• Journal of IKEEE
• /
• v.24 no.2
• /
• pp.543-549
• /
• 2020

As the importance of security increases in various fields, research on a random number generator (RNG) used for generating an encryption key, has been actively conducted. A high-quality RNG is essential to generate a high-performance encryption key, but the initial pseudo-random number generator (PRNG) has the possibility of predicting the encryption key from the outside even though a large amount of hardware resources are required to generate a sufficiently high-performance random number. Therefore, the demand of high-quality true random number generator (TRNG) generating random number through various noises is increasing. This paper examines and compares the representative TRNG methods based on metastable-based and ring-oscillator-based TRNGs. We compare the methods how the random sources are generated in each TRNG and evaluate its performances using NIST SP 800-22 tests.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.42 no.11
• /
• pp.35-44
• /
• 2005

In Mobile IP protocol, because a mobile node still uses its home IP address even though it moves to foreign network from home network, authentication among mobile node, foreign network and home network is critical issue. Many researches about this issue have been based on shared secret, for example mobile node and home agent authenticate each other with pre-shared symmetry key. And they missed several security issues such as replay attack. Although public key scheme could be applied to this issue easily, since the public key cryptography is computationally complicated, it still has the problem that it is not practical to realistic environment. In this paper, we describe several security issues in Mobile IP protocol. And we propose new Mobile IP authentication protocol that is applicable to realistic environment using public key algorithm based on certificate. It has scalability for mobile nodes and is applicable to the original Mobile IP protocol without any change. Finally we prove security of the proposed protocol and that it might not affect performance of the original Mobile IP protocol.

• Journal of the Korea Society of Computer and Information
• /
• v.19 no.1
• /
• pp.85-94
• /
• 2014

This paper studied the detection technique using file DNA-based behavior pattern analysis in order to minimize damage to user system by malicious programs before signature or security patch is released. The file DNA-based detection technique was applied to defend against zero day attack and to minimize false detection, by remedying weaknesses of the conventional network-based packet detection technique and process-based detection technique. For the file DNA-based detection technique, abnormal behaviors of malware were splitted into network-related behaviors and process-related behaviors. This technique was employed to check and block crucial behaviors of process and network behaviors operating in user system, according to the fixed conditions, to analyze the similarity of behavior patterns of malware, based on the file DNA which process behaviors and network behaviors are mixed, and to deal with it rapidly through hazard warning and cut-off.

• Korean Security Journal
• /
• no.14
• /
• pp.109-123
• /
• 2007

Traffic terror is one of the terror types subject on transportation means. However, unlike the aircraft or ship, there is no case of negotiating with passengers as hostage but to unconditionally attack that the human casualty would be much greater. In act, the terror on subway or bus would have much bigger damage than the terror on aircraft or ship. Because of such fact, there is a need for full preparation thereto, however, there is no preparation of advance preventive measure, particularly, when comparing to the cases involving aircraft. In addition, the passengers who use railway and others in the position of citizens do not have any defense mechanism against any terror activity to make the problem even more serious. Therefore, in order to prevent traffic terror, the first thing is to implement the identity confirmation of passengers, followed by the through search of cargos of the passengers, supplement the capability against the terror by the security team members, strengthen the responsive capability of citizens, thorough check on facilities, expansion of social security network and others. All terrors are within the reach of our neighborhood at the time when we neglect it, and the most secured and safe way to prevent the terror is to check and prepare at all times beginning from our familiar facilities or means.

