• Convergence Security Journal
• /
• v.22 no.4
• /
• pp.17-24
• /
• 2022

Recently, machine learning-based cyber attack detection and classification research has been actively conducted, achieving a high level of detection accuracy. However, low-spec IoT devices and large-scale network traffic make it difficult to apply machine learning-based detection models in IoT environment. Therefore, In this paper, we propose an efficient IoT attack detection and classification method through PCA(Principal Component Analysis) and LightGBM(Light Gradient Boosting Model) using datasets collected in a MQTT(Message Queuing Telementry Transport) IoT protocol environment that is also used in the defense field. As a result of the experiment, even though the original dataset was reduced to about 15%, the performance was almost similar to that of the original. It also showed the best performance in comparative evaluation with the four dimensional reduction techniques selected in this paper.

• Convergence Security Journal
• /
• v.23 no.2
• /
• pp.75-84
• /
• 2023

Recently, as the use of drones for military purposes is increasing, such as the Russia-Ukraine War, North Korea's reconnaissance against South Korea, and Army Tiger 4.0's dronebot system, anti-drone technology is developing a lot in each country. However, traditional anti-drone technologies in the form of using conventional weapons or electronic warfare weapons have the disadvantage of being expensive, so anti-drone technologies that can be performed at low cost are currently being newly researched. Therfore, in response to these anti-drone technologies, many efforts are being made to increase the survivability of our allies. In line with this trend, this study assumes a virtual anti-drone system applied with cyber domain and electronic warfare domain technologies that can be performed at low cost, rather than a technique using expensive conventional weapons or electronic warfare weapons among various anti-drone technologies. In response to this, we would like to present a plan to increase the survivability of friendly drones.

• Journal of the Korea Convergence Society
• /
• v.8 no.8
• /
• pp.41-49
• /
• 2017

The 'NIST Framework and Road Map for Smart Grid Interoperability Standards' proposes an architecture framework to secure the direction of development and standard interoperability of smart grid and provides a list of identified standard, standard cyber security strategies, and certification framework. In particular, SEP 2.0 and OpenADR 2.0 are the examples. SEP 2.0 and OpenADR 2.0 can functionally link HEMS and Smart Grid, but interoperability standards between the two protocols are not planned in above document. The OpenADR Alliance also announced that work is underway to define mapping tables for interoperability between OpenADR 2.0 and SEP 2.0, but no information is yet available. Therefore, In this paper, in developing energy efficiency improvement HEMS, we propose a mapping model that supports syntactic and semantic founded interoperability between SEP 2.0 and OpenADR 2.0b for ICT grid convergence based on the standard specification document of each protocol and confirmed through an example of the semantic mapping function based on the demand response service scenario.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.46 no.9
• /
• pp.39-45
• /
• 2009

When Mobile IPv6 is deployed in commercial network, a mobile node needs AAA services for an authentication, authorization and accounting. AAA and Mobile IPv6 are protocols which are operated independently. Then schemes which merge these protocols have been emerged. These schemes can enable a mobile node to establish a security association between the mobile node and a home agent and to perform a binding update for the home agent using AAA authentication request. But these schemes introduce many signal messages and long handover latency during the handover, since Route Optimization mode for Mobile Ipv6 is performed using Return Routability procedure. To solve this problem, we propose a scheme for Route Optimization mode that the home agent performs the binding update for a correspondent node via the AAA infrastructure between the home agent and the correspondent node instead of Return Routability procedure. For performance evaluation, we analyze signal message transmission costs and handover latencies during handover. We show performance improvement of the proposed scheme which reduces handover latency as 61% compared with the existing scheme.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.22 no.1
• /
• pp.12-21
• /
• 2012

IEEE 802.11 MAC protocol standard, DCF(CSMA/CA), is originally designed to ensure the fair channel access between mobile nodes sharing the local wireless channel. It has been, however, revealed that some misbehavior nodes transmit more data than other nodes through artificial means in hot spot area spreaded rapidly. The misbehavior nodes may modify the internal process of their MAC protocol or interrupt the MAC procedure of normal nodes to achieve more data transmission. This problem has been referred to as a selfish node problem and almost literatures has proposed methods of analyzing the MAC procedures of all mobile nodes to detect the selfish nodes. However, these kinds of protocol analysis methods is not effective at detecting all kinds of selfish nodes enough. This paper address this problem of detecting selfish node using Tsallis-Entropy which is a kind of statistical method. Tsallis-Entropy is a criteria which can show how much is the density or deviation of a probability distribution. The proposed algorithm which operates at a AP node of wireless LAN extracts the probability distribution of data interval time for each node, then compares the one with a threshold value to detect the selfish nodes. To evaluate the performance of proposed algorithm, simulation experiments are performed in various wireless LAN environments (congestion level, how selfish node behaviors, threshold level) using ns2. The simulation results show that the proposed algorithm achieves higher successful detection rate.

