• Proceedings of the Korea Information Processing Society Conference
• /
• 2014.11a
• /
• pp.516-519
• /
• 2014

Cloud computing is an up-and-coming paradigm shift transforming computing models from a technology to a utility. However, security concerns related to privacy, confidentiality and trust are among the issues that threaten the wide deployment of cloud computing. With the advancement of ubiquitous mobile-based clients, the ubiquity of the model suggests a higher integration in our day to day life and this leads to a rise in security issues. To strengthen the access control of cloud resources, most organizations are acquiring Identity Management Systems (IDM). This paper presents one of the most popular IDM systems, specifically OAuth, working in the scope of Mobile Cloud Computing which has many weaknesses in its protocol flow. OAuth is a Delegated Authorization protocol, and not an Authentication protocol and this is where the problem lies. This could lead to very poor security decisions around authentication when the basic OAuth flow is adhered to. OAuth provides an access token to a client, so that it can access a protected resource, based on the permission of the resource owner. Many researchers have opted to implement OpenlD alongside OAuth so as to solve this problem. But OpenlD similarly has several security flows. This paper presents scenarios of how insecure implementations of OAuth can be abused maliciously. We incorporate an authentication protocol to verify the identities before authorization is carried out.

• Journal of Auto-vehicle Safety Association
• /
• v.13 no.4
• /
• pp.66-72
• /
• 2021

This study was initiated to improve of the defect investigation method using event data recorders (EDR) and suggested a solution through the regulation and system analysis of EDR. The EDR data has been used for various purposes such as the vehicle defect investigation and the traffic accident investigation. However the EDR regulation has not been updated since the implementation in 2012. "Trigger Threshold" can be used to analyze a single accident such as the frontal crash, the side crash, and the rollover. In the case of a complex accident in which a rollover accident and a crash accident occur simultaneously, it is difficult to analyze a complex accident due to current "Trigger Threshold". This study proposed the method of separating the "Trigger Threshold" into a crash accident and a rollover accident so that accidents can be analyzed using the EDR data even when a complex accident occurs. In addition, it proposed the improvement method to quickly use the data of EDR in accident reconstruction software.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.7
• /
• pp.3369-3385
• /
• 2019

There are various research challenges in vehicular ad hoc networks (VANETs) that need to be focused until an extensive deployment of it becomes conceivable. Design and development of a scalable routing algorithm for VANETs is one of the critical issue due to frequent path disruptions caused by the vehicle's mobility. This study aims to provide a novel road-aware routing protocol for vehicular networks named as Two-level hierarchical Hybrid Road-Aware (THERA) routing for vehicular ad hoc networks. The proposed protocol is designed explicitly for inter-vehicle communication. In THERA, roads are distributed into non-overlapping road segments to reduce the routing overhead. Unlike other protocols, discovery process does not flood the network with packet broadcasts. Instead, THERA uses the concept of Gateway Vehicles (GV) for the discovery process. In addition, a route between source and destination is flexible to changing topology, as THERA only requires road segment ID and destination ID for the communication. Furthermore, Road-Aware routing reduces the traffic congestion, bypasses the single point of failure, and facilitates the network management. Finally yet importantly, this paper also proposes a probabilistical model to estimate a path duration for each road segment using the highway mobility model. The flexibility of the proposed protocol is evaluated by performing extensive simulations in NS3. We have used SUMO simulator to generate real time vehicular traffic on the roads of Gangnam, South Korea. Comparative analysis of the results confirm that routing overhead for maintaining the network topology is smaller than few previously proposed routing algorithms.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.5
• /
• pp.2732-2753
• /
• 2019

With the application of wireless sensor networks in the fields of ecological observation, defense military, architecture and urban management etc., the security problem is becoming more and more serious. Characteristics and constraint conditions of wireless sensor networks such as computing power, storage space and battery have brought huge challenges to protection research. Inspired by the danger theory in biological immune system, this paper proposes an intrusion detection model for wireless sensor networks. The model abstracts expressions of antigens and antibodies in wireless sensor networks, defines meanings and functions of danger signals and danger areas, and expounds the process of intrusion detection based on the danger theory. The model realizes the distributed deployment, and there is no need to arrange an instance at each sensor node. In addition, sensor nodes trigger danger signals according to their own environmental information, and do not need to communicate with other nodes, which saves resources. When danger is perceived, the model acquires the global knowledge through node cooperation, and can perform more accurate real-time intrusion detection. In this paper, the performance of the model is analyzed including complexity and efficiency, and experimental results show that the model has good detection performance and reduces energy consumption.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.6
• /
• pp.3280-3298
• /
• 2019

Vehicular ad-hoc networks (VANETs) have become increasingly significant in intelligent transportation systems, they play a great role in improving traffic safety and efficiency. In the deployment of intelligent VANETs, intelligent vehicles can efficiently exchange important or urgent traffic information and make driving decisions. Meanwhile, secure data communication and vehicle's identity privacy have been highlighted. To cope with these security issues, in this paper, we construct an efficient anonymous authentication scheme with secure communication in intelligent VANETs. Combing the ElGamal encryption technique with a modified Schnorr signature technique, the proposed scheme provides secure anonymous authentication process for encrypted message in the vehicle-to-infrastructure communication model, and achieves identity privacy, forward security, and reply attack resistance simultaneously. Moreover, except the trusted authority (TA), any outside entity cannot trace the real identity of an intelligent vehicle. The proposed scheme is designed on an identity-based system, which can remove the costs of establishing public key infrastructure (PKI) and certificates management. Compared with existing authentication schemes, the proposed scheme is much more practical in intelligent VANETs.

