• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.5
• /
• pp.65-72
• /
• 2007

In this paper, we investigate the several different types of higher-order differential side channel analysis (DSCA) attacks. We present that some of exiting higher-order DSCA attacks have some practical problem applying to two masked intermediate values being parallel processed. In order to solve this problem we propose a new higher-order DSCA attack using an efficient and simple preprocessing function. Using the proposed preprocessing function we clearly show that 2nd-order DSCA attacks are still a practical threat fur masked hardware implementations.

• Convergence Security Journal
• /
• v.21 no.1
• /
• pp.121-127
• /
• 2021

MANET, which does not have any infrastructure other than wireless nodes, has the advantage of being able to construct a fast network. However, the movement of nodes and wireless media are also the causes of security vulnerabilities of MANET. In particular, the damage caused by the attacking nodes existing on the network is considerably greater than that of other networks. Therefore, it is necessary to detection technique for attacking nodes and techniques to reduce damage caused by attacks. In this paper, we proposed a hierarchical structure technique to increase the efficiency of intrusion detection and collaboration-based intrusion detection technique applying a P2P mesh network configuration technique to reduce damage caused by attacks. There was excluded the network participation of the attacking node in advance through the reliability evaluation of the nodes in the cluster. In addition, when an attack by an attacking node is detected, this paper was applied a method of minimizing the damage of the attacking node by transmitting quickly the attack node information to the global network through the P2P mesh network between cluster heads. The ns-2 simulator was used to evaluate the performance of the proposed technique, and the excellent performance of the proposed technique was confirmed through comparative experiments.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2015.01a
• /
• pp.271-272
• /
• 2015

센서 네트워크에서 센서는 제한적인 자원 때문에 다양한 공격으로부터 취약하다. 이러한 공격 중 하나인 허위 보고서 삽입 공격은 불필요한 에너지 소모와 허위 알람을 유발한다. 이 공격의 피해를 줄이기 위한 확률적 투표 여과 기법은 검증 노드를 통해 보고서의 맥들을 검증한다. 그러나 허위 보고서가 검증 노드까지 도달하는 데 불필요한 에너지가 소비된다. 본 논문에서, 우리의 제안 기법은 소스의 다음 노드에 키를 배포하여 허위 보고서 삽입 공격을 효율적으로 감지한다. 따라서 제안 기법은 기존 기법보다 에너지 효율성 향상을 기대할 수 있다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2014.04a
• /
• pp.464-466
• /
• 2014

비밀번호를 비기술적인 방법으로 해킹 중 어깨넘어 훔쳐보기 공격은 사회공학적인 공격기법으로서 많은 보안 메커니즘의 등장에도 불구하고 원천적인 차단이 어려운 공격이다. 특히 현금자동입출기기는 개방적인 공간에 설치되어있어 어깨넘어 훔쳐보기 공격에 취약하다. 본 논문에서는 사용자가 금융서비스를 받고자 할 때, 현금자동입출기기, 스마트폰, 사용자 사이의 안전한 신뢰관계를 구축하고 비밀번호와 지문인식을 이용한 안전한 이중 사용자 인증 기법을 제안한다. 제안하는 기법은 어깨넘어 훔쳐보기 공격의 용이성 및 재현 가능성을 제한하여 안전한 금융서비스가 가능하도록 한다.

• Journal of Internet Computing and Services
• /
• v.10 no.4
• /
• pp.223-230
• /
• 2009

Among the remote user authentication schemes, password-based authentication methods are the most widely used. In 2004, Das et al. proposed a "Dynamic ID Based Remote User Authentication Scheme" that is the password based scheme with smart-cards, and is the light-weight technique using only one-way hash algorithm and XOR calculation. This scheme adopts a dynamic ID that protects against ID-theft attack, and can resist replay attack with timestamp features. Later, many flaws of this scheme were founded that it allows any passwords to be authenticated, and can be vulnerable to impersonation attack, and guessing attack. By this reason many modifications were announced. These scheme including all modifications are similarly maintained security against replay the authentication message attack by the timestamp. But, if advisory can replay the login immediately, this attempt can be succeeded. In this paper, we analyze the security vulnerabilities of Das scheme, and propose improved scheme which can resist on real-time replay attack using the counter of authentication. Besides our scheme still secure against impersonation attack, guessing attack, and also provides mutual authentication feature.

