Abstract: An apparatus and method for collecting the radio frequency (RF) feature of a wireless device in a wireless communication apparatus are disclosed herein. The RF feature extraction unit adds a tag having a unique value to a received radio signal, and extracts RF feature information from the radio signal. The MAC information extraction unit extracts the source MAC address and tag information of a MAC protocol frame from the received radio signal, and then removes the added tag. The tag comparison unit selects an source MAC address and RF feature information, when the tags have the same value, from the RF feature information and tag information from the RF feature extraction unit and the source MAC address and tag information from the MAC information extraction unit. The RF feature storage unit stores the selected source MAC address and RF feature information.

Abstract: Provided is a healthcare device including a sensor unit configured to collect patient's biometric information or perform medical treatment on the patient; a communication unit configured to communicate with a healthcare gateway; a control unit configured to receive a control command from the healthcare gateway through the communication unit and control the sensor unit according to the received control command; and a device verification unit configured to receive a verification request from the healthcare gateway, verify an error of the control unit or the sensor unit in response to the received verification request, and transmit results of the verification to the healthcare gateway.

Abstract: An apparatus and a method for identifying a rogue device having a media access control (MAC) address counterfeited/forged when a wireless intrusion prevention system controls an access to an access point (AP) and a wireless terminal which are not applied are disclosed. The apparatus includes: a sensor unit configured to collect MAC addresses, RSSI values, and RF feature values based on RF signals of wireless terminals; an RF feature database configured to store the collected MAC addresses, RSSI values, and RF feature values; and a terminal identification unit configured to identify whether a MAC of any one of the wireless terminals is forged by comparing information of the RF feature database with the RSSI value and the RF feature value of any one of the wireless terminals according to a MAC verification request of any one of the wireless terminals from the sensor unit.

Abstract: Disclosed are a method for providing a security service for a wireless device and an apparatus thereof. The method includes obtaining a wireless fingerprint of a wireless device, determining a wireless device type corresponding to the obtained wireless fingerprint by referring to a first database, determining a security policy corresponding to the determined wireless device type by referring to a second database, and applying the determined security policy to a service for the wireless device, so that the wireless device is provided with a tight security service.

Abstract: An apparatus and method for collecting the radio frequency (RF) feature of a wireless device in a wireless communication apparatus are disclosed herein. The RF feature extraction unit adds a tag having a unique value to a received radio signal, and extracts RF feature information from the radio signal. The MAC information extraction unit extracts the source MAC address and tag information of a MAC protocol frame from the received radio signal, and then removes the added tag. The tag comparison unit selects an source MAC address and RF feature information, when the tags have the same value, from the RF feature information and tag information from the RF feature extraction unit and the source MAC address and tag information from the MAC information extraction unit. The RF feature storage unit stores the selected source MAC address and RF feature information.

Abstract: Disclosed herein is an apparatus for analyzing the vulnerability of a wireless local area network (LAN). The apparatus includes a collection unit, an analysis unit, and an attack unit. The collection unit collects packets transmitted and received in a wireless LAN service. The analysis unit analyzes the state of a network using the collected packets. The attack unit makes a wireless attack against an attack target using the state of the network, and controls the mode switching of a device driver based on an operating mode.

Abstract: An apparatus and a method for identifying a rogue device having a media access control (MAC) address counterfeited/forged when a wireless intrusion prevention system controls an access to an access point (AP) and a wireless terminal which are not applied are disclosed. The apparatus includes: a sensor unit configured to collect MAC addresses, RSSI values, and RF feature values based on RF signals of wireless terminals; an RF feature database configured to store the collected MAC addresses, RSSI values, and RF feature values; and a terminal identification unit configured to identify whether a MAC of any one of the wireless terminals is forged by comparing information of the RF feature database with the RSSI value and the RF feature value of any one of the wireless terminals according to a MAC verification request of any one of the wireless terminals from the sensor unit.

Abstract: A WLAN terminal positioning apparatus includes a directional antenna module including a directional antenna, a first motor, and a second motor wherein the second motor is combined with a shaft of the first motor and the directional antenna is combined with a shaft of the second motor such that the directional antenna has a hemispherical search range, where an angle of the maximum signal strength of the signal received by the directional antenna from the WLAN terminal is measured while the first motor or the second motor is rotated, and an estimated physical position of the WLAN terminal is calculated using a directional direction of the directional antenna.

Abstract: A system for tracking an illegal distributor and preventing an illegal content distribution includes: a forensic mark generator for receiving content and a content identification code from a content providing apparatus to generate a forensic mark; a forensic mark database for storing the generated forensic mark; a forensic mark insertion unit for inserting the forensic mark into the content; and a content database for storing the content into which the forensic mark has been inserted. The system further includes a content transmitter for transmitting the content into which the forensic mark has been inserted to the content utilization apparatus.

