Pub Date : 2019-03-18DOI: 10.1109/PLATCON.2019.8669406
Jong-ho Noh, Hun-Yeong Kwon
The smart city is aiming for an intelligent connected society beyond the concept of U-City with simple ICT. In particular, the rapid development of information and communications, such as 5G, and blockchain, has led to a paradigm shift to a new digital urban environment. As smart energy and smart transportation are integrated or interlocked, the technical and institutional arrangement should be preceded from the time of user authentication to provide reliability, transparency, and efficiency. For this purpose, this study aims to investigate the technical and institutional plans for the implementation of safe urban life utilizing blockchain technology. In order to apply smart city services using block-chain technology, it is necessary to fully agree and practice among various stakeholders such as public, business, academia, and civic groups. It is expected to be implemented as a people-centered smart city by gradually applying the block chain-based pilot service, which is made and participated together.
{"title":"A Study on smart city security policy based on blockchain in 5G Age","authors":"Jong-ho Noh, Hun-Yeong Kwon","doi":"10.1109/PLATCON.2019.8669406","DOIUrl":"https://doi.org/10.1109/PLATCON.2019.8669406","url":null,"abstract":"The smart city is aiming for an intelligent connected society beyond the concept of U-City with simple ICT. In particular, the rapid development of information and communications, such as 5G, and blockchain, has led to a paradigm shift to a new digital urban environment. As smart energy and smart transportation are integrated or interlocked, the technical and institutional arrangement should be preceded from the time of user authentication to provide reliability, transparency, and efficiency. For this purpose, this study aims to investigate the technical and institutional plans for the implementation of safe urban life utilizing blockchain technology. In order to apply smart city services using block-chain technology, it is necessary to fully agree and practice among various stakeholders such as public, business, academia, and civic groups. It is expected to be implemented as a people-centered smart city by gradually applying the block chain-based pilot service, which is made and participated together.","PeriodicalId":364838,"journal":{"name":"2019 International Conference on Platform Technology and Service (PlatCon)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2019-03-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133558528","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-01-01DOI: 10.1109/PLATCON.2019.8669405
Jean Claude Nikoue, S. Butakov, Yasir Malik
Software Defined Networking (SDN) has introduced both innovative opportunities and additional risks in the computer networking. Among disadvantages of SDNs one can mention their susceptibility to vulnerabilities associated with both virtualization and the traditional networking. Selecting a proper controller for an organization may not be a trivial task as there is a variety of SDN controllers on the market and each of them may come with its own pros and cons from the security point of view. This research proposes a comprehensive methodology for organizations to evaluate security-related features available in SDN controllers. The methodology can serve as a guideline in the decisions related to SDN choice. The proposed security assessment follows a structured approach to evaluate each layer of the SDN architecture and each metrics defined in presented research has been matched with the security controls defined in NIST 800-53. Through the tests on actual controllers the paper provides an example on how the proposed methodology can be used to evaluate existing SDN solutions.
{"title":"Security Evaluation Methodology for Software Defined Network Solutions","authors":"Jean Claude Nikoue, S. Butakov, Yasir Malik","doi":"10.1109/PLATCON.2019.8669405","DOIUrl":"https://doi.org/10.1109/PLATCON.2019.8669405","url":null,"abstract":"Software Defined Networking (SDN) has introduced both innovative opportunities and additional risks in the computer networking. Among disadvantages of SDNs one can mention their susceptibility to vulnerabilities associated with both virtualization and the traditional networking. Selecting a proper controller for an organization may not be a trivial task as there is a variety of SDN controllers on the market and each of them may come with its own pros and cons from the security point of view. This research proposes a comprehensive methodology for organizations to evaluate security-related features available in SDN controllers. The methodology can serve as a guideline in the decisions related to SDN choice. The proposed security assessment follows a structured approach to evaluate each layer of the SDN architecture and each metrics defined in presented research has been matched with the security controls defined in NIST 800-53. Through the tests on actual controllers the paper provides an example on how the proposed methodology can be used to evaluate existing SDN solutions.","PeriodicalId":364838,"journal":{"name":"2019 International Conference on Platform Technology and Service (PlatCon)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2019-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127119654","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-01-01DOI: 10.1109/platcon.2019.8668956
{"title":"PlatCon 2019 Copyright Page","authors":"","doi":"10.1109/platcon.2019.8668956","DOIUrl":"https://doi.org/10.1109/platcon.2019.8668956","url":null,"abstract":"","PeriodicalId":364838,"journal":{"name":"2019 International Conference on Platform Technology and Service (PlatCon)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2019-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123754499","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-01-01DOI: 10.1109/PLATCON.2019.8669419
Seung-min Lee, Soojin Park, Young B. Park
The block chain technology is changing rapidly. The block chain guarantees the integrity of the book through a specific consensus of the participants. In the past, the block chain technology had a limited range of applications. However, the use of block chain technology is gradually expanding as smart contracts that can formulate general business logic are mentioned. Already studied the components of smart contracts in other studies and proposed the possibility of extending them on the basis of ontology. And research on securing traceability of smart contract based on ontology has been carried out. However, research on various transactions constituting smart contracts is lacking. In this paper, the constituent elements of smart contract are analyzed and expressed by ontology. And the process of negotiating the components is represented by each transaction. Finally, we construct the component represented by the ontology as XML by including the state information in the transaction. In this way, the smart contract is represented in a formal language that contains state information. It also laid the foundation for a smart contract that can be reused and verified.
