Kyungroul Lee

A secure framework of the surveillance video network integrating heterogeneous video formats and protocols

Recently, IT technologies are becoming focused on different traditional industries. The large scaled intelligent video surveillance system is one of them and it integrates a large number of digitalized CCTV [1] devices through the Web. However, existing video devices have been deployed for many years by different vendors as different models with different specifications. To integrate these heterogeneous devices, the centralized management server (CMS) and its clients need a specialized architecture to deal with different types of media encodings and connection protocols etc. In particular, well-defined access control mechanism is required for a large scaled surveillance video network. In this paper, we designed and implemented a server that incorporates the architecture integrating and delivering multiple video streams from different types of video devices to multiple clients and securing the access to the video streams.

Security Issues on the CNG Cryptography Library (Cryptography API: Next Generation)

This paper introduces structure, features, and programming techniques of CNG (Cryptography API: Next Generation), which was released as a substitute of the previous CAPI (Cryptography API) library from Microsoft. Because it is constructed with individual modules based on plug-in architecture, we can reconfigure the incorporated functions in CNG at any time. This means CNG is exceedingly helpful in the cost of development as well as the facility of extension. In addition, specific characteristics of recent new cryptography algorithms and audit policies can be easily embedded into existing library and even supported by the kernel mode expansion for cryptographic services at all points in companies, public government and so on. On the opposite side of these advantages, considerations on security issues are quite insufficient. Therefore, research on security assurance is strongly required in the environment of distributing and utilizing the CNG library. In this paper, we introduce current security issues of CNG and the related considerations on it.

Keyboard Security: A Technological Review

The keyboard is the most widely used input device in the computing environment. Authentication systems also usually need keyboards to acquire user passwords. Even though a perfect crypto technology is deployed into the authentication system, it becomes useless if the password from the keyboard is stolen as a plain text form. Therefore, several solutions have been introduced to protect passwords from keyboard. However, these solutions have not been sustainable to protect passwords, due to some compromising vulnerabilities. This paper explores recent critical vulnerabilities to the keyboard security and technologically analyzes various offensive and defensive aspects of the keyboard interfaces and their security mechanisms.

A Solution to Protecting USB Keyboard Data

This paper analyzes security vulnerability to the USB keyboard data, which are transferred between the host and the USB keyboard, and proposes a solution that randomly inserts noise characters among data from the keyboard. Through the research work, the USB host-related data structures, with which the host uses to communicate with a USB keyboard based on the UHCI, are sophisticatedly analyzed and the vulnerability is revealed by implementing the sniffing software utilizing the vulnerability. Additionally, it is proved that the proposed noise mingling approach can be a reasonable solution to the vulnerability by implementing and applying the idea. It is recommended to apply this approach to real transactions to enhance security characteristics for Internet-based financial environment.

Vulnerability Analysis of Secure Disk: Based on Backup Feature of Product A

Secure disks protect user data by applying security features such as data access prevention through access control, user identification through authentication, and data leakage prevention through encryption and decryption. However, data exposure can still be caused by security threats such as malicious users bypassing authentication and the exposure of encryption and decryption keys. Therefore, we analyze a potential vulnerability in the backup feature of product A and draw practical and empirical results to verify the analyzed vulnerability by implementing a proof-of-concept tool.

Security Assessment of Keyboard Data Based on Kaspersky Product

To protect keyboard data that includes sensitive information such as authentication data, secure keyboard programs preempt the extraction of the keyboard data before they are stolen by an attacker. Although these programs are operated at a variety of defense levels, some secure keyboard programs are still vulnerable to hardware-level attacks; therefore, in this paper, the security of keyboard data is evaluated according to the functionality of the Kaspersky “Internet Security” product, whereby secure information is inputted into a variety of websites that comprises SNSs, an email account, and a banking service.

Security Assessment on the Mouse Data using Mouse Loggers

The mouse device, one of the computer peripherals, is an input device that recognizes mouse movements on the two-dimensional plane of a monitor, and it is possible to use it conveniently or inputting and editing during the running of application programs. The existing password-based authentication methods are vulnerable to keyboard-data exposure, so a new authentication method that is based on the mouse input has emerged. Nevertheless, a security assessment of the mouse-based authentication method has not been practically analyzed; for this reason, the exposure of mouse data is evaluated in this paper based on the mouse loggers that can be easily obtained from Web sites. It will be possible to utilize the analyzed result to formulate a security guideline to prevent the exposure of authentication information that is based on the image-based authentication.

An efficient key management solution for privacy masking, restoring and user authentication for video surveillance servers

In this paper, we surveyed technical elements of video surveillance systems and proposed several countermeasures to effectively manage a number of keys for image encryption, privacy protection and user authentication. In addition, we proposed several solutions for potential problems that could arise when the system adopts a privacy masking policy for each user. The proposed solutions selectively implement a Kerberos approach, a round keys approach and a double hash chain approach. For secure video surveillance systems, protecting privacy and providing accessibility through strong user authentication and prioritized authorization is expected. This paper proposes a key distribution scheme for distributed video surveillance servers.The scheme introduces security protocols to authenticate multiple privileged users.The scheme also includes privacy masking and restoration strategies used in case of crimes.Hierarchical restoration of the privacy masks with different privileges is possible using the proposed scheme.Security evaluation on the proposed protocols is included in a new section.

Architecture to Support Heterogeneous Devices for Video Surveillance System

Recently, IT technologies are getting focused indifferent traditional industries. The large scaled intelligent video surveillance system is one of them and it integrates large number of digitalized CCTV [1] devices through the Web. However, existing video devices have been deployed for several dozens of years by different vendors as different models with different specifications. To integrate these heterogeneous devices, the centralized management server (CMS) and its clients need a specialized architecture to deal with different types of mediacodings and connection protocols etc. In this paper, we designed and implemented a server that incorporates the architecture to deliver video streams from different types of video devices to multiple clients.

Ransomware prevention technique using key backup.

In this paper, a key backup technique for the recovery of files encrypted by ransomware is proposed. Ransomware interferes with the victims system through abnormal behavior such as locking of the victims system or encryption of the system or files. Ransomware writers demand money from the victims as a condition for the recovery of the encrypted files and systems that have been seized; systems infected by ransomware cannot be repaired without a decryption key, making the employment of detection and recovery methods urgent. This paper proposes a prevention technique for backing up encryption keys in a secure repository which enables the recovery of ransomware‐infected systems and ransomware‐encrypted files. The proposed technique can be used to repair systems infected by ransomware, thereby ensuring safety against such malicious codes.