Abstract: Disclosed herein is an apparatus for analyzing the vulnerability of a wireless local area network (LAN). The apparatus includes a collection unit, an analysis unit, and an attack unit. The collection unit collects packets transmitted and received in a wireless LAN service. The analysis unit analyzes the state of a network using the collected packets. The attack unit makes a wireless attack against an attack target using the state of the network, and controls the mode switching of a device driver based on an operating mode.

Abstract: A group signature system includes: a key issuer server for generating a first parameter of a group public key, generating a corresponding master issuing key, and issuing a signature key to a user when a user device joins; an opener server for generating a second parameter of the group public key, and a corresponding master opening key and master linking key; and a linker server for checking whether two valid signatures have been linked by using the master linking key when the two signatures corresponding to a group public key are given. The group signature system further includes: a signature verifying unit for confirming a validity of the given signatures and a signer information confirming unit for confirming a validity of singer confirming information generated by the opener server.

Abstract: A method including: detecting an unauthorized soft rogue AP; collecting information about the detected soft rogue AP, information about one or more access terminals connected to the detected soft rogue AP, and information about one or more candidate attack terminals that are not connected to the detected soft rogue AP, and storing the collected information; receiving frames related to the information about the stored soft rogue AP, and analyzing similarities between communication patterns of the access terminals and communication patterns of the candidate attack terminals based on the received frames; and tracking out an attack terminal driving the unauthorized soft rogue AP based on the results of the analysis on the similarities between the communication patterns of the access terminals and the communication patterns of the candidate attack terminals. Accordingly, it is possible to effectively block the soft rogue AP.

Abstract: A data encoding apparatus for verifying data integrity by using a white box cipher includes: an encoding unit for encoding content by using a white box cipher table; and an arithmetic logic unit for performing an arithmetic logic operation on the white box cipher table and content information to output an encoded white box cipher table. The arithmetic logic operation is an exclusive OR operation. The content information is license information of the content or hash value of the license information of the content.

Abstract: A content protection apparatus using a white-box encryption table includes: a random number generation unit for generating a random number; a white-box encryption table for encrypting the random number and user information provided from a user to generate an encrypted output value; and an operation unit for performing an operation between the encrypted output value and data inputted from an outside to encrypt or decrypt the data.

Abstract: Disclosed is a dongle device for wireless intrusion prevention, which can provide a wireless intrusion prevention service to a wireless access point in a wireless local area communication network. A dongle device for wireless intrusion prevention including an interface unit connected to an access point and configured to receive a data frame from the access point, a control unit configured to determine a security threat on the basis of the received data frame and generate prevention information if there is the security threat according to the determination result, and a storage unit configured to store information for security threat determination can make an existing wireless access point a wireless access point that can provide wireless intrusion prevention.

Abstract: Disclosed herein is a method of verifying key validity and a server for performing the method. The method is configured such that a service provision server verifies key validity in an anonymous service for providing local linkability. The service provision server receives a revocation list. A local revocation list is generated using the received revocation list and a secret key. A virtual index of a service user required to verify key validity is calculated. Whether a key of the service user is valid is verified, based on whether the virtual index is included in the local revocation list.

Abstract: The present invention relates to a content protection apparatus and method using binding of additional information to an encryption key. The content protection apparatus includes an encryption unit for creating an encryption key required to encrypt data requested by a user terminal and then generating encrypted data in which the data is encrypted. An additional information management unit manages additional information including authority information about the encrypted data. A White-Box Cryptography (WBC) processing unit generates a WBC table required to bind the encryption key corresponding to the encrypted data to the additional information. A bound data generation unit generates bound data in which the encrypted key is bound to the additional information, using a cipher included in the WBC table.

Abstract: There is provided an anonymous service method of providing local linkability. The anonymous service method providing local linkability according to exemplary embodiments of the invention, an anonymous authentication operation based on a short group signature is performed, for which the concept of a local linkability is introduced to secure linkability within the same service domain. Namely, in the interior of a service provider, a virtual index having a fixed value is calculated for each service user, and in this case, although a plurality of service providers collude with each other, they cannot calculate a virtual index having the same value, whereby the linkability can be secured within the same service domain but not within the interiors of different service domains.

Abstract: Provided is a digital rights management system, in which a process of combining digital content created by the original author with first metadata indicated with rights information of the original author and a process of combining revised digital content with second metadata indicated with rights information of a secondary author, are respectively and separately performed at the server and terminal sides. Thus, the digital rights management system can reduce the load generated at the server side compared to a system in which the server side performs both of the above processes.

Abstract: An apparatus automatically inspects security of mobile applications. The apparatus includes a static analyzer to perform a static analysis by reversing an execution file of the mobile application, and an automatic execution processor to generate an automatic execution script used to automatically execute the execution file and execute the automatic execution script automatically to generate a log. The apparatus further includes a dynamic analyzer to analyze whether a pattern of malicious codes was executed in the execution file using the result of the static analysis and the log resulted from the automatic execution.