DOI QR코드

DOI QR Code

Ransomware Prevention and Steganography Security Enhancement Technology Using Format Preserving Encryption

형태보존암호화를 이용한 랜섬웨어 방지 및 스테가노그래피 보안강화기술

  • Lim, Ji-hwan (Department of IT Engineering, Hansung University) ;
  • Na, Gwan-Woo (Department of IT Engineering, Hansung University) ;
  • Woo, Jae-Min (Department of IT Engineering, Hansung University) ;
  • Seo, Hwa-joeng (Department of IT Engineering, Hansung University)
  • Received : 2018.01.02
  • Accepted : 2018.04.15
  • Published : 2018.05.31

Abstract

Recently, Format-Preserving-Encryption (FEA) was suggested by the National Security Research institute (NSR) as an encryption method while maintaining the format without a distortion to the intended information to be encrypted. In this paper, we propose a scheme to solve conventional cyber security problems by using FEA scheme. First, we present the method to encrypt signatures and extensions with FEA in order to effectively defend against Ransomeware attacks. This technique can mitigate the exposure to the Ransomeware by encrypting the minimum information. Second, in order to reduce the secret information for Steganography, we introduce a new way to minimize the secret information with FEA. Finally, we compare the operation speed by encryption with FEA and Lightweight Encryption Algorithm (LEA), furthermore when we optimize FEA we want to compare with the performance improvement accompanying with it.

형태 보존 암호는 암호화하고자 하는 목적 정보에 대한 변형 없이 형태를 유지한 상태로 암호화하는 기법으로써 최근에 국가보안기술연구소에 의해 제안되었다. 본 논문에서는 형태 보존 암호를 활용하여 기존의 사이버 보안 관련 문제를 해결하는 방안을 제안하고자 한다. 먼저 랜섬웨어 공격을 효과적으로 방어하기 위해 시그니처 및 확장자를 형태보존암호로 암호화하는 방안을 제시한다. 해당 기법은 최소한의 정보를 암호화함으로써 랜섬웨어에 대한 노출을 최소화할 수 있다. 두 번째로 스테가노그래피와 같이 비밀 정보를 숨기는 기술상에서도 해당 정보의 양을 최소화함으로써 공격에 대비할 수 있는 방안을 제시한다. 마지막으로 형태보존암호와 경량암호에서 암호화에 따른 동작 속도를 비교하고, 형태보존암호를 최적화하였을 때, 그에 따른 성능 향상까지 비교하고자 한다.

Keywords

References

  1. Telecommunications Technology Association. TTAK.KO-12.0275. Format-Preserving Encryption Algorithm FEA [Internet]. Available: https://tta.or.kr/include/Download.jsp?filename=choan%2F%5B2015-203%5D_%C7%FC%C5%C2+%BA%B8%C1%B8+%BE%CF%C8%A3+FEA.hwp.
  2. Digital Dailey. New encryption technology came out for personal information protection [Internet]. Available: http://www.ddaily.co.kr/news/article.html?no=119354.
  3. S. Y. Jeong, D. W. Hong, and C. H. Seo, "Secure Format-Preserving Encryption for Message Recovery Attack," Journal of Korean Institute of Information Scientists and Engineers, vol. 44, no. 8, pp. 860-869, Aug. 2017.
  4. H. K. Lee, J. H. Seong, Y. C. Kim, J. B. Kim, and G. Y. Gim, "The Automation Model of Ransomware Analysis and Detection Pattern," Journal of the Korea Institute of Information and Communication Engineering, vol. 21, no. 8, pp. 1581-1588, Aug. 2017. https://doi.org/10.6109/JKIICE.2017.21.8.1581
  5. Y. K. Kim, D. G. Ham, Y. H. Joo, and K. H. Lee, "Analysis and Countermeasures for the Ransomware Cryptolocker," in Proceeding of the 2016 Spring Conference of the Korea Information Processing Society, Seoul, vol. 23, no. 1, pp. 293-293, Apr. 2016.
  6. D. K. Andrew, "Steganalysis of Embedding in Two Least-Significant Bits," IEEE Transactions on Information Forensics and Security. vol. 2, no. 1, pp. 46-54, Feb. 2007. https://doi.org/10.1109/TIFS.2006.890519
  7. B. K. Moon, D. G. Ryoo, M. S. Ko, K. W. Eom, and M. S. Jun, "An Implementation of Database Security Using Steganography in the Web," Journal of The Korea Institute of Information Security and Cryptology, vol. 15, no. 2, pp. 3-11, Apr. 2005.
  8. G. J. Lee, E. J. Yoon, and K. Y. Yoo, "A Key Exchange Protocol based on the Steganography with the QR code," Journal of the Institute of Electronics Engineers of Korea, vol. 50, no. 6, pp. 173-179, Jun. 2013.
  9. File Signature Database. File Signature [Internet]. Available: https://filesignatures.net/.