• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1043-1057
• /
• 2015

In order to recognize intelligent threats quickly and detect and respond to them actively, major public bodies and private institutions operate and administer an Intrusion Detection Systems (IDS), which plays a very important role in finding and detecting attacks. However, most IDS alerts have a problem that they generate false positives. In addition, in order to detect unknown malicious codes and recognize and respond to their threats in advance, APT response solutions or actions based systems are introduced and operated. These execute malicious codes directly using virtual technology and detect abnormal activities in virtual environments or unknown attacks with other methods. However, these, too, have weaknesses such as the avoidance of the virtual environments, the problem of performance about total inspection of traffic and errors in policy. Accordingly, for the effective detection of intrusion, it is very important to enhance security monitoring, consequentially. This study discusses a plan for the reduction of false positives as a plan for the enhancement of security monitoring. As a result of an experiment based on the empirical data of G, rules were drawn in three types and 11 kinds. As a result of a test following these rules, it was verified that the overall detection rate decreased by 30% to 50%, and the performance was improved by over 30%.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.4
• /
• pp.593-607
• /
• 2013

The In-Vehicle-Networking(IVN) of modern cars is constituted by an small electronic control device called ECU. In the past, there was no way to be able to access the IVN of a driving car. so IVN has been recognized as a closed environment so there is no need to exist authentication protocol between devices which are to configure the internal network and to communicate with other devices. However, constant improvements made it possible to access the IVN in many different ways as the communication technology evolves. This possibility created a need for device authentication in IVN. HB-Family are representative authentication schemes in RFID environment which has similar restrictions to IVN. In this paper, we propose an implementation method of HB-Family for device authentication between ECU considering ECU has low computing power and the message field of CAN protocol has restricted size of 8 bytes. In order to evaluate the efficiency and availability of the authentication schemes adopted our method, we have evaluated the performance based on DSP-28335 device. Further, it was possible to improve the efficiency rate of at lest 10%, up to 36%, and we then analyze this result in various aspects of the IVN.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1079-1087
• /
• 2018

Binary scalar multiplication which is the main operation of elliptic curve cryptography is vulnerable to the side-channel analysis. Especially, it is vulnerable to the side-channel analysis which uses power consumption and electromagnetic emission patterns. Thus, various countermeasures have been studied. However, they have focused on eliminating patterns of data dependent branches, statistical characteristic according to intermediate values, or the interrelationships between data. No countermeasure have been taken into account for the secure design of the key bit check phase, although the secret scalar bits are directly loaded during that phase. Therefore, in this paper, we demonstrate that we can extract secret scalar bits with 100% success rate using a single power or a single electromagnetic trace by performing key bit-dependent attack on hardware implementation of binary scalar multiplication algorithm. Experiments are focused on the $Montgomery-L{\acute{o}}pez-Dahab$ ladder algorithm protected by scalar randomization. Our attack does not require sophisticated pre-processing and can defeat existing countermeasures using a single-trace. As a result, we propose a countermeasure and suggest that it should be applied.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.3
• /
• pp.359-370
• /
• 2013

Lin and Chan proposed a reversible secret image sharing scheme in 2010. The advantages of their scheme are as follows: the low distortion ratio, high embedding capacity of shadow images and usage of the reversible. However, their scheme has some problems. First, the number of participants is limited because of modulus prime number m. Second, the overflow can be occurred by additional operations (quantized value and the result value of polynomial) in the secret sharing procedure. Finally, if the coefficient of (t-1)th degree polynomial become zero, (t-1) participants can access secret data. In this paper, an improved reversible secret image sharing scheme which solves the problems of Lin and Chan's scheme while provides the low distortion ratio and high embedding capacity is proposed. The proposed scheme solves the problems that are a limit of a total number of participants, and occurrence of overflow by new polynomial operation over GF($2^8$). Also, it solve problem that the coefficient of (t-1)th degree polynomial become zero by fixed MSB 4-bit constant. In the experimental results, PSNR of their scheme is decreased with the increase of embedding capacity. However, even if the embedding capacity increase, PSNR value of about 45dB or more is maintained uniformly in the proposed scheme.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.383-395
• /
• 2017

Brainwave-based user authentication technology has advantages such as changeability, shoulder-surfing resistance, and etc. comparing with conventional biometric authentications, fingerprint recognition for instance which are widely used for smart phone and finance user authentication. Despite these advantages, brainwave-based authentication technology has not been used in practice because of the price for EEG (electroencephalography) collecting devices and inconvenience to use those devices. However, according to the development of simple and convenient EEG collecting devices which are portable and communicative by the recent advances in hardware technology, relevant researches have been actively performed. However, according to the experiment based on EEG samples collected by using a single-channel EEG measurement device which is the most simplified one, the authentication accuracy decreases as the number of channels to measure and collect EEG decreases. Therefore, in this paper, we analyze technical problems that need to be solved for practical use of brainwave-based use authentication and propose an incremental elimination method of collected EEG samples for each user to consist a set of EEG samples which are effective to authentication users.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.6
• /
• pp.1401-1411
• /
• 2016