• Proceedings of the IEEK Conference
• /
• 2005.11a
• /
• pp.591-594
• /
• 2005

This paper describes a design of AES-based CCM Protocol for IEEE 802.11i Wireless LAN Security. The CCMP core is designed with 128-bit data path and iterative structyre which uses 1 clock cycle per round operation. To maximize its performance, two AES cores are used, one is for counter mode for data confidentiality and the other is for CBC(Cipher Block Chaining) mode for authentication and data integrity. The S-box that requires the largest hardware in AES core is implemented using composite field arithmetic, and the gate count is reduced by about 23% compared with conventional LUT-based design. The CCMP core designed in Verilog-HDL has 35,013 gates, and the estimated throughput is about 768Mbps at 66-MHz clock frequency.

• Journal of the Korea Society of Computer and Information
• /
• v.9 no.3
• /
• pp.177-182
• /
• 2004

The existing group key management architectures applied to a small scale routing protocols may have many overheads with key distribution. Therefore this paper proposes a group key management protocol in PIM-SM multicast group communication. This method divide multicast groups with RP, and subgroup key managers are established in each RP and can be transmitted groups keys. And this does not have needs of the data translation and the new key distribution for path change. This does not have needs of the data translation and the new key distribution for path change, so the data transmission time can be reduced.

• Journal of KIISE:Computer Systems and Theory
• /
• v.29 no.8
• /
• pp.484-492
• /
• 2002

We propose an efficient stream authentication scheme using tree authentication. To reduce the computation cost of the sender, we design the authentication tree whose height is very short. We appropriately distribute authentication information over packets so the receiver can verify data with high probability. Moreover, we provide mathematical analysis on the verification probability. For the proposed scheme and previous schemes, we measured the elapsed time for generating authentication information and the proposed scheme has equal to or slightly larger than that of GM's scheme, which has the lowest computation overhead. We performed simulations, which show that the verification probability of the proposed scheme is much higher than that of any other scheme.

• Proceedings of the Korea Database Society Conference
• /
• 1999.06a
• /
• pp.217-225
• /
• 1999

협상은 상거래에 있어서 매우 중요한 요소 중 하나이다. 현재의 웹 기반 전자상거래 시스템은 이러한 중요한 협상 구조를 상거래에 잘 반영하지 못하는 문제점을 가지고 있다. 이러한 문제점중 기업과 소비자간의 미비한 협상 구조를 보안하기 위해 실세계 상거래에서 존재하는 점원을 전자상거래상의 가상점원으로 모델링하여 회사의 정책과 구매자의 특성을 반영하여 구매자와 전략적으로 자동 협상을 수행할 수 있는 에이전트의 구조를 설계하고 구현하였다. 협상은 매우 복잡한 구조를 가지고 있다. 이러한 협상 구조를 지원하기 위해서는 상호간의 제안을 표현하고, 그 제안에 대한 평가 내용과 결정사항을 전달할 수 있는 언어적인 조가 필요하며, 협상의 대상이 되는 사안들의 특성을 반영할 수 있는 표현 구조도 요구된다. 또한 이러한 협상에서 전략을 세우고 알맞은 제안을 제시하며 상대의 제안에 대하여 전략적으로 반응할 수 있는 의사결정 모델이 요구된다. 본 논문에서는 회사의 정책 모델과 구매자의 모델을 정의하고 이를 이용한 협상 모델을 설계 구현하였다. 협상 구조의 모델링을 위해 KQML(Knowledge Query Manipulation Language)을 기반으로 전자상거래 프로토콜로 설계하고, 논쟁 기반 협상 모델을 기초로 협상언어를 설계하였다. 또한 협상에서의 전략적인 의사결정을 위해 게임이론을 이용하고, 규칙 기반 시스템으로 이를 보충하였다. 마지막으로 가상점원 모델을 바탕으로 조립 컴퓨터 판매를 위한 가상점원을 구현하였고, 이에 대한 실험을 통하여 가상점원의 유용성을 보였다.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.4 no.4
• /
• pp.41-49
• /
• 2008

Sensor networks are often deployed in unattended environments, thus leaving these networks vulnerable to false data injection attacks in which an adversary injects forged reports into the network through compromised nodes. Such attacks by compromised sensors can cause not only false alarms but also the depletion of the finite amount of energy in a battery powered network. In order to reduce damage from these attacks, several security solutions have been proposed. Researchers have also proposed some techniques to increase the energy-efficiency of such security solutions. In this paper, we propose a CH(Cluster Header) selection algorithm to choose low power delivery method in sensor networks. The CNP(Contract Net Protocol), which is an approach to solve distribution problems, is applied to choose CHs for event sensing. As a result of employing CNP, the proposed method can prevent dropping of sensing reports with an insufficient number of message authentication codes during the forwarding process, and is efficient in terms of energy saving.