Abstract: Disclosed is an accelerator which includes a first to a K-th stage performing an NTT (Number Theoretic Transform) operation of first input data including a polynomial of a homomorphic ciphertext, the first to K-th stages being connected in series, and a first assist circuit generating a first to a K-th enable signal based on a degree of the polynomial of the first input data. Each of the first to K-th stages performs a butterfly operation of the first input data or corresponding output data of a previous stage in response to that the corresponding enable signal among the first to K-th enable signals indicates a first logical value, and bypasses the first input data or the corresponding output data of the previous stage in response to that the corresponding enable signal among the first to K-th enable signals indicates a second logical value.

Abstract: In order to increase the accuracy of status or failure diagnosis of machine tools and reduce the time and costs required for data collection and algorithm development for diagnosis, sensors are mounted on specific elements of the machine tools and measurement data is collected while operating under the specific operating conditions during a time interval between one machining operation and another machining operation to perform status or failure diagnosis of the machine tools. According to the present invention, by using data collected while operating machine tools under the predefined specific conditions using a time interval between one machining operation and another machining operation, it is possible to more accurately perform diagnosis while allowing less noise to be mixed in the data and reducing the time required for data collection for the development of diagnostic algorithm.

Abstract: A method of integrating different homomorphic operations in homomorphic encryption is provided. The method includes receiving a homomorphic ciphertext and encryption scheme information from a ciphertext generating apparatus by using a communication interface, performing a homomorphic multiplication operation on the homomorphic ciphertext by using a homomorphic multiplication operator, analyzing the encryption scheme information to determine one operation of a re-linearization operation performed by a re-linearization operator and a key switching operation performed by a key switching operator by using a main controller, performing the determined one operation by using the re-linearization operator or the key switching operator, and performing a modulus switching operation on an operation result of the determined one operation by using a modulus switching operator.

Abstract: The present invention relates to a vessel traffic service system and a method for extracting accident data, and more particularly, to a technique that search and extracts possible event traffic data automatically from data of a concerned area without knowing exact time when a marine accident occurs. The vessel traffic service system includes: an input unit receiving conditional information for extracting accident occurrence data from a user; a storage unit storing at least one of an automatic identification system (AIS) signal, a radar signal, and a camera image signal; and a control unit extracting an event occurrence part from at least one of the AIS signal, the radar signal, and the camera image signal of a point and a time at which an accident occurs in accordance with the conditional information to generate an accident candidate list.

Abstract: Disclosed herein are a one-way data transmission apparatus, a one-way data reception apparatus, and a one-way data transmission/reception method using the apparatuses. The one-way data transmission/reception method uses a one-way data transmission apparatus and a one-way data reception apparatus, and includes receiving data from a high-security zone through a one-way path, generating tag information of the data, sending a message in which the tag information is added to the data to the one-way data reception apparatus, receiving the message from the one-way data transmission apparatus, checking the tag information of the message, and transmitting the data to a low-security zone.

Abstract: Disclosed herein are an apparatus and method for dynamic binary analysis on a hardware board. The method for dynamic binary analysis on a hardware board is performed using an apparatus for dynamic binary analysis on the hardware board, and includes generating information required for dynamic binary analysis based on information collected while interfacing with an embedded device, disassembling, by a software processing unit, the information required for dynamic binary analysis by receiving the information from a hardware processing unit while interfacing with the hardware processing unit, selecting a core platform of the embedded device based on results of the disassembly, and analyzing security vulnerabilities in the embedded device by performing dynamic binary analysis of the core platform.

Abstract: Disclosed herein are a one-way data transmission apparatus, a one-way data reception apparatus, and a one-way data transmission/reception method using the apparatuses. The one-way data transmission/reception method uses a one-way data transmission apparatus and a one-way data reception apparatus, and includes receiving data from a high-security zone through a one-way path, generating tag information of the data, sending a message in which the tag information is added to the data to the one-way data reception apparatus, receiving the message from the one-way data transmission apparatus, checking the tag information of the message, and transmitting the data to a low-security zone.

Abstract: Provided is an integrity verification method performed in a virtualization system. Specifically, the integrity verification method may include receiving a security key for integrity verification from a mobile device, and verifying an integrity of a test target based on integrity verification information on the test target in a virtualization system using the received security key.

Abstract: An abnormal traffic detection apparatus and method based on Modbus communication pattern learning is provided. The abnormal traffic detection apparatus based on the Modbus communication pattern learning previously detects and responds to abnormal traffic on a Modbus/TCP protocol. According to the present invention, a communication service between control systems can be stably provided by previously detecting the abnormal traffic capable of interfering with a stable operation of the control system. Particularly, since the effective abnormal traffic on the Modbus/TCP protocol can be previously detected, security of the control system can be increased by rapid detection and response with respect to security threats on the Intranet of the control system, and availability can be secured.