• Review of KIISC
• /
• v.13 no.4
• /
• pp.88-101
• /
• 2003

인터넷과 전자상거래의 발전에 따라 전자적 수단으로 화폐 가치를 이전하는 수단이 마그네틱 카드에서 IC카드로 대체될 것으로 기대되고 있다. IC카드는 마그네틱 카드보다 많은 데이터를 저장할 수 있고, 물리적인 보안(Tamper-resistance)과 암호기법(Cryptographic Technique)을 통해 외부와의 통신을 엄격히 통제 및 보호할 수 있는 장점이 있다. 본 고에서는 IC카드의 안전성에 대해 알아보기 위해 먼저 IC카드를 정의하고 분류한다. 그리고, IC카드의 안전성 관련기능으로 카드에서의 사용자 인증, 카드와 카드단말사이의 실체인증, 접근통제 및 데이터의 기밀성/무결성, 키관리에 대해 알아보고, IC카드와 관련된 공격모델 및 공격기법들을 조사하여 정리하고자 한다.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.9
• /
• pp.393-398
• /
• 2013

This paper introduces a new collision attack on first-order masked AES. This attack is a known plaintext attack, while the existing collision attacks are a chosen plaintext attack. In addition, our method is more efficient than the second-order power analysis and requires about 1/27.5 power measurements by comparison with the last collision attack. Some experiment results of this paper support this fact. In this paper, we also introduce a simple countermeasure, which can protect against our attack.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.679-689
• /
• 2012

There were clear differences between the DDoS attack on 7th July 2009 and the rest of them prior to the attack. Despite It had emitted relatively small sized packets per infected PC, the attack was very successful making use of HTTP Flooding attack by aggregating small sized packets from the well sized zombie network. As the objective of the attack is not causing permanent damage to the target system but temporal service disruption, one should ensure the availability of the target server by deploying effective defense strategy. In this paper, a novel HTTP based DDoS defense mechanism is introduced with capacity based defense-in-depth strategy.

• Journal of the Korea Society for Simulation
• /
• v.18 no.3
• /
• pp.83-90
• /
• 2009

Since wireless sensor networks are deployed in open environments, an attacker can physically capture some sensor nodes. Using information of compromised nodes, an attacker can launch false data injection attacks that report nonexistent events. False data can cause false alarms and draining the limited energy resources of the forwarding nodes. In order to detect and discard such false data during the forwarding process, various security solutions have been proposed. But since they are prevention-based solutions that involve additional operations, they would be energy-inefficient if the corresponding attacks are not launched. In this paper, we propose a detection method that can detect false data injection attacks without extra overheads. The proposed method is designed based on the signature of false data injection attacks that has been derived through simulation. The proposed method detects the attacks based on the number of reporting nodes, the correctness of the reports, and the variation in the number of the nodes for each event. We show the proposed method can detect a large portion of attacks through simulation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.691-705
• /
• 2012

Buffer overflow vulnerability is the most representative one that an attack method and its countermeasure is frequently developed and changed. This vulnerability is still one of the most critical threat since it was firstly introduced in middle of 1990s. Shellcode is a machine code which can be used in buffer overflow attack. Attackers make the shellcode for their own purposes and insert it into target host's memory space, then manipulate EIP(Extended Instruction Pointer) to intercept control flow of the target host system. Therefore, a lot of research to defend have been studied, and attackers also have done many research to bypass security measures designed for the shellcode defense. In this paper, we investigate shellcode defense and attack techniques briefly and we propose our new methodology which can hide shellcode in the 24bit BMP image. With this proposed technique, we can easily hide any shellcode executable and we can bypass the current detection and prevention techniques.