• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.5
• /
• pp.1087-1096
• /
• 2011

Vehicular Ad Hoc Network(VANET) using wireless network is offering the communications between vehicle and vehicle(V2V) or vehicle and infrastructure(V2I). VANET is being actively researched from industry field and university because of the rapid developments of the industry and vehicular automation. Information, collected from VANET, of velocity, acceleration, condition of road and environments provides various services related with safe drive to the drivers, so security over network is the inevitable factor. For the secure message authentication, a number of authentication proposals have been proposed. Among of them, a scheme, proposed by Jung, applying database search algorithm, Bloom filter, to RAISE scheme, is efficient authentication algorithm in a dense space. However, k-anonymity used for obtaining the accurate vehicular identification in the paper has a weak point. Whenever requesting the righteous identification, all hash value of messages are calculated. For this reason, as the number of car increases, a amount of hash operation increases exponentially. Moreover the paper does not provide a complete key exchange algorithm while the hand-over operation. In this paper, we use a Received Signal Strength Indicator(RSSI) based velocity and distance estimation algorithm to localize the identification and provide the secure and efficient algorithm in which the problem of hand-over algorithm is corrected.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.255-258
• /
• 2011

Wi-Fi is a rapidly spreading communications network with Smart phone's publication, the technology has become Ubiquitous-based core network which is connected to personal computers, laptops, and tablet PC. Wi-Fi can send currently a variety of data standard due to developed wireless LAN communications network. One of Wi-Fi standard protocols, which is IEEE 802.11n, use 2.4GHz and 5GHz band. 2.4GHz band is used for 802.11b/g protocol because wavelength is long, diffraction and receiving distance is enough to connect other device. 5GHz band has more available channels to use than 2.4GHz band, so there is no frequency interference of other wireless device such as Bluetooth, RFID. Moreover, there is low interference between channels due to small users in each bandwidth level. In the thesis, we are going to analyze 802.11a/b/g protocol which has used since the beginning of Wi-Fi protocol and 802.11n protocol which is used lately. Furthermore, we look into development and direction for standardization of the next generation wireless LANs which are 802.11ac and 802.11ad. In addition, we will consider for the security, vulnerabilities and its countermeasure in Wireless LAN.

• Journal of KIISE:Information Networking
• /
• v.30 no.1
• /
• pp.75-81
• /
• 2003

User authentication, including confidentiality, integrity over untrusted networks, is an important part of security for systems that allow remote access. Using human-memorable Password for remote user authentication is not easy due to the low entropy of the password, which constrained by the memory of the user. This paper presents a new password authentication and key agreement protocol suitable for authenticating users and exchanging keys over an insecure channel. The new protocol resists the dictionary attack and offers perfect forward secrecy, which means that revealing the password to an attacher does not help him obtain the session keys of past sessions against future compromises. Additionally user passwords are stored in a form that is not plaintext-equivalent to the password itself, so an attacker who captures the password database cannot use it directly to compromise security and gain immediate access to the server. It does not have to resort to a PKI or trusted third party such as a key server or arbitrator So no keys and certificates stored on the users computer. Further desirable properties are to minimize setup time by keeping the number of flows and the computation time. This is very useful in application which secure password authentication is required such as home banking through web, SSL, SET, IPSEC, telnet, ftp, and user mobile situation.

• Journal of Internet Computing and Services
• /
• v.17 no.6
• /
• pp.81-91
• /
• 2016

VANET is one of the most developed technologies many people have considered a technology for the next generation. It basically utilizes the wireless technology and it can be used for measuring the speed of the vehicle, the location and even traffic control. With sharing those information, VANET can offer Cooperative ITS which can make a solution for a variety of traffic issues. In this way, safety for drivers, efficiency and mobility can be increased with VANET but data between vehicles or between vehicle and infrastructure are included with private information. Therefore alternatives are necessary to secure privacy. If there is no alternative for privacy, it can not only cause some problems about identification information but also it allows attackers to get location tracking and makes a target. Besides, people's lives or property can be dangerous because of sending wrong information or forgery. In addition to this, it is possible to be information stealing by attacker's impersonation or private information exposure through eavesdropping in communication environment. Therefore, in this paper we propose Privacy Assurance Architecture for VANET to ensure privacy from these threats.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.2
• /
• pp.377-391
• /
• 2019

Recently, system studies using tokens and block chains for authentication, access control, etc in IoT environment have been going on at home and abroad. However, existing token-based systems are not suitable for IoT environments in terms of security, reliability, and scalability because they have centralized characteristics. In addition, the system using the block chain has to overload the IoT device because it has to repeatedly perform the calculation of the hash et to hold the block chain and store all the blocks. In this paper, we intend to manage the access rights through tokens for proper access control in the IoT. In addition, we apply the Tangle to configure the P2P distributed ledger network environment to solve the problem of the centralized structure and to manage the token. The authentication process and the access right grant process are performed to issue a token and share a transaction for issuing the token so that all the nodes can verify the validity of the token. And we intent to reduce the access control process by reducing the repeated authentication process and the access authorization process by reusing the already issued token.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.3
• /
• pp.491-501
• /
• 2019

In side-channel analysis, which exploit physical leakage from a cryptographic device, deep learning based attack has been significantly interested in recent years. However, most of the state-of-the-art methods have been focused on classifying side-channel information in a profiled scenario where attackers can obtain label of training data. In this paper, we propose a new method based on deep learning to improve non-profiling side-channel attack such as Differential Power Analysis and Correlation Power Analysis. The proposed method is a signal preprocessing technique that reduces the noise in a trace by modifying Auto-Encoder framework to the context of side-channel analysis. Previous work on Denoising Auto-Encoder was trained through randomly added noise by an attacker. In this paper, the proposed model trains Auto-Encoder through the noise from real data using the noise-reduced-label. Also, the proposed method permits to perform non-profiled attack by training only a single neural network. We validate the performance of the noise reduction of the proposed method on real traces collected from ChipWhisperer board. We demonstrate that the proposed method outperforms classic preprocessing methods such as Principal Component Analysis and Linear Discriminant Analysis.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.9
• /
• pp.504-509
• /
• 2019

Recently, both wireless communications technology and the performance of small devices have developed exponentially, while the number of services using various types of Internet of Things (IoT) devices has also massively increased in line with the ongoing technological and environmental changes. Furthermore, ever more devices that were previously used in the offline environment-including small-size sensors and CCTV-are being connected to the Internet due to the huge increase in IoT services. However, many IoT devices are not equipped with security functions, and use vulnerable open source software as it is. In addition, conventional network equipment, such as switches and gateways, operates with vulnerabilities, because users tend not to update the equipment on a regular basis. Recently, the simple vulnerability of IoT devices has been exploited through the distributed denial of service (DDoS) from attackers creating a large number of botnets. This paper proposes a system that is capable of identifying Internet-connected devices quickly, analyzing and managing the vulnerability of such devices using Internet-wide scan technology. In addition, the vulnerability analysis rate of the proposed technology was verified through collected banner information. In the future, the company plans to automate and upgrade the proposed system so that it can be used as a technology to prevent cyber attacks.

• Industry Promotion Research
• /
• v.6 no.2
• /
• pp.1-10
• /
• 2021

The content of the information age does not simply convey content but includes all the transactions that arise from its interaction. The types and forms of information being traded through this interaction are recognized differently from the contents that have been passed on to mankind so far by creating new meaningful content. Because the distribution of interactive content transcending the concept of time-to-time in the network environment is an important component of access to added value in the new world, unlike the content of simple concepts seen in the products of communication so far. In this study, the purpose of this study is to recognize the current status and problems of the Korean digital content industry and to seek ways to revitalize the Korean digital content industry to lead the global market in the future. Specifically, first, we want to learn about the concept of digital content. Second, we would like to look at the industrial trends of digital content at home and abroad. Third, we present a plan to streamline digital content. Fourth, derive research results and implications. In this work, the following results are derived: First, in order for Korea to enter a digital content powerhouse, each government department must first break away from the selfishness of the ministry and actively cooperate to efficiently establish and implement various policies. Second, e-books should be introduced just as current paper and CD-ROM titles are exempt from VAT, and security solutions, related technology development, and copyright issues should be urgently addressed to revitalize the market. Third, the demand for high-quality content should increase as information infrastructure such as high-speed information and communication networks and satellite broadcasting is established.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.4
• /
• pp.41-52
• /
• 2010

Message authentication is an essential security element in vehicular ad-hoc network(VANET). For a secure message authentication, integrity, availability, privacy preserving skill, and also efficiency in various environment should be provided. RAISE scheme has been proposed to provide efficient message authentication in the environment crowded with lots of vehicles and generally considered to be hard to provide efficiency. However, as the number of vehicles communicating in the area increases, the overhead is also incurred in proportion to the number of vehicles so that it still needs to be reduced, and the scheme is vulnerable to some attacks. In this paper, to make up for the vulnerabilities in dense vehicular communication network, we propose a more secure and efficient scheme using a process that RSU(Road Side Unit) transmits the messages of neighbor vehicles at once with Bloom Filter, and timestamp to protect against replay attack. Moreover, by adding a handover function to the scheme, we simplify the authentication process as omitting the unnecessary key-exchange process when a vehicle moves to other area. And we confirm the safety and efficiency of the scheme by simulating the false positive probability and calculating the traffic.

• KIPS Transactions on Software and Data Engineering
• /
• v.10 no.3
• /
• pp.91-98
• /
• 2021

Today's information and communication technology is rapidly developing, the security of IT infrastructure is becoming more important, and at the same time, cyber attacks of various forms are becoming more advanced and sophisticated like intelligent persistent attacks (Advanced Persistent Threat). Early defense or prediction of increasingly sophisticated cyber attacks is extremely important, and in many cases, the analysis of network-based intrusion detection systems (NIDS) related data alone cannot prevent rapidly changing cyber attacks. Therefore, we are currently using data generated by intrusion detection systems to protect against cyber attacks described above through Host-based Intrusion Detection System (HIDS) data analysis. In this paper, we conducted a comparative study on machine learning algorithms using LID-DS (Leipzig Intrusion Detection-Data Set) host-based intrusion detection data including thread information, metadata, and buffer data missing from previously used data sets. The algorithms used were Decision Tree, Naive Bayes, MLP (Multi-Layer Perceptron), Logistic Regression, LSTM (Long Short-Term Memory model), and RNN (Recurrent Neural Network). Accuracy, accuracy, recall, F1-Score indicators and error rates were measured for evaluation. As a result, the LSTM algorithm had the highest accuracy.