Abstract: Disclosed herein is an apparatus for enhancing network security, which includes an information collection unit for collecting information about states of hosts that form a network and information about connectivity in the network; an attack surface analysis unit for analyzing attack surfaces by creating an attack graph using the information about the states and the information about connectivity; a security-enhancing strategy establishment unit for establishing a security-enhancing strategy based on the attack graph; and a security-enhancing strategy implementation unit for delivering a measure based on the security-enhancing strategy to a corresponding host, thereby taking a security-enhancing measure.

Abstract: Disclosed herein are an apparatus and method for generating and operating a dynamic Controller Area Network (CAN) Identifier (ID). The apparatus includes a priority ID generation unit for generating a priority ID that is a base ID, a dynamic ID generation unit for generating a dynamic ID that is dynamically changed, and a communication unit for transmitting/receiving a data frame in which a dynamic CAN ID including the priority ID and the dynamic ID is combined with data.

Abstract: A ransomware detection apparatus and an operation method thereof are provided. The ransomware detection apparatus may include a frequency converter receiving an OP code currently being executed in a CPU and converting a value of the OP code into a frequency domain to generate a first OP code frequency waveform, a memory storing a second OP code frequency waveform, which is a value obtained by converting the OP code corresponding to a ransomware encryption algorithm into a frequency domain, and a ransomware determiner comparing the first OP code frequency waveform with the second OP code frequency waveform to determine whether ransomware operates.

Abstract: A method and an apparatus for authenticating user using biometric information. The apparatus authenticates the user by performing: generating a first feature vector from first biometric information of the user obtained by the biometric sensor and multiplying the first feature vector by a plurality of pseudo-random number (PRN) matrices, respectively; generating a query template based on an index of an element having a maximum value among elements of a result vector of the multiplication between the first feature vector and the plurality of PRN matrices; and performing authentication for the user by comparing the query template with a pre-stored reference template of a subscribed user.

Abstract: A transaction information managing system including a plurality of servers and at least one third-party server, wherein the plurality of servers are configured to create, when transactions using the budget of the public organization occurs, a block based on transaction information of the transactions, add the block to the block chain, and share the block chain and the at least one third-party server is configured to perform a mathematical operation to enhance the reliability of the block chain, and a method for managing the transaction information are provided.

Abstract: Disclosed are methods and devices for processing a motion-based image by determining a rendering time point that reflects a recent user motion. The methods include obtaining commands or data used in graphics rendering from a memory; determining a rendering time point of a first frame between continuous vertical synchronization signals based on an expected rendering time of the first frame; and rendering the motion-based image based on the commands or the data, and motion-related data corresponding to the rendering time point of the first frame.

Abstract: A method and an apparatus for fingerprint recognition are disclosed. The apparatus for the fingerprint recognition may extract a plurality of fingerprint feature points from a fingerprint image and may predetermine a group among the plurality of fingerprint feature points. The apparatus for the fingerprint recognition may also calculate a ridge number between the first fingerprint feature points included in the group and may use the ridge number to generate a ridge count sequence.

Abstract: Disclosed is a method and apparatus for mobile terminal management supporting security policy. An exemplary embodiment of the present invention provides a terminal management method for installing a mobile device management (MDM) function in which a server supports a security policy for a binary mobile application, including: adding, by the server, an MDM interlocking code for each class-method unit of an original application of the binary mobile application; modifying, by the server, the original application into a modification application; and generating and transmitting, by the server, an MDM policy including at least one MDM function to be applied to the modification application to a mobile terminal.

Abstract: Disclosed herein are an apparatus and method for dynamic binary analysis on a hardware board. The method for dynamic binary analysis on a hardware board is performed using an apparatus for dynamic binary analysis on the hardware board, and includes generating information required for dynamic binary analysis based on information collected while interfacing with an embedded device, disassembling, by a software processing unit, the information required for dynamic binary analysis by receiving the information from a hardware processing unit while interfacing with the hardware processing unit, selecting a core platform of the embedded device based on results of the disassembly, and analyzing security vulnerabilities in the embedded device by performing dynamic binary analysis of the core platform.

