Abstract: Disclosed herein is an electronic device including a message creation unit for creating an authentication message that includes hardware information and security level information for mutual authentication with an additional electronic device; a communication unit for sending the authentication message to the additional electronic device and receiving an authentication message of the additional electronic device from the additional electronic device; an authentication algorithm selection unit for selecting an authentication algorithm for mutual authentication with the additional electronic device based on hardware information and security level information of the additional electronic device, which are included in the authentication message of the additional electronic device; and an authentication processing unit for performing a mutual authentication process using the selected authentication algorithm.

Abstract: Provided are a microfluidic platform for cell culturing and a cell culturing method using the same. By applying a structure of a compartment which surrounds at least a portion of an annular reservoir and moving cells to be cultured to a site adjacent to a microchannel via rotation, a probability of observing cells that grew after culturing may increase and a probability of causing cells, particularly neurons, to grow so as to correspond to a signal transfer direction may increase.

Abstract: A mobile computing system for providing a high-security execution environment is provided. The mobile computing system separates execution environments in the same mobile device on the basis of virtualization technology and manages user-specific execution environments using the same hardware security module, thereby facilitating protection of personal privacy.

Abstract: Disclosed herein are a universal subscriber identification module card and a communication method using the same. The universal subscriber identification module card includes a Universal Subscriber Identification Module (USIM) chip, a pad, and a security chip. The USIM chip performs the user authentication of a mobile terminal. The pad electrically connects the USIM chip to the mobile terminal when the USIM chip is inserted into the mobile terminal. The security chip performs a security function for the mobile terminal independently of the USIM chip and shares the two power terminals of the pad with the USIM chip.

Abstract: A server receives a first echo request message which complies with an Internet control message protocol, extracts filtering information from hear information of the received first echo request message, and when a second echo request message which complies with the Internet control message protocol is received, compares header information of the received second echo request message and the extracted filtering information so as to determine whether to block an attacking packet for the received second echo request message. According to the present invention, the server blocks the attacking packet using the Internet control message protocol, thereby blocking a denial-of-service attack.

Abstract: The present invention relates to an apparatus and a method for transferring a data signal between a smartcard interface and an interface of a processor within an embedded system. According to an exemplary embodiment of the present invention, an interface conversion device communicating between a processor and a smartcard IC chip includes: an input/output signal conversion logic configured to transfer a signal between a first interface of the processor and a second interface of the smartcard IC chip; a clock generator configured to generate a clock signal driving the smartcard IC chip depending on a first control signal received from the processor and provide the generated clock signal to the smartcard IC chip; and a reset controller configured to generate a reset signal depending on a second control signal received from the processor and provide the generated reset signal to the smartcard IC chip.

Abstract: There are provided a method and apparatus for defending a Distributed Denial-of-Service (DDoS) attack through abnormally terminated sessions. The DDoS attack defending apparatus includes: a session tracing unit configured to parse collected packets, to extract header information from the collected packets, to trace one or more abnormally terminated sessions corresponding to one of pre-defined abnormally terminated session cases, based on the header information, and then to count the number of the abnormally terminated sessions; and an attack detector configured to compare the number of the abnormally terminated sessions to a predetermined threshold value, and to determine whether a DDoS attack has occurred, according to the results of the comparison. Therefore, it is possible to significantly reduce a false-positive rate of detection of a DDoS attack and the amount of computation for detection of a DDoS attack.

Abstract: There are provided a method and apparatus for detecting and handling a malicious act that performs billing and takes a financial gain using a short message service (SMS) in real time. The apparatus includes an SMS collecting module configured to collect an SMS message sent from or received in a smartphone; an SMS parsing module configured to parse the collected SMS message; an SMS examining module configured to examine at least one field of the parsed SMS message and determine whether the SMS message is a malicious act-related message based on an access control list (ACL) and an SMS signature DB; and an installing app examining module configured to examine SMS message sending permission of an app to be installed in the smartphone and a priority of an SMS receiver process included in the app and determine whether the app has a possibility of being malware.

Abstract: A technology for defending a Distributed Denial-of-Service (DDoS) attack is provided. A system for determining an application layer-based slow DDoS attack may include a packet collecting unit to collect a packet in a network, a packet parsing unit to extract at least one header field from the collected packet, and a DDoS attack determining unit to determine whether a DDoS attack against the packet is detected, using a session table and a flow table.