Abstract: Provided is a packet monitoring method for a communication packet transmitted and received between a server and a control device including receiving the communication packet transmitted and received between the server and the control device; determining whether the received communication packet is abnormal, based on a history table including control information on communication packets received before the received communication packet and control information on the received communication packet; and performing a security operation according to results of the determination.

Abstract: Disclosed herein are a firmware watermarking method, firmware based on the method, and an apparatus for performing firmware watermarking, which can provide a basis for legally preparing for firmware modification attacks by embedding a watermark for original firmware in nonvolatile memory at the time of manufacturing embedded devices. The presented method is a firmware watermarking method performed by an apparatus for performing the firmware watermarking method, the method including generating an original watermark for firmware, and embedding the generated original watermark in the firmware.

Abstract: An apparatus and method for blocking abnormal communication are disclosed herein. The apparatus for blocking abnormal communication includes a packet collection unit, a packet analysis unit, and an access control unit. The packet collection unit collects a packet via a network device. The packet analysis unit generates a system rule, a communication flow rule, and a packet characteristic rule based on the packet from the packet collection unit. The access control unit determines whether to block the packet by determining whether the packet from the packet collection unit satisfies the system rule, the communication flow rule and the packet characteristic rule.

Abstract: A method for detecting an abnormal traffic on a control system protocol, includes: checking whether session information exists in a management table; adding a new entry to the management table; checking whether a transaction ID in a table entry is the same as that of the received MODBUS request message; and checking whether data and length thereof of the received MODBUS request message are the same as those in the table entry. Further, the method includes detecting an abnormal traffic; and updating the table entry with packet information of the MODBUS request message.

Abstract: The present invention relates to an apparatus and method that control a vessel deviating from an anchorage using wide-range sensor-based spherical trigonometry. In the method, vessels anchored in an anchorage are monitored. The anchorage is defined as a group, and the group of the anchored vessels is managed. Leaving of a vessel, needing to deviate from the anchorage, from the group is controlled. If a vessel recognized as a vessel identical to one that left the group requests anchoring after a predetermined period of time has elapsed, the anchoring-requesting vessel is controlled.

Abstract: An abnormal traffic detection apparatus and method based on Modbus communication pattern learning is provided. The abnormal traffic detection apparatus based on the Modbus communication pattern learning previously detects and responds to abnormal traffic on a Modbus/TCP protocol. According to the present invention, a communication service between control systems can be stably provided by previously detecting the abnormal traffic capable of interfering with a stable operation of the control system. Particularly, since the effective abnormal traffic on the Modbus/TCP protocol can be previously detected, security of the control system can be increased by rapid detection and response with respect to security threats on the Intranet of the control system, and availability can be secured.

Abstract: Provided are a system and method for detecting an abnormal behavior of a control system by analyzing flows of the control system. Flow information of the control network is collected, and flows are classified according to the collected flow information and a flow group is generated. An abnormal behavior of the control system is detected by analyzing flows of the generate flow group. That is, internal systems of the control network are grouped according to functions, and a situation of a system of a group performing the same function is managed to thus quickly detect an abnormal behavior of the control system.

Abstract: Disclosed is a user authenticating method in a web mash-up circumstance, including: requesting, by a mash-up server, updating an access authority token for accessing a data server to an authentication server; requesting, by the authentication server, a user authentication to the mash-up server; and issuing, by the authentication server, the updated access authority token to the mash-up server based on a response result to the user authentication request.

Abstract: The present invention relates to a vessel traffic service system and a method for extracting accident data, and more particularly, to a technique that search and extracts possible event traffic data automatically from data of a concerned area without knowing exact time when a marine accident occurs. The vessel traffic service system includes: an input unit receiving conditional information for extracting accident occurrence data from a user; a storage unit storing at least one of an automatic identification system (AIS) signal, a radar signal, and a camera image signal; and a control unit extracting an event occurrence part from at least one of the AIS signal, the radar signal, and the camera image signal of a point and a time at which an accident occurs in accordance with the conditional information to generate an accident candidate list.

Abstract: A method and apparatus for predicting the risk of the collision of an object are disclosed herein. The apparatus for predicting the risk of the collision of an object includes an information reception unit, an input processing unit, a risk calculation unit, and a provision unit. The information reception unit receives information transmitted by each of a plurality of heterogeneous transmission apparatuses. The input processing unit processes the information into input information required to calculate a degree of risk of a collision between objects. The risk calculation unit calculates the degree of risk of the collision between the objects using the processed input information. The provision unit externally outputs the degree of risk of the collision, and performs control so that the risk of the collision between the objects can be externally predicted.

Abstract: An apparatus for detecting an abnormality sign in a control system, the control system comprising control equipments, network equipments, security equipments or server equipments, the apparatus includes an information collection module configured to collect system information, network information, security event information or transaction information in interworking with a control equipments, network equipments, security equipments or server equipments. The apparatus includes storage module that stores the information collected by the information collection module. The apparatus includes an abnormality detection module configured to analyze a correlation between the collected information and a prescribed security policy to detect whether there is an abnormality sign in the control system.