• Journal of the Korea Society of Computer and Information
• /
• v.16 no.12
• /
• pp.227-234
• /
• 2011

Many technologies for wireless internet are increasing as more and more laptop computers, net books, smart phone and other terminals, which provide wireless network, are created. IEEE 802.11 is computer wireless network technology that used in small area, called wireless LAN or Wi-Fi. IEEE 802.11 is a set of standards for implementing wireless local area network (WLAN) computer communication in the 2.4, 3.6 and 5 GHz frequency bands. They are created and maintained by the IEEE LAN/MAN Standards Committee (IEEE 802). AP (Access Point) is installed at cafes and public places providing wireless environment. It is more convenient to use wireless internet, however, It can be seen easily around us and possible to communicate with AP. IEEE 802.11 has many vulnerability, such as packet manipulation and information disclosure, so we should pay more attention when using IEEE 802.11. Therefore this paper developing monitoring system which can find out AP and Stations that connect with it, and capturing AP's information to find out vulnerability. This paper suggests monitoring system which traffic analysis in wireless environment.

• Journal of Internet Computing and Services
• /
• v.14 no.6
• /
• pp.125-139
• /
• 2013

Distribution of malicious applications developed by attackers is increasing along with general normal applications due to the openness of the Android-based open market. Mechanism that allows more accurate ways to distinguish normal apps and malicious apps for common mobile devices should be developed in order to reduce the damage caused by the rampant malicious applications. This paper analysed the normal event pattern from the most highly used game apps in the Android open market to analyse the event pattern from normal apps and malicious apps of mobile devices that are based on the Android platform, and analysed the malicious event pattern from the malicious apps and the disguising malicious apps in the form of a game app among 1260 malware samples distributed by Android MalGenome Project. As described, experiment that extracts normal app and malicious app events was performed using Strace, the Linux-based system call extraction tool, targeting normal apps and malicious apps on Android-based mobile devices. Relevance analysis for each event set was performed on collected events that occurred when normal apps and malicious apps were running. This paper successfully extracted event similarity through this process of analyzing the event occurrence characteristics, pattern and distribution on each set of normal apps and malicious apps, and lastly suggested a mechanism that determines whether any given app is malicious.

• Journal of Internet Computing and Services
• /
• v.18 no.1
• /
• pp.65-75
• /
• 2017

The Detection Model is the model to find the result of a certain purpose using artificial intelligent, data mining, intelligent algorithms In Cyber Security, it usually uses to detect intrusion, malwares, cyber incident, and attacks etc. There are an amount of unlabeled data that are collected in a real environment such as security data. Since the most of data are not defined the class labels, it is difficult to know type of data. Therefore, the label determination process is required to detect and analysis with accuracy. In this paper, we proposed a KDFL(K-means and D-S Fusion based Labeling) method using D-S inference and k-means(unsupervised) algorithms to decide label of data records by fusion, and a detection model architecture using a proposed labeling method. A proposed method has shown better performance on detection rate, accuracy, F1-measure index than other methods. In addition, since it has shown the improved results in error rate, we have verified good performance of our proposed method.

• Journal of Internet Computing and Services
• /
• v.20 no.6
• /
• pp.105-117
• /
• 2019

Bitcoin, which can be classified as a cryptocurrency, has attracted attention from various industries because it is an innovative digital currency and the beginning of a Blockchain system. However, as the research on Bitcoin progressed, several security vulnerabilities and possible attacks were analyzed. Among them, the security problem caused by the transparency of the Blockchain database prevents the Blockchain system from being applied to various fields. This vulnerability is further classified as the weak anonymity of participating nodes and privacy problem due to disclosure of transaction details. In recent years, several countermeasures have been developed against these vulnerabilities. In this paper, we first describe the main features of the public and private Blockchain, and explain privacy, unlinkability and anonymity. And, three public Blockchain platforms, Dash, Zcash and Monero which are derived from Bitcoin, and Hyperledger Fabric which is a private Blockchain platform, are examined. And we analyze the operating principles of the protocols applied on each platform. In addition, we classify the applied technologies into anonymity and privacy protection in detail, analyze the advantages and disadvantages, and compare the features and relative performance of the platforms based on the computational speed of the applied cryptographic mechanisms.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.18 no.4
• /
• pp.19-26
• /
• 2018

In recent years, the substantial increase in the population's average age leads to an exceeded number of older persons comparing with the number of any other age group. As a result, both industry and academia are focused on the development of several solutions aimed to guarantee a healthy and safe lifestyle to the elderly. Ambient Assisted Living (AAL) approach is the way to guarantee better life conditions for the aged and for monitoring their health conditions by the development of innovative technologies and services. AAL technologies can also provide more safety for the elderly, offering emergency response mechanisms, fall detection solutions, and video surveillance systems. Unfortunately, due to the sensitive nature of AAL data, AAL systems should satisfy security requirements such as integrity, confidentiality, availability, anonymity, and others. In this paper, we propose an adaptive authentication protocol for the AAL systems. The proposed authentication protocol not only supports several important security requirements needed by the AAL systems, but can also withstand various types of attacks. In addition, the security analysis results show that the proposed authentication protocol is more efficient and secure than the existing authentication protocols.