• Journal of KIISE:Computing Practices and Letters
• /
• v.14 no.5
• /
• pp.512-516
• /
• 2008

A conference-key agreement protocol is essential for computer network conferences that need secure communications. Especially, the fault-tolerant conference-key agreement can make a shared conference-key even if some make conferees disturb the key agreement processes. However, the performance of the previous fault-tolerant conference-key agreement protocols is decreasing significantly when the number of fake conferees is increasing. In this paper, we propose an efficient fault-tolerant conference key agreement protocol. Our scheme is based on the ID-based one round tripartite conference key agreement protocol. Simulation results show our scheme's efficiency against Yi's method especially when the number of fake conferees is large.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.5
• /
• pp.1003-1008
• /
• 2017

The Internet of Things has attracted considerable research attention in recent years. In order for the new IoT technology to be widely used, the reliability and protection of information is required. IoT systems are very vulnerable to physical security due to their easy accessibility. Along with the development of SoC technology, many operating systems have been developed and many new operating systems have been introduced. In this paper, we describe the vulnerability analysis results for operating systems running on the ARMv7 Thumb Architecture hardware platform. For the recently introduced "Windows 10 IoT Core" operating system, I implemented the Zero-Day Attack by implanting the penetration code developed through the research into a specific IoT system. The virus detection test for the resulting penetration code was validated by referral to the "virustotal" site.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.9
• /
• pp.1257-1263
• /
• 2018

Secure authentication technology is a fundamental building block for secure services for Internet of Things devices. Particularly, the multiplication operation is a core operation of public key cryptography, such as RSA, ECC, and SIDH. However, modern low-power processor, namely ARM Cortex-M3 processor, is not secure enough for practical usages, since it executes the multiplication operation in variable-time depending on the input length. When the execution is performed in variable-time, the attacker can extract the password from the measured timing. In order to resolve this issue, recent work presented constant-time solution for multiplication operation. However, the implementation still missed various speed-optimization techniques. In this paper, we analyze previous multiplication methods over ARM Cortex-M3 and provide optimized implementations to accelerate the speed-performance further. The proposed method successfully accelerates the execution-time by up-to 25.7% than previous works.

• Journal of KIISE:Information Networking
• /
• v.32 no.1
• /
• pp.1-11
• /
• 2005

Internet has become an essential part of our daily lives. Many of the day to day activities can already be carried out over Internet, and its convenience has greatly increased the number of Internet users. Hut as Internet gains its popularity, the illicit incidents over Internet has also proliferated. The intruder trace-back technology is the one that enables real time tracking the position of the hacker who attempts to invade the system through the various bypass routes. In this paper, the RTS algorithm which is the TCP connection trace-back system using the watermarking technology on Internet is proposed. Furthermore, the trace-bark elements are modeled by analyzing the Proposed trace-back algorithm, and the results of the simulation under the virtual topology network using ns-2, the network simulation tool are presented.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.3B
• /
• pp.149-157
• /
• 2012

In WSN environment, the sensor nodes collect sensed data, and transmit data to the BS. BS is difficult to trust the data from unauthenticated nodes. Therefore, many papers have been proposed about the node authentication and the safety of data. In the AM-E paper, data is delivered after node authentication. In this time, the sensor nodes are directly communicated to BS the AREQ/AREP message for authentication. Therefore, the sensor nodes consume more energy for authentication. Also, noes communicate directly with the BS for authentication will have problem due to the limited energy of nodes. In this paper, the same security with AM-E is supported, Furthermore, to minimize the energy consumption, IDE based hierarchical node authentication protocol is proposed. Compared with AM-E, the number of alive nodes is increased about 39%. Thus, the entire network life time is extended and energy efficiency is improved.

• Journal of Internet Computing and Services
• /
• v.9 no.6
• /
• pp.27-35
• /
• 2008

With the proliferation of wireless devices, mobile ad-hoc networking (MANETS) has become a very exciting and important technology. However, MANET is more vulnerable than wired networking. Existing security mechanisms designed for wired networks have to be redesigned in this new environment. In this paper, we discuss the problem of anomaly detection in MANET. The focus of our research is on techniques for automatically constructing anomaly detection models that are capable of detecting new or unseen attacks. We propose a new anomaly detection method for MANETs. The proposed method performs cross-feature analysis on the basis of Rough sets to capture the inter-feature correlation patterns in normal traffic. The performance of the proposed method is evaluated through a simulation. The results show that the performance of the proposed method is superior to the performance of Huang method that uses cross-feature based on the probability of feature attribute value. Accordingly, we know that the proposed method effectively detects anomalies.