• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.13 no.1
• /
• pp.382-389
• /
• 2012

The fabricated report attack will not only cause false alarms that waste real-world response efforts such as sending response teams to the event location, but also drains the finite amount of energy in a wireless sensor network. In this paper, we propose a probabilistic filtering method for sensor network security (PFSS) to deal with filtering for the fabricated report. On the basis of filtering scheme, PFSS combines cluster-based organization and probabilistic verification node assignment using distance of from cluster head to base station for energy efficiency and hot spot problem. Through both analysis and simulation, we demonstrate that PFSS could achieve efficient protection against fabricated report attack while maintaining a sufficiently high filtering power.

• The Journal of the Korea Contents Association
• /
• v.11 no.1
• /
• pp.42-49
• /
• 2011

Proxy signature schemes are configured as proxy signers on behalf of their original signers can be allowed to sign messages. Basic security requirements of proxy signature schemes include the strong unforgeability and the verifiability of delegation. So far, a variety of proxy signature schemes that proved on individual basic security terms but not proved on compounded security terms are proposed. Especially the proposed proxy signature schemes based on RSA problem are proved vulnerable to an attacker with his own private key in terms of the impersonating attack. A unauthorized attacker can generate the proxy signature without the appointee's consent or authorization. In this paper, we propose a proxy signature scheme based on RSA problems and warrants that can be proved the security against the impersonating attack. The proposed proxy signature scheme is analyzed on the safety and compared in terms of efficiency with other proxy signature schemes.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.5C
• /
• pp.523-531
• /
• 2003

Java applets are downloaded from web server through internet and executed in Java Virtual Machine of clients'browser. Before execution of java applets, JVM checks bytecode program with bytecode verifier and performs runtime tests with interpreter. However, these tests will not protect against undesirable runtime behavior of java applets, such as denial of service attack, email forging attack, URL spoofing attack, or annoying sound attack. In order to protect malicious applets, a technique used in this paper is java bytecode modification. This technique is used to restrict applet behavior or insert code appropriate to profiling or other monitoring efforts. Java byte modification is divided into two general forms, class-level modification involving subclassing non-final classes and method-level modification used when control over objects from final classes or interface. This paper showed that malicious applets are controlled by java bytecode modification using proxy server. This implementation does not require any changes in the web sever, JVM or web browser.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.19 no.5
• /
• pp.9-17
• /
• 2019

As the IoT environment becomes more popular, the safety of the M2M environment, which establishes the communication environment between objects and objects without human intervention, becomes important. Due to the nature of the wireless communication environment, there is a possibility of exposure to security threats in various aspects such as data exposure, falsification, tampering, deletion and privacy, and secure communication security technology is considered as an important requirement. In this paper, we propose a new method for group key generation and exchange using trap hash collision hash in existing 'M2M communication environment' using hash collision, And a mechanism for confirming the authentication of the device and the gateway after the group key is generated. The proposed method has attack resistance such as spoofing attack, meson attack, and retransmission attack in the group communication section by using the specificity of the collision message and collision hash, and is a technique for proving safety against vulnerability of hash collision.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.7 no.1
• /
• pp.90-99
• /
• 2003

Java applets are downloaded from web server through internet and executed in Java Virtual Machine of clients' browser. Before execution of java applets, JVM checks bytecode program with bytecode verifier and performs runtime tests with interpreter. However, these tests will not protect against undesirable runtime behavior of java applets, such as denial of service attack, email forging attack, URL spoofing attack, and annoying sound attack. In order to protect malicious applets, a technique used in this paper is java bytecode modification. This technique is used to restrict applet behavior or insert code appropriate to profiling or other monitoring efforts. Java byte modification is divided into two general forms, class-level modification involving subclassing non-final classes and method-level modification used when control over objects from final classes or interface. This paper showed that malicious applets are controlled by java bytecode modification using proxy server. This implementation does not require any changes in the web sever, JVM or web browser.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.5
• /
• pp.9-17
• /
• 2015

The development of wireless communication technology and change in the ICT market has led to the development of the M2M service and technology. Under these circumstances, the M2M environment has been the focus of communication environment construction between machines without control or direct intervention of human being. With characteristics of wireless communication environment, the possibility of being exposed to numerous security threats and safe communication security technology have becoming an issue an important requirements for problems such as data exposure, forgery, modulation, deletion, and privacy. This research analyzes requirements of trapdoor collision hash, generates keys between groups under the M2M environment by using the specificity of trapdoor, and suggests technology to exchange keys with session keys. Further, it also suggests techniques to confirm authentication of device and gateway in accordance with group key generation. The techniques herein suggested are confirmed as safe methods in that they have attack resistance such as Masquerade Attack, Man-in-the-Middle Attack, and Replay Attack in the group communication block by using the speciality of collision message and collision hash.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.650-652
• /
• 2013