{"title":"Formal Specification Technique in Smart Contract Verification","authors":"Seung-min Lee, Soojin Park, Young B. Park","doi":"10.1109/PLATCON.2019.8669419","DOIUrl":"https://doi.org/10.1109/PLATCON.2019.8669419","url":null,"abstract":"The block chain technology is changing rapidly. The block chain guarantees the integrity of the book through a specific consensus of the participants. In the past, the block chain technology had a limited range of applications. However, the use of block chain technology is gradually expanding as smart contracts that can formulate general business logic are mentioned. Already studied the components of smart contracts in other studies and proposed the possibility of extending them on the basis of ontology. And research on securing traceability of smart contract based on ontology has been carried out. However, research on various transactions constituting smart contracts is lacking. In this paper, the constituent elements of smart contract are analyzed and expressed by ontology. And the process of negotiating the components is represented by each transaction. Finally, we construct the component represented by the ontology as XML by including the state information in the transaction. In this way, the smart contract is represented in a formal language that contains state information. It also laid the foundation for a smart contract that can be reused and verified.","PeriodicalId":364838,"journal":{"name":"2019 International Conference on Platform Technology and Service (PlatCon)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2019-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121630399","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-01-01DOI: 10.1109/PLATCON.2019.8669424
H. Baek, Minhee Joo, Won Park, Youngin You, K. Lee
As the penetration rate of smart mobile devices has increased, threats targeting the Android platform, which accounts for the majority of mobile operating systems, have increased. As a typical example, a fake Korea Financial Supervisory Service application(app) appeared at the end of 2017. When users installed this app and called the Financial Supervisory Service, there was a case of fake loan consultation, which resulted in financial loss and leakage of personal information. There have been a variety of malicious apps targeting mobile devices. As a result, it became necessary to detect the risks to such malicious apps and to make decisions about the apps. In this paper, we created a model to evaluate the risk of apps in Android and define the characteristics of each element. In addition, the risk from the model is used to make a risk map for decision making using unsupervised algorithms. To make the risk map in this paper uses the data of 2970 apps that is malicious or benign. As a result of the experiment, some of the benign apps were classified as very high risk. They had a lot of high-risk permissions, and there was a need for users to be careful. The results of this study can help users know the exact risk of Android apps and help detect unknown malicious apps.
{"title":"Android Application Risk Indicator Based on Feature Analysis Utilizing Machine Learning","authors":"H. Baek, Minhee Joo, Won Park, Youngin You, K. Lee","doi":"10.1109/PLATCON.2019.8669424","DOIUrl":"https://doi.org/10.1109/PLATCON.2019.8669424","url":null,"abstract":"As the penetration rate of smart mobile devices has increased, threats targeting the Android platform, which accounts for the majority of mobile operating systems, have increased. As a typical example, a fake Korea Financial Supervisory Service application(app) appeared at the end of 2017. When users installed this app and called the Financial Supervisory Service, there was a case of fake loan consultation, which resulted in financial loss and leakage of personal information. There have been a variety of malicious apps targeting mobile devices. As a result, it became necessary to detect the risks to such malicious apps and to make decisions about the apps. In this paper, we created a model to evaluate the risk of apps in Android and define the characteristics of each element. In addition, the risk from the model is used to make a risk map for decision making using unsupervised algorithms. To make the risk map in this paper uses the data of 2970 apps that is malicious or benign. As a result of the experiment, some of the benign apps were classified as very high risk. They had a lot of high-risk permissions, and there was a need for users to be careful. The results of this study can help users know the exact risk of Android apps and help detect unknown malicious apps.","PeriodicalId":364838,"journal":{"name":"2019 International Conference on Platform Technology and Service (PlatCon)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2019-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114257643","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-01-01DOI: 10.1109/PLATCON.2019.8669417
Sangwho Kim, Jaecheol Ryou
We studied source code analysis techniques to predict statically how real programs work and use memory. If we can recognize problems of memory usage in the source code, we are able to prevent them and improve security in the software development phase. The problem detection techniques which are already existed can detect whether the program includes weak code such as Common Vulnerabilities and Exposures, Common Weakness Enumeration. However, these methods are not useful for finding problems in programs that do not include OpenSource. because they use hash value or pattern of weak code contained in OpenSource. Therefore, we propose a static prediction technique for dynamic memory usage with source code analysis without using techniques such as similarity detection. Also, we present how to calculate the values used for static prediction from the source code.