• Journal of the Korea Society of Computer and Information
• /
• v.23 no.11
• /
• pp.103-109
• /
• 2018

This paper presents an idea and framework to automate a full cycle business process management and re-engineering by integrating traditional business process management systems, process mining, data mining, machine learning, and simulation. We build our framework on the cloud-based platform such that various data sources can be incorporated. We design our systems to be extensible so that not only beneficial for practitioners of BPM, but also for researchers. Our framework can be used as a test bed for researchers without the complication of system integration. The automation of redesigning phase and selecting a baseline process model for deployment are the two main contributions of this study. In the redesigning phase, we deal with both the analysis of the existing process model and what-if analysis on how to improve the process at the same time, Additionally, improving a business process can be applied in a case by case basis that needs a lot of trial and error and huge data. In selecting the baseline process model, we need to compare many probable routes of business execution and calculate the most efficient one in respect to production cost and execution time. We also discuss the challenges and limitation of the framework, including the systems adoptability, technical difficulties and human factors.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.2
• /
• pp.494-513
• /
• 2019

A multi-channel access problem based on hypergraph model in ultra-dense small cell networks is studied in this paper. Due to the hyper-dense deployment of samll cells and the low-powered equipment, cumulative interference becomes an important problem besides the direct interference. The traditional binary interference model cannot capture the complicated interference relationship. In order to overcome this shortcoming, we use the hypergraph model to describe the cumulative interference relation among small cells. We formulate the multi-channel access problem based on hypergraph as two local altruistic games. The first game aims at minimizing the protocol MAC layer interference, which requires less information exchange and can converge faster. The second game aims at minimizing the physical layer interference. It needs more information interaction and converges slower, obtaining better performance. The two modeled games are both proved to be exact potential games, which admit at least one pure Nash Equilibrium (NE). To provide information exchange and reduce convergecne time, a cloud-based centralized-distributed algorithm is designed. Simulation results show that the proposed hypergraph models are both superior to the existing binary models and show the pros and cons of the two methods in different aspects.

• Electronics and Telecommunications Trends
• /
• v.34 no.4
• /
• pp.23-31
• /
• 2019

Deep learning is a hot topic in both academic and industrial fields. Deep learning applications can be categorized into two areas. The first category involves applications such as Google Alpha Go using interfaces with human operators to run complicated inference engines in high-performance servers. The second category includes embedded applications for mobile Internet-of-Things devices, automotive vehicles, etc. Owing to the characteristics of the deployment environment, applications in the second category should be bounded by certain H/W and S/W restrictions depending on their running environment. For example, image recognition in an autonomous vehicle requires low latency, while that on a mobile device requires low power consumption. In this paper, we describe issues faced by embedded applications and review popular inference engines. We also introduce a project that is being development to satisfy the H/W and S/W requirements.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.43 no.4
• /
• pp.59-66
• /
• 2020

In this study, we consider the problem of forecasting the number of inbound foreigners visiting Korea. Forecasting tourism demand is an essential decision to plan related facilities and staffs, thus many studies have been carried out, mainly focusing on the number of inbound or outbound tourists. In order to forecast tourism demand, we use a seasonal ARIMA (SARIMA) model, as well as a SARIMAX model which additionally comprises an exogenous variable affecting the dependent variable, i.e., tourism demand. For constructing the forecasting model, we use a search procedure that can be used to determine the values of the orders of the SARIMA and SARIMAX. For the exogenous variable, we introduce factors that could cause the tourism demand reduction, such as the 9/11 attack, the SARS and MERS epidemic, and the deployment of THAAD. In this study, we propose a procedure, called Measuring Impact on Demand (MID), where the impact of each factor on tourism demand is measured and the value of the exogenous variable corresponding to the factor is determined based on the measurement. To show the performance of the proposed forecasting method, an empirical analysis was conducted where the monthly number of foreign visitors in 2019 were forecasted. It was shown that the proposed method can find more accurate forecasts than other benchmarks in terms of the mean absolute percentage error (MAPE).

• Journal of Information Processing Systems
• /
• v.16 no.6
• /
• pp.1459-1478
• /
• 2020

In the last few years, quantum communication technology and services have been developing in various advanced applications to secure the sharing of information from one device to another. It is a classical commercial medium, where several Internet of Things (IoT) devices are connected to information communication technology (ICT) and can communicate the information through quantum systems. Digital communications for future networks face various challenges, including data traffic, low latency, deployment of high-broadband, security, and privacy. Quantum communication, quantum sensors, quantum computing are the solutions to address these issues, as mentioned above. The secure transaction of data is the foremost essential needs for smart advanced applications in the future. In this paper, we proposed a quantum communication model system for future ICT and methodological flow. We show how to use blockchain in quantum computing and quantum cryptography to provide security and privacy in recent information sharing. We also discuss the latest global research trends for quantum communication technology in several countries, including the United States, Canada, the United Kingdom, Korea, and others. Finally, we discuss some open research challenges for quantum communication technology in various areas, including quantum internet and quantum computing.