As VANET(Vehicular Ad-hoc NETwork) improves road safety, efficiency, and comfort, and provides a value-added service such as commerce information or internet access. it is the most important technology in ITS(Intelligent Transportation System). But, In VANETs, better communication efficiency can be achieved by sacrificing security and vice versa. VANETs cannot get started without either of them. Therefore, to solve these problems simultaneously, this paper proposes MAC(Message Authentication Code) based SDAP(Secure Data Aggregation Protocol) which removes redundant data or abnormal data between vehicles and verifies the integrity of message. The MAC based SDAP not only improves the efficiency of data delivery but also enhances the security by detecting malicious attacks such as propagation jamming attack, forgery attack, and disguised attack.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.12 no.10
• /
• pp.4612-4617
• /
• 2011

Hsiang-Shin proposed a user authentication scheme which was created by improving Yoon's scheme. Afterwards, An showed the failure to meet security requirements which are considered in user authentication using password-based smart card in Hsiang-Shih-suggested scheme. In other words, it was found that an attacker can steal a user's card, and detect a user's password by temporarily accessing it and extracting the information stored in it. However, An-proposed scheme also showed its vulnerability to password-guessing attack and forgery/impersonation attack, etc. and thus, this paper proposed the improved user authentication scheme. The proposed authentication scheme can thwart the password-guessing attack completely and this paper proposed scheme also includes an efficient mutual authentication method that can make it possible for users and authentication server to certify the other party.

• The KIPS Transactions:PartC
• /
• v.17C no.1
• /
• pp.1-14
• /
• 2010

IEEE 802.15.4[1] has been standardized for the physical layer and MAC layer of LR-PANs(Low Rate-Wireless Personal Area Networks) as a technology for operations with low power on sensor networks. The standardization is applied to the variety of applications in the shortrange wireless communication with limited output and performance, for example wireless sensor or virtual wire, but it includes vulnerabilities for various attacks because of the lack of security researches. In this paper, we analyze the vulnerabilities against the denial of sleep attacks on the MAC layer of IEEE 802.15.4, and propose a detection mechanism against it. In results, we analyzed the possibilities of denial of sleep attacks by the modification of superframe, the modification of CW(Contention Window), the process of channel scan or PAN association, and so on. Moreover, we comprehended that some of these attacks can mount even though the standardized security services such as encryption or authentication are performed. In addition to, we model for denial of sleep attacks by Beacon/Association Request messages, and propose a detection mechanism against them. This detection mechanism utilizes the management table consisting of the interval and node ID of request messages, and signal strength. In simulation results, we can show the effect of attacks, the detection possibility and performance superiorities of proposed mechanism.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2022.05a
• /
• pp.252-255
• /
• 2022

기존 블록체인 기술을 활용해 새로운 비즈니스 모델을 개발 및 투자하려는 기업들의 관심이 높아지고 있으나, 낮은 확장성으로 인해 기존 블록체인 기술만으로는 시장에서 활용되기 어렵다. 블록체인의 낮은 확장성을 해결하기 위해 검증된 참여자만 참여하는 프라이빗 블록체인과 프라이빗 블록체인 고속화를 위한 관련 연구가 같이 진행되고 있다. 삼성의 넥스레저는 하이퍼레저 패브릭의 다중 버전 동시성 제어(MVCC) 충돌로 인한 낮은 TPS 문제를 해결하기 위해 Accelerator를 추가하여 고속화를 진행하였다. 하지만 모든 트랜잭션을 수집하여 처리하는 방식인 Accelerator는 중앙화로 인해 악의적인 공격 타깃이 되어 단일 장애 지점 문제가 발생할 수 있으며, 공격으로 인해 위조되거나 분실된 데이터는 검증 없이 블록체인 블록에 반영되고, 한번 반영된 데이터는 수정이 어렵다. 본 논문에서는 이와 같이 프라이빗 블록체인 고속화 상황에서 발생할 수 있는 단일 장애 지점 문제를 해결하기 위해 CMT와 사기증명 기반의 고속화 하이퍼레저 패브릭 시스템을 제안했으며, 제안한 시스템을 구축하고 성능 테스트를 통해 CMT 하이퍼레저 패브릭 시스템 성능이 99.58% 유지됨과 사기증명이 가능함을 확인하였다.