{"title":"Source Code Analysis for Static Prediction of Dynamic Memory Usage","authors":"Sangwho Kim, Jaecheol Ryou","doi":"10.1109/PLATCON.2019.8669417","DOIUrl":"https://doi.org/10.1109/PLATCON.2019.8669417","url":null,"abstract":"We studied source code analysis techniques to predict statically how real programs work and use memory. If we can recognize problems of memory usage in the source code, we are able to prevent them and improve security in the software development phase. The problem detection techniques which are already existed can detect whether the program includes weak code such as Common Vulnerabilities and Exposures, Common Weakness Enumeration. However, these methods are not useful for finding problems in programs that do not include OpenSource. because they use hash value or pattern of weak code contained in OpenSource. Therefore, we propose a static prediction technique for dynamic memory usage with source code analysis without using techniques such as similarity detection. Also, we present how to calculate the values used for static prediction from the source code.","PeriodicalId":364838,"journal":{"name":"2019 International Conference on Platform Technology and Service (PlatCon)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2019-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121322504","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-01-01DOI: 10.1109/PLATCON.2019.8669413
Minju Kang, Hunyeong Kwon
Recently, the development of cloud computing technology has brought not only an easier access on information, but also security issues on personal information in the cloud industry. In this response, Cloud Security Certification System is implemented to solve the various cloud security problems in Korea. However, it is difficult to see that the level of technical protection measures of the cloud security certification system is satisfied with all the technical protection measures required by the personal information protection laws and regulations. As a result, it was proposed that security products that are highly related to the contents of the personal information protection laws and regulations should be in line with the CC(common criteria) certified product group. In this paper, we propose items that the cloud security certification system should supplement from the viewpoint of security requirements that are compliant with the CC certified product line
{"title":"A Study on the Needs for Enhancement of Personal Information Protection in Cloud Computing Security Certification System","authors":"Minju Kang, Hunyeong Kwon","doi":"10.1109/PLATCON.2019.8669413","DOIUrl":"https://doi.org/10.1109/PLATCON.2019.8669413","url":null,"abstract":"Recently, the development of cloud computing technology has brought not only an easier access on information, but also security issues on personal information in the cloud industry. In this response, Cloud Security Certification System is implemented to solve the various cloud security problems in Korea. However, it is difficult to see that the level of technical protection measures of the cloud security certification system is satisfied with all the technical protection measures required by the personal information protection laws and regulations. As a result, it was proposed that security products that are highly related to the contents of the personal information protection laws and regulations should be in line with the CC(common criteria) certified product group. In this paper, we propose items that the cloud security certification system should supplement from the viewpoint of security requirements that are compliant with the CC certified product line","PeriodicalId":364838,"journal":{"name":"2019 International Conference on Platform Technology and Service (PlatCon)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2019-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114558582","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-01-01DOI: 10.1109/PLATCON.2019.8669421
Zi-Chao Lin, Chun-Feng Liao
UPnP (Universal Plug and Play) is popular in home networks because it provides a general service management schemes for heterogeneous hardware and software based on open standards. Meanwhile, the rise of the internet of things (IoT) results in the rapid growth of the number of small or embedded devices which makes the IPv4 address exhaustion even worse. Hence, IPv6 is widely adopted in recent years. It is worthy to note that IPv6 also improves the design of the family of IP-based management protocols, namely, ICMPv6, so that the efficiency of transmission is significantly improved. Following this trend, UPnP also supports IPv6, but this extension concentrates on the address compatibility and neglects to utilize the improved design in IPv6. In light of this, this paper proposes a new service discovery protocol which bases on ICMPv6 in order to make the service discovery of UPnP more compact and efficient. Also, we develop a monitoring tool for developers to troubleshoot the problems of the proposed protocol. We hope this enhancement can make the deployment of IoT in the smart home network more scalable and robust.