Abstract: A face recognition based key generation apparatus controls a key generation model that is formed of a CNN and an RNN to be learned to generate a desired key having a consistent value by using sample facial images of a key owner and a PIN of the key owner as inputs, and the key generation model receives a facial image of the key owner and the PIN of the key owner, as inputs at a desired key generation time, and generates a key.

Abstract: Disclosed herein are an apparatus and method for authenticated key exchange using a password and an identity-based signature, by which robustness is provided in order to prevent a server impersonation attack when a password is exposed, and by which a client may be provided with convenient authentication using an ID and a password.

Abstract: Disclosed herein are an apparatus and method for protecting privacy in which, in consideration of an application usage pattern, personal information is selectively provided depending on the purpose of use of the service of an application and on the privacy level, whereby a user may make better use of the service and the user's privacy may be effectively protected.

Abstract: Provided are an operation method and a secure terminal for performing the method. The operation method may include receiving, from a user terminal, a plain text on which an external encoding operation is to be performed, performing the external encoding operation on the plain text, and transmitting the external encoding operated plain text to the user terminal, and the operation method may include receiving, from a user terminal, a cryptogram in which a white-box cryptography operation is performed on an external encoding operated plain text; performing an external decoding operation on the cryptogram; and transmitting the external decoding operated cryptogram to the user terminal.

Abstract: An apparatus and method for graphics state management. The apparatus for graphics state management includes a state version manager configured to manage changes in graphics state versions by allocating or deallocating a memory for each of graphics states based on a page of a predetermined size, wherein the state version manager allocates or deallocates pages for each of the graphics state versions by using a string of binary values that indicates the respective reference states of each of those pages.

Abstract: Disclosed are an entry and exit control method and apparatus, and a user terminal and a server. The entry and exit control method may be performed by the entry and exit control apparatus, and include broadcasting location information of the entry and exit control apparatus, receiving an authentication token from the user terminal providing a user authentication interface, verifying the received authentication token, and controlling an entry or an exit based on the verified authentication token, in which the authentication token may be issued by an entry and exit control server communicating with the entry and exit control apparatus at a request of the user terminal.

Abstract: Disclosed are an apparatus and method for providing a digital signature. The apparatus includes a certificate unit, an input unit receives a selection input for a certificate related to signature content received from a signature-requesting terminal, and a control unit for determining whether the certificate unit is capable of performing a digital signature function corresponding to a selected certificate. If the certificate unit is capable of performing the digital signature function, the certificate unit creates a digital signature based on a private key corresponding to the selected certificate when the control unit commands the certificate unit to create a digital signature. Further, if the certificate unit is not capable of performing the digital signature function, the control unit creates a digital signature based on a private key corresponding to a certificate selected from the certificate unit. The control unit transmits the digital signature to the signature-requesting terminal.

Abstract: Provided are an apparatus and a method for effectively managing threads diverged by a conditional branch based on Single Instruction Multiple-based Data (SIMD). The apparatus includes: a plurality of Front End Units (FEUs) configured to fetch, for execution by SIMD lanes, instructions of thread groups of a program flow; and a controller configured to schedule a thread group based on SIMD lane availability information, activate an FEU of the plurality of FEUs, and control the activated FEU to fetch an instruction for processing the scheduled thread group.

Abstract: Provided are a zone-based user verification system, a method thereof, and a zone-based user verification server.

Abstract: An apparatus and method for graphics state management. The apparatus for graphics state management includes a state version manager configured to manage changes in graphics state versions by allocating or deallocating a memory for each of graphics states based on a page of a predetermined size, wherein the state version manager allocates or deallocates pages for each of the graphics state versions by using a string of binary values that indicates the respective reference states of each of those pages.

Abstract: Disclosed are an apparatus and method for providing a digital signature. The apparatus includes a certificate unit, an input unit receives a selection input for a certificate related to signature content received from a signature-requesting terminal, and a control unit for determining whether the certificate unit is capable of performing a digital signature function corresponding to a selected certificate. If the certificate unit is capable of performing the digital signature function, the certificate unit creates a digital signature based on a private key corresponding to the selected certificate when the control unit commands the certificate unit to create a digital signature. Further, if the certificate unit is not capable of performing the digital signature function, the control unit creates a digital signature based on a private key corresponding to a certificate selected from the certificate unit. The control unit transmits the digital signature to the signature-requesting terminal.