Abstract: Provided are a microfluidic platform for cell culturing and a cell culturing method using the same. By applying a structure of a compartment which surrounds at least a portion of an annular reservoir and moving cells to be cultured to a site adjacent to a microchannel via rotation, a probability of observing cells that grew after culturing may increase and a probability of causing cells, particularly neurons, to grow so as to correspond to a signal transfer direction may increase.

Abstract: A mobile computing system for providing a high-security execution environment is provided. The mobile computing system separates execution environments in the same mobile device on the basis of virtualization technology and manages user-specific execution environments using the same hardware security module, thereby facilitating protection of personal privacy.

Abstract: Disclosed herein is a Transmission Control Protocol (TCP) flooding attack prevention method. The TCP flooding attack prevention method includes identifying the type of a packet received at an intermediate stage between a client and a server; determining the direction of the packet; defining a plurality of session states based on the type and the direction of the packet; detecting a TCP flooding attack by tracking the session states for each flow; and responding to the TCP flooding attack based on the type of the TCP flooding attack.

Abstract: Disclosed herein are a universal subscriber identification module card and a communication method using the same. The universal subscriber identification module card includes a Universal Subscriber Identification Module (USIM) chip, a pad, and a security chip. The USIM chip performs the user authentication of a mobile terminal. The pad electrically connects the USIM chip to the mobile terminal when the USIM chip is inserted into the mobile terminal. The security chip performs a security function for the mobile terminal independently of the USIM chip and shares the two power terminals of the pad with the USIM chip.

Abstract: A server receives a first echo request message which complies with an Internet control message protocol, extracts filtering information from hear information of the received first echo request message, and when a second echo request message which complies with the Internet control message protocol is received, compares header information of the received second echo request message and the extracted filtering information so as to determine whether to block an attacking packet for the received second echo request message. According to the present invention, the server blocks the attacking packet using the Internet control message protocol, thereby blocking a denial-of-service attack.

Abstract: There are provided a method and apparatus for defending a Distributed Denial-of-Service (DDoS) attack through abnormally terminated sessions. The DDoS attack defending apparatus includes: a session tracing unit configured to parse collected packets, to extract header information from the collected packets, to trace one or more abnormally terminated sessions corresponding to one of pre-defined abnormally terminated session cases, based on the header information, and then to count the number of the abnormally terminated sessions; and an attack detector configured to compare the number of the abnormally terminated sessions to a predetermined threshold value, and to determine whether a DDoS attack has occurred, according to the results of the comparison. Therefore, it is possible to significantly reduce a false-positive rate of detection of a DDoS attack and the amount of computation for detection of a DDoS attack.

Abstract: A technology for defending a Distributed Denial-of-Service (DDoS) attack is provided. A system for determining an application layer-based slow DDoS attack may include a packet collecting unit to collect a packet in a network, a packet parsing unit to extract at least one header field from the collected packet, and a DDoS attack determining unit to determine whether a DDoS attack against the packet is detected, using a session table and a flow table.

Abstract: A method and apparatus for extracting a windows executable file that can search for a pattern related to windows executable files among a large quantity of network packets using a hardware-based session tracking and pattern matching technology and that can extract all packets included in the corresponding session are provided. The method of extracting a windows executable file includes: collecting incoming packets having a payload according to a session of a reference packet having an MZ pattern; performing a portable executable (PE) pattern matching for the collected incoming packets; and forming a PE file based on at least one incoming packet satisfying the PE pattern matching.

Abstract: An apparatus for diagnosing malicious files includes a information transferring unit configured to receive information regarding a malicious file distributed in a management network and an execution file generated by assembling packets collected from the management network; an anti-virus engine configured to determine whether or not the execution file is malicious to generate information regarding a new malicious file; and a management unit configured to transfer the information regarding the malicious file and the information regarding the new malicious file to a terminal device on the management network through the information transferring unit.

Abstract: Disclosed herein is a method for blocking a Denial-of-Service (DoS) attack. A server extracts a plurality of suspicious packets including data, length of which is equal to or greater than a preset length, from a plurality of received packets. The server determines a packet, which includes data composed of characters or character strings identical to each other, among the plurality of suspicious packets, to be an attack packet. The server blocks a packet corresponding to the attack packet. Accordingly, the present invention can block a DoS attack based on UDP flooding.

Abstract: Disclosed herein is a Transmission Control Protocol (TCP) flooding attack prevention method. The TCP flooding attack prevention method includes identifying the type of a packet received at an intermediate stage between a client and a server; determining the direction of the packet; defining a plurality of session states based on the type and the direction of the packet; detecting a TCP flooding attack by tracking the session states for each flow; and responding to the TCP flooding attack based on the type of the TCP flooding attack.