UPnP (Universal Plug and Play,即通用即插即用)基于开放标准为异构硬件和软件提供了通用的业务管理方案,在家庭网络中非常流行。同时,物联网(IoT)的兴起导致小型或嵌入式设备数量的快速增长,使得IPv4地址枯竭更加严重。因此,IPv6在近年来被广泛采用。值得注意的是,IPv6还改进了基于ip的管理协议家族ICMPv6的设计,使传输效率得到了显著提高。遵循这一趋势,UPnP也支持IPv6,但这个扩展集中在地址兼容性和忽略利用IPv6改进的设计。鉴于此,本文提出了一种新的基于ICMPv6的服务发现协议,以使UPnP的服务发现更加紧凑和高效。此外,我们还为开发人员开发了一个监控工具,以排除所提议协议的问题。我们希望这种增强可以使物联网在智能家居网络中的部署更具可扩展性和鲁棒性。
{"title":"ICMPv6SD: A Compact Service Discovery Protocol Supporting Plug-and-Play in Home Networks","authors":"Zi-Chao Lin, Chun-Feng Liao","doi":"10.1109/PLATCON.2019.8669421","DOIUrl":"https://doi.org/10.1109/PLATCON.2019.8669421","url":null,"abstract":"UPnP (Universal Plug and Play) is popular in home networks because it provides a general service management schemes for heterogeneous hardware and software based on open standards. Meanwhile, the rise of the internet of things (IoT) results in the rapid growth of the number of small or embedded devices which makes the IPv4 address exhaustion even worse. Hence, IPv6 is widely adopted in recent years. It is worthy to note that IPv6 also improves the design of the family of IP-based management protocols, namely, ICMPv6, so that the efficiency of transmission is significantly improved. Following this trend, UPnP also supports IPv6, but this extension concentrates on the address compatibility and neglects to utilize the improved design in IPv6. In light of this, this paper proposes a new service discovery protocol which bases on ICMPv6 in order to make the service discovery of UPnP more compact and efficient. Also, we develop a monitoring tool for developers to troubleshoot the problems of the proposed protocol. We hope this enhancement can make the deployment of IoT in the smart home network more scalable and robust.","PeriodicalId":364838,"journal":{"name":"2019 International Conference on Platform Technology and Service (PlatCon)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2019-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114361218","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-01-01DOI: 10.1109/platcon.2019.8669433
{"title":"PlatCon 2019 TOC","authors":"","doi":"10.1109/platcon.2019.8669433","DOIUrl":"https://doi.org/10.1109/platcon.2019.8669433","url":null,"abstract":"","PeriodicalId":364838,"journal":{"name":"2019 International Conference on Platform Technology and Service (PlatCon)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2019-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124783925","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-01-01DOI: 10.1109/PLATCON.2019.8669427
Areeya Rubenecia, Myungwhan Choi, Hyohyun Choi
This paper presents the simulation system of a three dimensional intersection crossing model. In this model, multiple UAVs must access the intersection without colliding with each other. The system uses reservation-based scheduling to manage the entrance of the UAVs in the intersection wherein there will be no collision among the UAVs that are travelling in the intersection at the same time. It also finds the path to be taken by the UAV through which it will reach the exit of the intersection in the shortest time. The simulation system is implemented using object-oriented programming. UML diagrams are used to describe the simulation system’s structure. Along with the UML diagram, we discussed the classes, attributes, methods and the relationship of the classes in the simulation.
{"title":"Simulation System of a Reservation-Based 3D Intersection Crossing Scheme for UAVs","authors":"Areeya Rubenecia, Myungwhan Choi, Hyohyun Choi","doi":"10.1109/PLATCON.2019.8669427","DOIUrl":"https://doi.org/10.1109/PLATCON.2019.8669427","url":null,"abstract":"This paper presents the simulation system of a three dimensional intersection crossing model. In this model, multiple UAVs must access the intersection without colliding with each other. The system uses reservation-based scheduling to manage the entrance of the UAVs in the intersection wherein there will be no collision among the UAVs that are travelling in the intersection at the same time. It also finds the path to be taken by the UAV through which it will reach the exit of the intersection in the shortest time. The simulation system is implemented using object-oriented programming. UML diagrams are used to describe the simulation system’s structure. Along with the UML diagram, we discussed the classes, attributes, methods and the relationship of the classes in the simulation.","PeriodicalId":364838,"journal":{"name":"2019 International Conference on Platform Technology and Service (PlatCon)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2019-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121649234","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: