• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.1
• /
• pp.11-24
• /
• 2012

Without a proper protection mechanism for the signaling messages to be used for the mobility support in the Proxy Mobile IPv6 (PMIPv6), it is also vulnerable to several security attacks such as redirect attack, MITM (Man-In-The-Middle) attack, replay attack and DoS (Denial of Service) attack as in Mobile IPv6. In this paper, we point out some problems of previous authentication mechanisms associated with PMIPv6, and also propose a new fast and secure authentication mechanism applicable to PMIPv6. In addition, it is also shown that the proposed one is more efficient and secure than the previous ones.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.1
• /
• pp.61-71
• /
• 2021

Instant messengers are a means of communication for modern people and can be used with smartphones and PCs respectively or connected with each other. Messengers, which provide various functions such as message, call, and file sharing, contain user behavior information regarded as important evidence in forensic investigation. However, it is difficult to analyze as well as acquire smartphone data because of the security of smartphones or apps. However, messenger data can be extracted through PC when the messenger is used on PC. In this paper, we obtained the credential data of Wire messenger in Windows 10, and showed that it is possible to log-in from another PC without authentication. In addition, we identified and classified major artifacts generated based on user behavior.

• Smart Media Journal
• /
• v.10 no.4
• /
• pp.15-20
• /
• 2021

The distributed trigger counting problem is to notify the user when the total number of triggers received from a distributed system consisting of n nodes reaches a predefined value w. The distributed trigger counting problem is used for monitoring and global snapshots in various distributed systems. In this paper, we propose a simple and efficient algorithm for the distributed trigger counting problem. The proposed algorithm operates based on a tree structure of degree $\sqrt{n}$ and height 2. The proposed algorithm operates in three different phases based on the remaining number of triggers. Experimental results show that the proposed algorithm has a smaller message complexity than CoinRand, and MaxRcv also performed better when the number of nodes is not large.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.325-336
• /
• 2023

With the development of autonomous driving technology, the number of external contact sensors mounted on vehicles is increasing, and the importance is also rising. The vehicular ultrasonic sensor uses the LIN protocol in the form of a bus topology and reports a status message about its surroundings through the vehicle's internal network. Since ultrasonic sensors are vulnerable to various threats due to poor security protocols, physical testing on actual vehicle is needed. Therefore, this paper developed a LIN-CAN co-analysis testbed with a jig for location-specific distance test to examine the operational relation between LIN and CAN caused by ultrasonic sensors.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.04a
• /
• pp.1001-1004
• /
• 2011

Denial of Service (DoS) 공격은 현재 심각한 국가적 보안 문제로 떠오르고 있다. DoS 란, 많은양의 네트워크 트래픽을 발생시켜 속도를 매우 느리게 만들거나, 가용 자원을 고갈시켜 사용자에게 서비스를 정상적으로 제공하지 못하도록 만드는 공격이다. 그 중에서 Distributed Denial of Service (DDoS)는 네트워크에 분산된 컴퓨터들을 감염시켜 공격에 사용하기 때문에 더 위험하다. DDoS 종류 중 한가지인 Smurf Attack 은 ICMP ECHO 와 IP 브로드캐스트를 이용하여 많은 양의 트래픽을 발생시킨다. 본 논문에서는 Smurf Attack 에 쓰이는 ICMP ECHO REQUEST 패킷을 조각화시켜서 전송할 시, 피해자에게 전송되는 패킷의 숫자가 기존 방법보다 증가하고 피해자 컴퓨터의 IP 스택에서 발생하는 취약점을 도출하고 그로 인한 피해를 분석하였다. 끝으로 ICMP ECHO 패킷의 조각화를 방지하기 위한 방안을 제시하였다.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.3
• /
• pp.103-111
• /
• 2009

IEEE 802.16e(Wibro) standard, providing robust mobile realtime data transmission technology, requires of faster and smooth execution of security mechanisms, such as key distribution and user authentications, during base station hopping. In particular, key management mechanisms such as redistribution and regeneration have an impact on digital contents transmission and realtime data transmission, not only in 802.16e environment, but also in typical transmission environment as well. This paper presents traffic management mechanisms designed to realtime digital contents (such as IPTV) transmission efficiency and increase the QoE by utilizing OKTEK methodology.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.11a
• /
• pp.1266-1269
• /
• 2007

