovation, in addition to that the role of universities in supporting innovation will be identified. From the surveyed study done in this article, we concluded that the relationship among organizational culture, knowledge management and innovation capability can provide useful insights for managers regarding developing a strong culture, promote knowledge management practices effectively and eventually enhance the whole organization's innovation capability. Also, we found that different components of Knowledge Management as Knowledge activities, Knowledge types, transformation of knowledge and technology have a significant positive effect in bringing innovation through transformation of knowledge into knowledge assets in universities.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.4
• /
• pp.605-616
• /
• 2021

While malwares must be accurately identifiable from arbitrary programs, existing studies using classification techniques have limitations that they can only be applied to limited samples. In this work, we propose a method to utilize API call frequency to detect and classify malware families from arbitrary programs. Our proposed method defines a rule that checks whether the call frequency of a particular API exceeds the threshold, and identifies a specific family by utilizing the rate information on the corresponding rules. In this paper, decision tree algorithm is applied to define the optimal threshold that can accurately identify a particular family from the training set. The performance measurements using 4,443 samples showed 85.1% precision and 91.3% recall rate for family detection, 97.7% precision and 98.1% reproduction rate for classification, which confirms that our method works to distinguish malware families effectively.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.7
• /
• pp.613-621
• /
• 2019

Recently, with the development of the Internet of Things (IoT) and cloud computing technologies, security threats have increased as malicious codes infect IoT devices, and new malware spreads ransomware to cloud servers. In this study, we propose a threat-detection technique that checks obfuscated script patterns to compensate for the shortcomings of conventional signature-based and behavior-based detection methods. Proposed is a malicious code-detection technique that is based on malicious script-pattern analysis that can detect zero-day attacks while maintaining the existing detection rate by registering and checking derived distribution patterns after analyzing the types of malicious scripts distributed through websites. To verify the performance of the proposed technique, a prototype system was developed to collect a total of 390 malicious websites and experiment with 10 major malicious script-distribution patterns derived from analysis. The technique showed an average detection rate of about 86% of all items, while maintaining the existing detection speed based on the detection rule and also detecting zero-day attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.3
• /
• pp.65-76
• /
• 2005

Speeding up scalar multiplication of an elliptic curve point has been a prime approach to efficient implementation of elliptic curve schemes such as EC-DSA and EC-ElGamal. Koblitz introduced a $base-{\phi}$ expansion method using the Frobenius map. Kobayashi et al. extended the $base-{\phi}$ scalar multiplication method to suit Optimal Extension Fields(OEF) by introducing the table reference method. In this paper we propose an efficient scalar multiplication algorithm on elliptic curve over OEF. The proposed $base-{\phi}$ scalar multiplication method uses an optimized batch technique after rearranging the computation sequence of $base-{\phi}$ expansion usually called Horner's rule. The simulation results show that the new method accelerates the scalar multiplication about $20\%{\sim}40\%$ over the Kobayashi et al. method and is about three times as fast as some conventional scalar multiplication methods.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.10 no.4
• /
• pp.59-71
• /
• 2000

Due to the advance of computer and communication technology, intrusions or crimes using a computer have been increased rapidly while various information has been provided to users conveniently. As a results, many studies are necessary to detect the activities of intruders effectively. In this paper, a new association algorithm for the anomaly detection model is proposed in the process of generating user\`s normal patterns. It is that more recently observed behavior get more affection on the process of data mining. In addition, by clustering generated normal patterns for each use or a group of similar users, it is possible to identify the usual frequency of programs or command usage for each user or a group of uses. The performance of the proposed anomaly detection system has been tested on various system Parameters in order to identify their practical ranges for maximizing its detection rate.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.6
• /
• pp.111-121
• /
• 2006

As Internet lastly grows, network attack techniques are transformed and new attack types are appearing. The existing network-based intrusion detection systems detect well known attack, but the false-positive or false-negative against unknown attack is appearing high. In addition, The existing network-based intrusion detection systems is difficult to real time detection against a large network pack data in the network and to response and recognition against new attack type. Therefore, it requires method to heighten the detection rate about a various large dataset and to reduce the false-positive. In this paper, we propose method to reduce the false-positive using multi-level detection algorithm, that is combine the multidimensional Apriori algorithm and the modified Negative Selection algorithm. And we apply this algorithm in intrusion detection and, to be sure, it has a good performance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.565-573
• /
• 2012

To investigate the business corruption, the obtainments of the business data such as personnel, manufacture, accounting and distribution etc., is absolutely necessary. Futhermore, the investigator should have the systematic extraction solution from the business data of the enterprise database, because most company manage each business data through the distributed database system, In the general business environment, the database exists in the system with upper layer application and big size file server. Besides, original resource data which input by user are distributed and stored in one or more table following the normalized rule. The earlier researches of the database structure analysis mainly handled the table relation for database's optimization and visualization. But, in the point of the digital forensic, the data, itself analysis is more important than the table relation. This paper suggests the extraction technique from the table relation which already defined in the database. Moreover, by the systematic analysis process based on the domain knowledge, analyzes the original business data structure stored in the database and proposes the solution to extract table which is related incident.