Abstract: A method of distributedly storing data in a system comprising a plurality of edge nodes communicatively coupled to an end device and a central cloud. The method includes: receiving, by a first edge node, data transmitted by the end device; assigning, by the first edge node, a data tag to received data according to attributes of the received data and duplicating the received data to generate a tagged data copy; and transmitting, by the first edge node, the tagged data copy to at least one second edge node determined by a data distribution policy determined by the central cloud directly or through the central cloud, so that the at least one second edge node store the tagged data copy in a storage.

Abstract: A method of detecting an anomaly of a road side unit, which is performed by an anomaly detecting apparatus interworking with one or more road side units, may comprise: receiving traffic data from each of the one or more road side units; performing grouping on the one or more road side units based on the traffic data; generating input data of an artificial neural network based on a result of the performing of the grouping; generating output data of the artificial neural network based on the input data; and detecting an anomaly of each of the one or more road side units based on the output data.

Abstract: Provided is a method for detecting a driver's abnormalities based on a CAN (Controller Area Network) bus network communicating with an ECU (Electronic Control Unit) of a vehicle. The method may include: acquiring a CAN bus signal related to an operation of the vehicle from the CAN bus network; extracting a detection vector from the CAN bus signal using an auto encoder; and detecting a driver's abnormality based on the detection vector.

Abstract: A pseudonym certificate management method, performed by a pseudonym certificate management apparatus interworking with an external server, may comprise: receiving, from the external server, a pseudonym certificate in a state locked based on a root value identifiable only by the external server; periodically receiving an unlocking key for the pseudonym certificate from the external server; activating the pseudonym certificate with the unlocking key; and when the activated pseudonym certificate is abnormal, deactivating the pseudonym certificate.

Abstract: An operation method of a communication node in a communication network may comprise receiving CAN signals from a plurality of CAN communication nodes; generating forward input data by performing forward preprocessing on the received CAN signals based on forward sampling times; generating forward mask data for the forward input data and forward time interval data according to the forward sampling times; generating backward input data by performing backward preprocessing on the CAN signals based on backward sampling times; generating backward mask data for the backward input data and backward time interval data according to the backward sampling times; and detecting an abnormal signal among the CAN signals by inputting the forward input data, forward mask data, forward time interval data, backward input data, backward mask data, and backward time interval data into a gated recurrent unit-decay (GRU-D) neural network.

Abstract: A data tracking method, which is performed by a data tracking apparatus in an edge cloud environment including at least one edge node communicating with an end device and a central cloud, includes receiving data from the end device by a first edge node, creating, by the first edge node, a tracing history and distributing the data to a plurality of edge nodes so as to allow the plurality of edge nodes to create tracing histories, transmitting the created tracing histories to the central cloud by the first edge node and the plurality of edge nodes, and verifying, by the central cloud, linkability of the tracing histories transmitted to the central cloud, storing the tracing histories, analyzing the tracing histories, and providing a data tracking function.

Abstract: Disclosed is a method of detecting whether a groupware user's behavior is an abnormal behavior. The method includes acquiring a uniform resource identifier (URI) from the user's behavior, generating a URI sequence from the URI on the basis of a predetermined time interval, preprocessing the URI sequence to generate a primitive URI sequence, calculating a log probability value from the primitive URI sequence, and detecting whether the user's behavior is an abnormal behavior on the basis of the log probability value and a predetermined threshold value.

Abstract: Provided are a method and device for performing authentication using a hardware security module (HSM) in a one machine-to-machine (oneM2M) environment. The method of performing authentication using an HSM in a oneM2M environment includes extracting a symmetric key stored in the HSM using a security application programming interface (API), generating a first value and a second value using the extracted symmetric key, and performing mutual authentication with an M2M enrolment function (MEF) server through transport layer security pre-shared key ciphersuites (TLS-PSK) using the first value and the second value.

Abstract: Provided are a device and method for sharing big data using a blockchain. The method of sharing big data using a blockchain includes receiving a search condition from a user terminal, searching a blockchain network for metadata meeting the received search condition and acquiring found metadata, acquiring shared data stored in a distributed storage using the acquired metadata, and transmitting the acquired shared data to the user terminal.

Abstract: A method for managing an enrollment certificate in an SCMS for V2X communication may comprise receiving a message requesting an authority for generating a CSR from a DCM; updating device certification data through a certification laboratory that manages performance and requirements of an EE, and verifying the EE that requested issuance of an enrollment certificate to the DCM by using the updated device certification data; transmitting response data indicating the authority for generating a CSR to the DCM based on a result of the verification; receiving a CSR generated according to the response data from the DCM; and verifying the received CSR, and requesting response data for the CSR to an ECA based on a result of the verification.

