• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39C no.8
• /
• pp.716-721
• /
• 2014

This paper proposes how to prevent of vulnerability from IP address attack of Oracle DB by C program environments. An attacker may try to login DB by connectng remote IP address. Recently an attacker use foreign IP address and try to connect to DB using known DB account. Therefore, DB data is frequently disclosed. I propose a new idea that develops specific IP address blocking module in C program in the Oracle DB. By this module, we can use the Oracle DB safely.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.10 no.3
• /
• pp.151-159
• /
• 2014

Recently, spread of large amount Smartphones made users to download location-based service applications, which provided by application developers. These location-based service applications are convenient tool for users. Location-based service use technology to find location of user and provide information of user's location. Leakage of information of user's location and expose of privacy life raised new controversy. In this thesis, it will analyze relations of increase of Smartphone market, usage of Location-based service and severity of personal information leakage. Also, it will analyze examples of user's case of damage which caused by leakage personal information and find solutions to reduce damage of personal information leakage. In research, it will find cases of damage that cause by Location-based service. Also it will analyze and research cases of damage and present with graph and chart. In conclusion, to reduce and prevent from damage which caused by leakage personal information, it is important that users and application developers to realize danger of private and personal information leakage. Also, user's personal information must deal with cautiously and application developers have to research and develop the application with powerful security.

• Proceedings of the Korean Information Science Society Conference
• /
• 2010.06d
• /
• pp.95-100
• /
• 2010

높은 이동성 및 휴대성을 갖는 모바일 디바이스의 기술적 발전은 사용자로 하여금 보다 높은 수준의 통합된 편의 기능 제공이 요구되고 있다. 이러한 예로 기존 물리적 지갑에 보관하던 플라스틱 신용카드, 멤버쉽 카드, 신분증 등의 개인정보를 모바일 디바이스 안에 저장 관리하는 모바일 지갑 서비스가 현실화되고 있다. 모바일 지갑을 통한 상거래 서비스를 이용할 시 디바이스에 저장된 각종 개인정보가 근거리 무선통신 기술을 통해 다른 모바일 기기나 지불서버에 전달되는 데, 이 무선전송 구간은 근원적으로 많은 보안 취약점을 갖고 있다. 따라서 본 논문에서는 모바일 지갑 응용 서비스에 모바일 기기간 안전한 키 설정 시 공개키 인증서를 활용하지 않고 두 기기간 공유키 검증을 할 수 있는 세션 키 검증 기술들을 분석하고, 해당기술들을 구현하여 모바일 지갑 결제 테스트베드에 포팅한 실험 결과를 통한 성능분석 결과를 제시한다. 본 성능평가를 통해 향후 다양한 모바일 기기 특성에 따른 최적의 세션 키 공유 키 검증 방법 선택 시 유용한 근거자료로 활용할 수 있을 것으로 기대된다.

• Journal of Internet Computing and Services
• /
• v.9 no.1
• /
• pp.1-8
• /
• 2008

IETF has proposed Fast Handovers for Mobile IPv6 (FMIPv6) for efficient mobility management, FMIPv6 has no solutions to protect binding updates. Previous researches have mainly concentrated on using AAA, public cerificates or cryptographic algorithms to secure binding updates. However the approaches need a particular infrastructure or a heavy processing cost to setup secure associations for handovers. Proposed scheem provides authentication for FMIPv6 without infrasturcture and costly cryptographic algorithms by extending Return Routability Protocol. Also proposed scheme is oble to be used for various existing handover mechanisms in IPv6 network.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.11A
• /
• pp.1047-1055
• /
• 2005

One of major characteristics in wireless LAN is terminal's frequent mobility, so it makes many overheads in the process of authentications repeatedly at each handoffs. So I propose IAPP(Inter Access Point Protocol) of IEEE 802.11f, modified context block and 4 way handshake of IEEE 802.11i, in order to implement secure and rapid handoff. The context block. I proposed, doesn't makes any communication with RADIUS server at handoff period. Therefore, it guarantee higher efficiency than existing handoff mechanisms. Also it can improve security vulnerability by padding authentication field in the context block for providing in advance against Replay and DoS(Denial of Service) attacks.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.27 no.6B
• /
• pp.616-624
• /
• 2002

In satellite communication, which use the satellite, the protection of TT&C channel which controls the position, performance, and operation is required. In this thesis, we analyzed the weakness of authentication algorithm which is used for protection of TT&C generation and operation. Also, we proposed the authentication algorithm which complements key recovery attack structurely without increasing additional computational amount and verified its performance. The proposed authentication algorithm can satisfy Rivest's recommendation by increasing the computational complexity from $2^{55}$ operations to $2^{111}$ operations. In addition, it can be applied to the existing satellite system because the length of TT&C data and message authentication codes used for the input of authentication algorithm are unchanged.

• Journal of Convergence Society for SMB
• /
• v.5 no.4
• /
• pp.37-42
• /
• 2015

Due to the advance of ICT, a variety of attacks have been developing and active. Recently, APT attacks using malicious codes have frequently occurred. Advanced Persistent Threat means that a hacker makes different security threats to attack a certain network of a company or an organization. Exploiting malicious codes or weaknesses, the hacker occupies an insider's PC of the company or the organization and accesses a server or a database through the PC to collect secrets or to destroy them. The paper suggested a countermeasure to cope with APT attacks through an APT attack process. It sought a countermeasure to delay the time to attack taken by the hacker and suggested the countermeasure able to detect and remove APT attacks.

• The Journal of the Korea Contents Association
• /
• v.13 no.4
• /
• pp.17-22
• /
• 2013

Impersonation attack, based on vulnerable security of SIP, facilitate a intruder to take malicious actions such as toll fraud and session hijacking. This paper suggests a new technique for a countermeasure. When receiving a register request message, registrar checks whether the value of Form header or the value of Call-ID header is stored in location server or not. If the record containing either of them are stored and periodically updated, we regard that message as impersonation attack and discard it. Since this technique uses the information stored in server instead of adding encryption mechanism for user authentication, it can easily build securer SIP environment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.6
• /
• pp.1605-1618
• /
• 2016

In recent years, security incidents - such as personal information leakage, homepage hacking, DDoS and etc. - targeting finance companies(banks, securities companies, credit card companies, insurance companies and etc.) have increased steadily. In this paper, we analyze problems of information security management level in the existing electronic financial infrastructure from perspective of compliance and information security certification system and propose improvements to enable sustainable high level of information security activities under a comprehensive management system for the financial sector characteristics using ISMS, SECU-STAR and CNIVAM system.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2015.10a
• /
• pp.177-180
• /
• 2015

As network technology advances hacking techniques are also evolving. This paper proposes design of a packet analyzer to monitor and analyze data packets in networks. The proposed packet analyzer offers functions such as packet sniffing, filtering and statistics. We implemented a prototype packet analyzer in C# .NET development environment using SharPcap.