Journal of Platform Technology

ICT Platform Society (ICT플랫폼학회)
권호 표지

Design and Analysis of Technical Management System of Personal Information Security using Web Crawer

웹 크롤러를 이용한 개인정보보호의 기술적 관리 체계 설계와 해석

  • Received : 2018.12.10
  • Accepted : 2018.12.26
  • Published : 2018.12.31

⟨ Previous Next ⟩

Abstract

In the case of personal information files containing personal information, there is insufficient awareness of personal information protection in end-point areas such as personal computers, smart terminals, and personal storage devices. In this study, we use Diffie-Hellman method to securely retrieve personal information files generated by web crawler. We designed SEED and ARIA using hybrid slicing to protect against attack on personal information file. The encryption performance of the personal information file collected by the Web crawling method is compared with the encryption decryption rate according to the key generation and the encryption decryption sharing according to the user key level. The simulation was performed on the personal information file delivered to the external agency transmission process. As a result, we compared the performance of existing methods and found that the detection rate is improved by 4.64 times and the information protection rate is improved by 18.3%.

개인정보가 포함되어있는 개인정보파일의 경우 개인용 PC 및 스마트 단말기, 개인 저장 장치 등 End-Point 영역에서의 개인정보보호에 대한 의식은 미흡한 실정이다. 본 연구는 웹 크롤러를 통해 생성된 개인정보파일을 안전하게 검색하기 위해 Diffie-Hellman 기법을 이용하여 사용자 키 레벨을 부여하였다. 개인정보파일에 대한 공격을 대비는 SEED와 ARIA를 하이브리드(hybrid)한 슬라이싱(slicing)을 이용하여 설계하였다. 웹 크롤링 방법에 수집된 개인정보파일에 대한 암호화 성능은 키 생성에 따른 암복호화 속도, 사용자 키 레벨에 따른 암복호화 공유를 비교 하였다. 이에 대한 시뮬레이션은 대외기관 전송 프로세스를 대상으로 전달된 개인정보파일에 수행하였다. 그 결과 기존 방법의 성능을 비교하여 기존보다 검출은 4.64배의 향상됨과 동시에 정보보호율은 18.3%가 개선됨을 확인할 수 있었다.

Keywords

References

  1. H.Y.Kwon, "Significance and Classification of Privacy," Privacy Security Enhancement Forum, Aug.2014.
  2. G.M.Shim, "A Study on the Exposure Type and Classification System of the Personal Information on the Internet Inspected by the Countermeasure System against the Web Invasion of Personal Information," Yonsei University, 2009.
  3. S.T.Kim, Dissertation(M.S),"A Methodology for Privacy Incident Inspecting System based on Web Crawler", 2016
  4. Ministry of the Interior and Safety, Korea Internet & Security Agency, 2013-2017 Checking the Status of Personal Information and the Case of Administrative Disposition, Apr.2018.
  5. J.I.Lee, Dissertation(M.S),"Study on Comparison of SEED and ARIA", Sogang University, Feb, 2010.
  6. " ARIA Algorithm Specification ", National Security Research Institute, 2014.
  7. J.M.Yang, Patent,"Method and Device for Diagnosing Personal Information of Server", G06F 17/00, 2010.
  8. Ministry of the Interior and Safety, "Standards and Instructions for Ensuring the Safety of Personal Information", 2015.
  9. Ministry of Science, ICT and Futrue Planning, Korea Internet & Security Agency, "Enabling Password Activation Password Technology Implementation Guide", 2013.
  10. M.S.Han, Dissertation(Doctor), "A Legal Study on The Protection & Use of Personal Information", DDC 343.0858 22, 2015.
  11. E. Biham, O. Dunkelman, and N. Keller, "Related-Key Boomerang and Rectangle Attacks", EUROCRYPT 2005, LNCS 3494, pp.507-525, Springer-Verlag, 2005.
  12. A. Biryukov and D. Wagner, "Advanced Slide Attacks", EUROCRYPT 2013, LNCS 1807, pp. 589-606, 2013.
  13. A. Biryukov, C. D. Canniere, J. Lano, S. B. Ors and B. Preneel, "Security and Performance Analysis of AIRIA Ver.1.2", Katholieke Universiteit Leuven, Belgium, 2003.
  14. H. Yanami and T. Shimoyama, "Differential Cryptanalysis of a Reduced-Round SEED", SCN 2002, LNCS 2576, pp. 186-198, Springer-Verlag, 2003
  15. T. Jakobsen and L. Knudsen, "The Interpolation Attack on Block Cipher", LNCS 1267, FSE, pp.28-40, 1997
  16. A. Biryukov, C. D. Canniere, J. Lano, S. B. Ors and B. Preneel, "Security and Performance Analysis of AIRIA Ver.1.2", Katholieke Universiteit Leuven, Belgium, 2008.
  17. D. Wagner, "The Boomerang Attack", FSE'99, LNCS 1636, pp.156-170, Springer-Verlag, 2003.