Abstract: Disclosed herein are a method and an apparatus for detecting abnormal traffic based on a convolutional autoencoder (CAE). The method of detecting abnormal traffic based on the CAE may include converting a character string of normal traffic into an image, learning the converted image using the CAE, and detecting abnormal traffic by inputting target traffic to the learned CAE.

Abstract: Disclosed is a method for detecting anomaly traffic using an autoencoder based on an inception-residual network-v2 which is one type of machine learning methods, the method including generating a plurality of encoders on the basis of traffic data for learning; generating a plurality of pieces of image data on the basis of traffic data for each session, which is a detection target; and determining whether the traffic data for each session is abnormal using at least one among the traffic data for learning, the plurality of encoders, and the plurality of pieces of image data.

Abstract: Provided are an apparatus and method for verifying the integrity of a video file. The method includes receiving a video file and model information of a video recording device which is claimed to have recorded a verification-target video, extracting a header structure and a header value of the video file, extracting characteristic information according to the received model information of the video recording device from a characteristic database, and determining whether the extracted characteristic information according to the model information of the video recording device corresponds to the header structure and the header value of the video file.

Abstract: A smart badge of the present invention comprises a communication unit capable of performing wireless communication, an OTP (one-time password) storage unit configured to store therein OTP information for generating one-time password (OTP), a display unit configured to display information, an image storage unit configured to store therein at least two images to be displayed on the display unit, a personal information storage unit configured to store therein user's personal information, an input unit that is to be used for selecting an image to be displayed on the display unit, and a control unit configured to control the respective constitutional elements.

Abstract: There are provided a device for detecting a cyber attack and a method thereof. The device for detecting a cyber attack includes an event receiving unit configured to receive an event generated in at least one user terminal according to a behavior of a user who accesses a web server and uses web services provided from a web page, a model generating unit configured to generate an event model by extracting an event pattern corresponding to a behavior of the user based on the received event, and an attack detecting unit configured to detect whether access of the web server by a specific user terminal is an attack by comparing the event model with an event received from the specific user terminal. Therefore, various forms of cyber attacks are rapidly and accurately detected, and it is possible to provide a security service having high availability and reliability.

Abstract: The method for encoding a character string by a data processing device disclosed in the present specification comprises the steps of: acquiring input data; performing a one-way function to generate ciphertext based on the input data; and converting the ciphertext to output data. In the conversion step, the output characters constituting the output data are selected from the group of input characters constituting the input data, and the length of the output data becomes a specific length.

Abstract: Disclosed is a technology related to a method of generating an OTP and an apparatus for performing the same. The method includes receiving user secret information that is input according to execution of a process of providing an OTP; authenticating the user secret information by generating a response value based on the received user secret information and a challenge value received from a user verification apparatus, and transmitting the response value to the user verification apparatus; and generating an OTP using at least one of the user secret information, the challenge value and the response value as the user secret information is authenticated, thereby effectively dealing with loss or appropriation of a user terminal and also improving the security of an OTP.

Abstract: A method for issuing a certificate signing request (CSR) certificate in a vehicle-to-anything (V2X) communication environment includes: receiving, at a first server, a certificate issuance request message including vehicle identification information transmitted from a communication module of the vehicle; determining, by a second server, whether a CSR certificate corresponding to the vehicle identification information has already been issued with reference to a database; and determining, by the second server, whether to issue the corresponding CSR certificate or whether to generate an error message, based on the determination of whether the corresponding CSR certificate has already been issued.

Abstract: Provided is a data security method and apparatus using a characteristic preserving encryption. The data security apparatus includes an interface communicating with a user terminal or a database server, an input unit receiving information, an output unit outputting information, an encryption unit encrypting data in the data security method, a storage unit storing information, and a control unit controlling functions of the interface, the input unit, the output unit, the encryption unit or the storing unit.

Abstract: Disclosed is a data security method in a database engine. A data security engine unit is provided in the database engine so that the data security engine unit performs a data security function while automatically converting queries, which were stored in data storage engine unit without having been encoded and which were used to perform input or inquiry on the source data, to queries to be used to perform input or inquiry on encoded data. A data management engine unit performs operations associated with the input or inquiry with respect to the source data. A data storage engine unit stores encoded data which is encoded from the source data by the data security engine unit.