IPv6 환경에서는 NDP(Neighbor Discovery Protocol)를 이용한 주소 자동 설정 메커니즘을 지원한다. 그러나, NDP 는 메시지 내 중요 정보가 네트워크 상에 그대로 노출됨으로 인해 각종 공격에 취약하다. 이러한 취약성을 극복하기 위해, CGA(Cryptographically Generated Address)를 사용하여 주소의 소유권 증명이 가능한 SEND(SEcure Neighbor Discovery)가 도입되었다. 그러나 SEND 는 높은 비용 연산으로 인해 모바일 기기 등에 적용하는데 한계점을 가진다. SEND 의 한계점을 보완하고자 해쉬 함수를 이용해 주소 자동 설정에 사용되는 임시 주소를 감추는 기법이 제안되었다. 이 기법은 DAD(Duplicate Address Detection) 과정 중 SEND 수준의 보안을 제공하면서도 빠르게 동작할 수 있는 장점을 갖는다. 본 논문에서는 리눅스 환경에서 제안 기법을 구현해 보고, 주소 생성 시간 측정 및 DAD 과정에서 드러난 서비스 거부 공격에 대한 안전성을 검증한다.

• The KIPS Transactions:PartC
• /
• v.14C no.3 s.113
• /
• pp.229-238
• /
• 2007

Sensor networks consist of many tiny sensor nodes that collaborate among themselves to collect, process, analyze, and disseminate data. In sensor networks, sensor nodes are typically powered by batteries, and have limited computing resources. Moreover, the redeployment of nodes by energy exhaustion or their movement makes network topology change dynamically. These features incur problems that do not appear in traditional, wired networks. Security in sensor networks is challenging problem due to the nature of wireless communication and the lack of resources. Several efforts are underway to provide security services in sensor networks, but most of them are preventive approaches based on cryptography. However, sensor nodes are extremely vulnerable to capture or key compromise. To ensure the security of the network, it is critical to develop suity mechanisms that can survive malicious attacks from "insiders" who have access to the keying materials or the full control of some nodes. In order to protect against insider attacks, it is necessary to understand how an insider can attack a sensor network. Several attacks have been discussed in the literature. However, insider attacks in general have not been thoroughly studied and verified. In this paper, we study the insider attacks against routing protocols in sensor networks using the Ad-hoc On-Demand Distance Vector (AODV) protocol. We identify the goals of attack, and then study how to achieve these goals by modifying of the routing messages. Finally, with the simulation we study how an attacker affects the sensor networks. After we understand the features of inside attacker, we propose a detect mechanism using hop count information.

• Journal of KIISE:Information Networking
• /
• v.32 no.6
• /
• pp.659-667
• /
• 2005

A Mobile Ad Hoc Network(MANET) is a multi hop wireless network with no prepared base stations or centralized administrations, where flocks of peer systems gather and compose a network. Each node operates as a normal end system in public networks. In addition to it, a MANET node is required to work as a router to forward traffic from a source or intermediate node to others. Each node operates as a normal end system in public networks, and further a MANET node work as a router to forward traffic from a source or intermediate node to the next node via routing path. Applications of MANET are extensively wide, such as battle field or any unwired place; however, these are exposed to critical problems related to network management, node's capability, and security because of frequent and dynamic changes in network topology, absence of centralized controls, restricted usage on network resources, and vulnerability oi mobile nodes which results from the special MANET's character, shared wireless media. These problems induce MANET to be weak from security attacks from eavesdropping to DoS. To guarantee secure authentication is the main part of security service In MANET because networks without secure authentication are exposed to exterior attacks. In this paper, a multistage authentication strategy based on CGSR is proposed to guarantee that only genuine and veritable nodes participate in communications. The proposed authentication model is composed of key manager, cluster head and common nodes. The cluster head is elected from secure nodes, and key manager is elected from cluster heads. The cluster head will verify other common nodes within its cluster range in MANET. Especially, ID of each node is used on communication, which allows digital signature and blocks non repudiation. For performance evaluation, attacks against node authentication are analyzed. Based on security parameters, strategies to resolve these attacks are drawn up.

• Convergence Security Journal
• /
• v.15 no.7
• /
• pp.111-118
• /
• 2015

The violent crime has increased dramatically in our society. This is because our society has to change quickly. Strong police force, but this is not enough to solve the crime. And there are a lot of police to investigate the situation difficult to go out to the crime scene. So inevitably increase in the risk of crime. Researchers have conducted a number of studies to solve this problem. However, the proposed study how realistic are many points still lacking. herefore, we to take advantage of smartphones and high-speed Internet access technology to provide security services using the push service for rapid identification and crime situation in this study. Therefore, we would like to provide rapid service to identify criminal security situation using smart-phone app and push services on the high speed internet environments. The proposed system is to record the voice information received from the smart phone near the user presses the hot key is set in advance in real-time, and stores the audio information stored in the LBS information to the server through the authentication procedure. And the server uses the stored voice data and LBS Push service information to inform their families. We have completed the design of the proposed system. And it has implemented a smart phone app, the user authentication server. And using the state in which the push service from the authentication server by transmitting a message to a user to inform a family. But more must examine whether the proposed research is relevant in future studies.