The Multi-Prime RSA and the Prime Power RSA are the variants of the RSA cryptosystem, where the Multi-Prime RSA uses the modulus $N=p_1p_2{\cdots}p_r$ for distinct primes $p_1,p_2,{\cdots},p_r$ (r>2) and the Prime Power RSA uses the modulus $N=p^rq$ for two distinct primes p, q and a positive integer r(>1). This paper analyzes the security of these systems by using the technique given by Heninger and Shacham. More specifically, this paper shows that if the $2-2^{1/r}$ random portion of bits of $p_1,p_2,{\cdots},p_r$ is given, then $N=p_1p_2{\cdots}p_r$ can be factorized in the expected polynomial time and if the $2-{\sqrt{2}}$ random fraction of bits of p, q is given, then $N=p^rq$ can be factorized in the expected polynomial time. The analysis is then validated with experimental results for $N=p_1p_2p_3$, $N=p^2q$ and $N=p^3q$.

• KIPS Transactions on Software and Data Engineering
• /
• v.2 no.8
• /
• pp.579-588
• /
• 2013

This paper proposes an effective watermarking approach for copyright protection of fire video images. The proposed watermarking approach efficiently utilizes the inherent characteristics of fire data with respect to color and texture by using a gray level co-occurrence matrix (GLCM) and fuzzy c-means (FCM) clustering. GLCM is used to generate a texture feature dataset by computing energy and homogeneity properties for each candidate fire image block. FCM is used to segment color of the fire image and to select fire texture blocks for embedding watermarks. Each selected block is then decomposed into a one-level wavelet structure with four subbands [LL, LH, HL, HH] using a discrete wavelet transform (DWT), and LH subband coefficients with a gain factor are selected for embedding watermark, where the visibility of the image does not affect. Experimental results show that the proposed watermarking approach achieves about 48 dB of high peak-signal-to-noise ratio (PSNR) and 1.6 to 2.0 of low M-singular value decomposition (M-SVD) values. In addition, the proposed approach outperforms conventional image watermarking approach in terms of normalized correlation (NC) values against several image processing attacks including noise addition, filtering, cropping, and JPEG compression.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.6
• /
• pp.1405-1417
• /
• 2017

Researches that apply the acceleration signal due to user's gait measured at the wearable device to the authentication technology are being introduced recently. The gait acceleration signal based authentication technologies introduced so far have assumed that an attacker can obtain a user's gait acceleration signal only by attaching accelerometer directly to user's body. And the practical attack method for gait acceleration signal based authentication technology is mimic attack and it uses a person whose physical condition is similar to the victim or identifies the gait characteristics through the video of the gait of the victim. However, mimic attack is not effective and attack success rate is also very low, so it is not considered a serious threat. In this paper, we propose Video Gait attack as a new attack method for gait acceleration signal based authentication technology. It is possible to know the position of the wearable device from the user's gait video signal and generate a signal that is very similar to the accelerometer's signal using dynamic equation. We compare the user's gait acceleration signal and the signal that is calculated from video of user's gait and dynamic equation with experiment data collected from eight subjects.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.5
• /
• pp.901-909
• /
• 2021

Since mobile devices have limited computational resources, it tends to use the cloud to compute or store data. As real-time becomes more important due to 5G, many studies have been conducted on edge clouds that computes at locations closer to users than central clouds. The farther the user's physical distance from the edge cloud connected to base station is, the slower the network transmits. So applications should be migrated and re-run to nearby edge cloud for smooth service use. We run applications in docker containers, which is independent of the host operating system and has a relatively light images size compared to the virtual machine. Existing migration studies have been experimented by using network simulators. It uses fixed values, so it is different from the results in the real-world environment. In addition, the method of migrating images through shared storage was used, which poses a risk of packet content exposure. In this paper, Containers are migrated with Secure CoPy(SCP) method, a data encryption transmission, by establishing an edge computing environment in a real-world environment. It compares migration time with Network File System, one of the shared storage methods, and analyzes network packets to verify safety.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.3
• /
• pp.3-12
• /
• 2005

This paper introduces a 3D perceptual model based on JND(Just Noticeable Difference) and proposes a video watermarking scheme which is perceptual approach of adaptive embedding in 3D-DCT domain. Videos are composed of consecutive frames with many similar adjacent frames. If a watermark is embedded in the period of similar frames with little motion, it can be easily noticed by human eyes. Therefore, for the transparency the watermark should be embedded into some places where motions exist and for the robustness its magnitude needs to be adjusted properly. For the transparency and the robustness, watermark based on 3D perceptual model is utilized. That is. the sensitivities from the 3D-DCT quantization are derived based on 3D perceptual model, and the sensitivities of the regions having more local motion than global motion are adjusted. Then the watermark is embedded into visually significant coefficients in proportion to the strength of motion in 3D-DCT domain. Experimental results show that the proposed scheme improves the robustness to MPEG compression and temporal attacks by about $3{\sim}9\%$, compared to the existing 3D-DCT based method. In terms of PSNR, the proposed method is similar to the existing method, but JND guarantees the transparency of watermark.