• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.32 no.3C
• /
• pp.348-354
• /
• 2007

RFID system is emerging new technology for ubiquitous computing environment. RFID system, however, provides privacy problems while the technology offers incredible rich opportunities for applications in the filed of logistics, distribution, and medical services, etc. Many researches have been conducted in order to solve this problem, but the current RFID authentication protocols are still insufficient for settling the privacy problem in the point of view of privacy intrusion and system efficiency. The purpose of this paper is to present a RFID mutual authentication protocol which improves safety level, compared with current authentication protocols. The proposed authentication protocol can provide mutual authentication services, and is secure against location tracing, spoofing, reflection attack.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.42 no.1
• /
• pp.45-50
• /
• 2005

Recently, ubiquitous Computing is being actively researched and one of the main technology in ubiquitous computing environments is recognized as RFID system. The RFID system has much benefits but simultaneously has some problems such as user's privacy violation. Therefore, in this paper, we analyze the privacy problems of previous methods and propose more secure and effective authentication method to protect user's privacy. The proposed protocol is secure against replay attack, spoofing attack and tracking by an attacker.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.2 no.4
• /
• pp.215-221
• /
• 2007

IPv6 is a protocol to solve the address space limitation of IPv4 by IETF. Many transition mechanism to communicate between IPv4 and IPv6 in mixed IPv4/IPv6 network are proposed. DSTM tunneling is a mechanism that dual stack in IPv6 network is able to communicate with node in IPv4 network by dynamic allocating the IPv4 address. This mechanism supports the execution of IPv4 dependent application without modification at IPv6 network. In this paper, we explain the security vulnerability at DSTM network for DHCP attack, TEP attack, and source spoofing attack then describe the result of attacks.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38C no.1
• /
• pp.12-18
• /
• 2013

In 2012, Woosik Bae proposed a DAP3-RS(Design of Authentication Protocol for Privacy Protection in RFID Systems) using the hash function and AES(Advanced Encryption Standard) algorithm to hide Tag's identification and to generates variable data in every session. He argued that the DAP3-RS is safe from spoofing attack, replay attack, traffic analysis and etc. Also, the DAP3-RS resolved problem by fixed metaID of Hash-Lock protocol using AES algorithm. However, unlike his argue, attacker can pass authentication and traffic analysis using by same data and fixed hash value on the wireless. We proposed authentication protocol based on AES algorithm. Also, our protocol is secure and efficient in comparison with the DAP3-RS.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.1
• /
• pp.19-26
• /
• 2003

Recently, the number of internet service companies is increasing and so is the number of malicious attackers. Damage such as distrust about credit and instability of the service by these attacks may influence us fatally as it makes companies image failing down. One of the frequent and fatal attacks is DoS(Denial-of-Service). Because the attacker performs IP spoofing for hiding his location in DoS attack it is hard to get an exact location of the attacker from source IP address only. and even if the system recovers from the attack successfully, if attack origin has not been identified, we have to consider the possibility that there may be another attack again in near future by the same attacker. This study suggests to find the attack origin through MAC address marking of the attack origin. It is based on an IP trace algorithm, called Marking Algorithm. It modifies the Martins Algorithm so that we can convey the MAC address of the intervening routers, and as a result it can trace the exact IP address of the original attacker. To improve the detection time, our algorithm also contains a technique to improve the packet arrival rate. By adjusting marking probability according to the distance from the packet origin we were able to decrease the number of needed packets to traceback the IP address.

• Journal of Digital Convergence
• /
• v.13 no.10
• /
• pp.279-285
• /
• 2015

In this paper, we present the design and implementation of a realtime DNS Query Analysis System to detect and to protect from DNS attacks. The proposed system uses mirroring to collect data in DMZ, then analizes the collected data. As a result of the analysis, if the proposed system finds attack information, the information is used as a filtering information of firewall. statistic of the collected data is viewed as a realtime monitoring information on the web. To verify the effictiveness of the proposed system, we have built the proposed system and conducted some experiments. As the result, Our proposed system can be used effectively to defend DNS spoofing, DNS flooding attack, DNS amplification attack, can prevent interior network's attackers from attacking and provides realtime DNS query statistic information and geographic information for monitoring DNS query using GeoIP API and Google API. It can be useful information for ICT convergence and the future work.

• Convergence Security Journal
• /
• v.13 no.3
• /
• pp.47-54
• /
• 2013

Ad-hoc network is composed of mobile nodes and has a vulnerability of attack like on conventional wire networks. So, many studies have been conducted to apply the traceback mechanism on wire network to Ad-hoc network. In this paper, a new mechanism that can trace back to IP source of spoofing DDoS packet using iTrace message on Ad-hoc network is proposed. The proposed mechanism implements ICMP Traceback message and the traceback path between agents allocated in local network and a server located in management network. Also the proposed mechanism can trace the position of attacker even after an attack is over and has extendability through standardization by using a mechanism that IETF proposed. Result of performance evaluation shows a great improvement in terms of load, integrity, safety, traceback function as compared with conventional mechanisms.

• Journal of Digital Convergence
• /
• v.12 no.5
• /
• pp.249-254
• /
• 2014

Recent advancement of USN technology has lent itself to the evolving communication technology for implantable devices in the field of medical service. The wireless transmission section for communication between implantable medical devices and patients is a cause of concern over invasion of privacy, resulting from external attackers' hacking and thus leakage of private medical information. In addition, any attempt to manipulate patients' medical information could end up in serious medical issues. The present study proposes an authentication protocol safe against intruders' attacks when RFID/USN technology is applied to implantable medical devices. Being safe against spoofing, information exposure and eavesdropping attacks, the proposed protocol is based on hash-function operation and adopts session keys and random numbers to prevent re-encryption. This paper verifies the security of the proposed protocol using the formal verification tool, Casper/FDR.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.05a
• /
• pp.241-243
• /
• 2016

In the Past, Trend of car security was Physical Something like doorlock system, and The Generation did not have skills connecting External devices. Through Car Development is up, that trend of car security Changed Physical Security to Intelligence Security. This Changes give a chance to hackers to attack this system. This System use CAN(Controller Area Network) Protocol which have three vulnerabilities. First, ID Spoofing, Twice, D - Dos Attack, Third, Android Application Injected Modern cars have many ECU(Electronic Control Unit) to control devices like Engine ON/OFF, Door Lock Handling, and Controlling Handle. Because CAN Protocol spread signal using broadcast, Hackers can get the signal very easily, and Those often use Mobile devices like Android or IOS to attack this system. if bluetooth signal is spread wide, hackers get the signal, and analysis the bluetooth data, so then They makes certain data to attack ECU, they send the data to ECU, and control ECU installed car. so I suggest that I will prevent this attack to make Auth system and prevent this attack in end of Android.

• Journal of Digital Convergence
• /
• v.10 no.10
• /
• pp.325-332
• /
• 2012

Due to its communication vulnerability resulting in a range of problems, e.g. eavesdropping, information exposure, traffic analysis and spoofing, RFID system becomes the target of attackers. Accordingly, many investigators have proposed various protocols to the extent of theorem proving or verification as the implementation is challenging. This paper thus proposes a safe RFID security protocol using public keys, session keys, hashes, XORs, and random numbers. Timestamps and hashes are applied to the most vulnerable section between readers and tags to detect attacks in attack signals with time difference. Also, to prevent tag information from being exposed in the last session, hash operation is adopted before communication. Finally, in this paper, we designed a RFID security protocol using public and session keys applicable to real systems and verified the security of the proposed protocol with a differentiated formal verification technique.