• The Journal of Society for e-Business Studies
• /
• v.22 no.2
• /
• pp.169-185
• /
• 2017

Juliano Rizzo and Thai Duong, the authors of the BEAST attack [11, 12] on SSL, have proposed a new attack named CRIME [13] which is Compression Ratio Info-leak Made Easy. The CRIME exploits how data compression and encryption interact to discover secret information about the underlying encrypted data. Repeating this method allows an attacker to eventually decrypt the data and recover HTTP session cookies. This security weakness targets in SPDY and SSL/TLS compression. The attack becomes effective because the attacker is enable to choose different input data and observe the length of the encrypted data that comes out. Since Transport Layer Security (TLS) ensures integrity of data transmitted between two parties (server and client) and provides strong authentication for both parties, in the last few years, it has a wide range of attacks on SSL/TLS which have exploited various features in the TLS mechanism. In this paper, we will discuss about the CRIME and other versions of SSL/TLS attacks along with countermeasures, implementations. We also present direction for SSL/TLS attacks resistance in practice.

• The Transactions of the Korea Information Processing Society
• /
• v.13 no.4
• /
• pp.157-165
• /
• 2024

The evolution of the Distributed Denial of Service Attack(DDoS Attack) method has increased the difficulty in the detection process. One of the solutions to overcome the problems caused by the limitations of the existing victim-side detection method was the source-side detection technique. However, there was a problem of performance degradation due to network traffic irregularities. In order to solve this problem, research has been conducted to detect attacks using a collaborative network between several nodes based on artificial intelligence. Existing methods have shown limitations, especially in nonlinear traffic environments with high Burstness and jitter. To overcome this problem, this paper presents a collaborative source-side DDoS attack detection technique introduced with an attention mechanism. The proposed method aggregates detection results from multiple sources and assigns weights to each region, and through this, it is possible to effectively detect overall attacks and attacks in specific few areas. In particular, it shows a high detection rate with a low false positive of about 6% and a high detection rate of up to 4.3% in a nonlinear traffic dataset, and it can also confirm improvement in attack detection problems in a small number of regions compared to methods that showed limitations in the existing nonlinear traffic environment.

• Journal of Global Scholars of Marketing Science
• /
• v.17 no.4
• /
• pp.113-139
• /
• 2007

This study aims to, looking from a standpoint of network, has investigated the shipping industry's B2B e-marketplace, the characteristics that can earn electronic trust from the users, and characteristics of the web-site. It has examined the mechanism whereby electronic trust be earned and how it affects web-site involvement and service transaction intention. Ultimately, The study attempts to make proposals whereby such trust can lead for a cooperative trading community in the shipping industry's B2B e-marketplace The Covalence structural equation modeling was designed and empirically tested for the shipping industry's B2B e-marketplace. The shipping industry employees were given questionnaires and data were analyzed. Except for perceived security of the three characteristic factors on the web-site, the perceived site quality and characteristics factors in operation only affected co-variables. Transaction Fairness was determined to be the most important factor among exogenous factors increasing electronic trust. With regards to transaction rules, if a transaction is beneficial only to one side, then no long term transaction will not take place. If the concerned parties properly recognize that transaction fairness is crucial to electronic transaction, then it will enormously contribute to successful operations of shipping e-marketplace. Also, Perceived efficiency in transaction also affects electronic trust. This reduces transaction costs and speeds up and simplifies the transaction process. It has reduced greater time and costs than existing off-line transaction, and would positively affect electronic trust. By making an open forum for participants to obtain information for transaction, they can gather useful information, and at the same time, the web-site operator can provide information, which, in turn, will increase electronic trust in electronic transaction. Furthermore, such formation of trust in electronic transaction influences shipping companies in such a way that they will want to continuously participate in the transaction, raising web-site involvement. The result of increased trust is that shipping companies in the future will do business with each other and form a foundation for continuous transactions amongst themselves. Consequently, the formation of trust in electronic transaction greatly influences web-site involvement and service transaction intention. The results of the study have again proved that in order to maintain continuous business relationship with the current clients, electronic trust in virtual space, which operates the shipping industry's B2B e-marketplace, is important for the interested parties.