• Journal of Internet Computing and Services
• /
• v.17 no.6
• /
• pp.93-101
• /
• 2016

As the Android smart phones become more popular, applications that handle users' personal data such as IDs or passwords and those that handle data directly related to companies' income such as in-game items are also increasing. Despite the need for such information to be protected, it can be modified by malicious users or leaked by attackers on the Android. The reason that this happens is because debugging functions of the Linux, base of the Android, are abused. If an application uses debugging functions, it can access the virtual memory of other applications. To prevent such abuse, access controls should be reinforced. However, these functions have been incorporated into Android O.S from its Linux base in unmodified form. In this paper, based on an analysis of both existing memory access functions and the Android environment, we proposes a function that verifies thread group ID and then protects against illegal use to reinforce access control. We conducted experiments to verify that the proposed method effectively reinforces access control. To do that, we made a simple application and modified data of the experimental application by using well-established memory editing applications. Under the existing Android environment, the memory editor applications could modify our application's data, but, after incorporating our changes on the same Android Operating System, it could not.

• Journal of Internet Computing and Services
• /
• v.22 no.2
• /
• pp.29-39
• /
• 2021

As damages to individuals, private sectors, and businesses increase due to newly occurring cyber attacks, the underlying network security problem has emerged as a major problem in computer systems. Therefore, NIDS using machine learning and deep learning is being studied to improve the limitations that occur in the existing Network Intrusion Detection System. In this study, a deep learning-based NIDS model study is conducted using the Convolution Neural Network (CNN) algorithm. For the image classification-based CNN algorithm learning, a discrete algorithm for continuity variables was added in the preprocessing stage used previously, and the predicted variables were expressed in a linear relationship and converted into easy-to-interpret data. Finally, the network packet processed through the above process is mapped to a square matrix structure and converted into a pixel image. For the performance evaluation of the proposed model, NSL-KDD, a representative network packet data, was used, and accuracy, precision, recall, and f1-score were used as performance indicators. As a result of the experiment, the proposed model showed the highest performance with an accuracy of 85%, and the harmonic mean (F1-Score) of the R2L class with a small number of training samples was 71%, showing very good performance compared to other models.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.19 no.4
• /
• pp.77-83
• /
• 2019

With the increase in population, the number of such senior citizens is increasing day by day. These senior citizens have a variety of care needs, but there are not enough health workers to look after them. Ambient Assisted Living (AAL) aims at ensuring the safety and health quality of the older adults and extending the number of years the senior citizens can live independently in an environment of their own preference. AAL provides a system comprising of smart devices, medical sensors, wireless networks, computer and software applications for healthcare monitoring. AAL can be used for various purposes like preventing, curing, and improving wellness and health conditions of older adults. While information security and privacy are critical to providing assurance that users of AAL systems are protected, few studies take into account this feature. In this paper, we propose a secure and lightweight authentication scheme for the AAL systems. The proposed authentication scheme not only supports several important security requirements needed by the AAL systems, but can also withstand various types of attacks. Also, the security analysis results are presented to show the proposed authentication scheme is more secure and efficient rather than existing authentication schemes.

• Journal of Internet Computing and Services
• /
• v.23 no.5
• /
• pp.127-134
• /
• 2022

Steganography is a hidden technique in which secret messages are hidden in various multimedia files, and it is widely exploited for cyber crime and attacks because it is very difficult for third parties other than senders and receivers to identify the presence of hidden information in communication messages. Botnet typically consists of botmasters, bots, and C&C (Command & Control) servers, and is a botmasters-controlled network with various structures such as centralized, distributed (P2P), and hybrid. Recently, in order to enhance the concealment of botnets, research on Stego Botnet, which uses SNS platforms instead of C&C servers and performs C&C communication by applying steganography techniques, has been actively conducted, but image or video media-oriented stego botnet techniques have been studied. On the other hand, audio files such as various sound sources and recording files are also actively shared on SNS, so research on stego botnet based on audio steganography is needed. Therefore, in this study, we present the results of comparative analysis on hidden capacity by file type and tool through experiments, using a stego botnet that performs C&C hidden communication using audio files as a cover medium in Telegram Messenger.

• Journal of Internet Computing and Services
• /
• v.24 no.6
• /
• pp.119-125
• /
• 2023

Through the Ukraine-Russia war, the military importance of drones is being reassessed, and North Korea has completed actual verification through a drone provocation towards South Korea at 2022. Furthermore, North Korea is actively integrating artificial intelligence (AI) technology into drones, highlighting the increasing threat posed by drones. In response, the Republic of Korea military has established Drone Operations Command(DOC) and implemented various drone defense systems. However, there is a concern that the efforts to enhance capabilities are disproportionately focused on striking systems, making it challenging to effectively counter swarm drone attacks. Particularly, Air Force bases located adjacent to urban areas face significant limitations in the use of traditional air defense weapons due to concerns about civilian casualties. Therefore, this study proposes a new passive air defense method that aims at disrupting the object detection capabilities of AI models to enhance the survivability of friendly aircraft against the threat posed by AI based swarm drones. Using laser-based adversarial examples, the study seeks to degrade the recognition accuracy of object recognition AI installed on enemy drones. Experimental results using synthetic images and precision-reduced models confirmed that the proposed method decreased the recognition accuracy of object recognition AI, which was initially approximately 95%, to around 0-15% after the application of the proposed method, thereby validating the effectiveness of the proposed method.