• Journal of KIISE:Information Networking
• /
• v.33 no.2
• /
• pp.175-182
• /
• 2006

The CGA proposed by IETF working group prevents address spoofing and stealing and provides digital signature to users, but key collision problem arises. To solve this critical problem, the CGA defines the SEC field within address format, which is set to high value when high security is required and vice versa, but the CGA faces a dilemma between security and the processing time. As SEC value increases, the processing time to generate the CGA grows dramatically while key collision ratio increases if low SEC value is applied to the CGA. We propose modified CGA (MCGA) that has shorter processing time than the CGA and offers digital signature with small overheads. To solve key collision problem, we employ hierarchical ad hoc network. The MCGA is applicable to IPv6 networks as well public networks. In this paper, we design a mathematical model to analyze the processing time for MCGA and CGA first and evaluate the processing time via simulations, where the processing time for MCGA is reduced down 3.3 times when SEC value is set to 0 and 68,000 times when SEC value is set to 1. Further, we have proved that the CGA is inappropriate for both ad hoc networks and IPv6 networks when the SEC field is set to more than 3.

• The KIPS Transactions:PartC
• /
• v.17C no.1
• /
• pp.1-14
• /
• 2010

IEEE 802.15.4[1] has been standardized for the physical layer and MAC layer of LR-PANs(Low Rate-Wireless Personal Area Networks) as a technology for operations with low power on sensor networks. The standardization is applied to the variety of applications in the shortrange wireless communication with limited output and performance, for example wireless sensor or virtual wire, but it includes vulnerabilities for various attacks because of the lack of security researches. In this paper, we analyze the vulnerabilities against the denial of sleep attacks on the MAC layer of IEEE 802.15.4, and propose a detection mechanism against it. In results, we analyzed the possibilities of denial of sleep attacks by the modification of superframe, the modification of CW(Contention Window), the process of channel scan or PAN association, and so on. Moreover, we comprehended that some of these attacks can mount even though the standardized security services such as encryption or authentication are performed. In addition to, we model for denial of sleep attacks by Beacon/Association Request messages, and propose a detection mechanism against them. This detection mechanism utilizes the management table consisting of the interval and node ID of request messages, and signal strength. In simulation results, we can show the effect of attacks, the detection possibility and performance superiorities of proposed mechanism.

• Journal of KIISE:Computer Systems and Theory
• /
• v.36 no.5
• /
• pp.396-403
• /
• 2009

An anonymous asymmetric fingerprinting protocol combined with watermarking techniques, is one of the copyright protection technologies keeping both right of a seller and that of a buyer, where a seller and an anonymous buyer perform such a protocol that employs various cryptographic tools in order that the seller does not know the exact watermarked copy that the buyer receives, while inserting an invisible non-removable fingerprint i.e., each different unique watermark, into each copy of the digital content to be sold. In such a protocol innocent buyers are kept anonymous during transactions, however, the unlawful reseller is unambiguously identified with a real identity as a copyright violator. In 2007, Yong and Lee proposed an anonymous asymmetric fingerprinting scheme with trusted third party. In this paper we point out the weakness of their scheme such as: the buyer with intention can remove the fingerprint in the watermarked content, because he/she can decrypt the encrypted fingerprint with a symmetric key using man-in-the-middle-attack; a real identity of a buyer can be revealed to the seller through the identification process even though he/she is honest. Furthermore, we propose an improved secure and efficient anonymous asymmetric fingerprinting scheme which enables to reduce the number of communication between the participants.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.21 no.9
• /
• pp.458-465
• /
• 2020

Technological advances in artificial intelligence are affecting many industries, such as telecommunications, logistics, security, and healthcare, and research and development related to economic, efficiency, linkage with commercial technologies are the current focus. Predicting the changes in the future battlefield environment and ways of conducting war from a strategic point of view, as well as designing/planning the direction of military development for a leading response is not only a basic element to prepare for comprehensive future threats but also an indispensable factor that can produce an optimal effect over a limited budget/time. From this perspective, this study was conducted as part of a technology-driven plan to discover potential future technologies with high potential for use in the defense field and apply them to R&D. In this study, based on research data collected in a defense future technology investigation, the future new technology that requires further research was predicted by considering the redundancy with existing defense research projects and the feasibility of technology. In addition, an empirical study was conducted to verify the significance between the future new defense technology and the evaluation indicators in the AI field.

• Korean Security Journal
• /
• no.51
• /
• pp.173-195
• /
• 2017

Recently, in South Korea, security management has been strengthened, but there have been an increasing number of cases where the main infrastructure of the country is hacked in the cyber space. South Korea is equipped with sophisticated information and communication technologies, such as Internet, but is threatened by cyber terrorism of North Korea and terrorist organizations. Nevertheless, there is a limit to how to develop a policy and strategic plan for the country, which is related to domestic terrorism and lacks legal and regulatory facilities, and therefore, in this study, proposed suggestions for building adaptive and efficient policy formulation. Based on the theoretical analysis framework of the Strategic Plan for achieving the objectives of the research, we compared the UK 's security strategy with the national security policy of the domestic government. As a result, several problems were derived: First, the domestic security strategy did not take into account the external environment. Secondly, lack of coordination with domestic cyber security goals setting and strategy is causing ambiguity and confusion. Third, the detailed plan of implementation of national security in each province is designed to ensure that there is a possibility that a mixed side effect between ministries and agencies will arise. Fourth, it was found that there was a limit to prepare the evaluation standards for the evaluation and return of domestic security policies in the country. Therefore, in order to establish a policy for the response of domestic cyber terrorism, we set up a vision from long-term perspectives and concrete targets based on the strategic approach of the security policy, It is necessary to present an assignment and formulate an efficient execution plan. It is necessary to maintain and improve the domestic safeguards in order to be able to complement the problems through evaluation and feedback.

• Review of KIISC
• /
• v.18 no.5
• /
• pp.33-48
• /
• 2008

최근 은행의 소유지분한도와 설립자본금 등에 대한 정부의 금융규제 완화로 인터넷전문은행의 설립 가능성이 높아지고 있다. 그러나 우리나라의 전자금융환경은 전자금융거래법 제정에 따라 금융기관의 입증책임을 강화함으로써 금융기관의 전자금융리스크가 상대적으로 크게 증가하였다. 또한, 정보 공격기술 및 수법의 발달로 전자금융보안에 대한 위협이 지속적으로 증가하고 있다. 이외 에도 신BIS 리스크 평가에 IT운영리스크가 포함되는 등 금융환경 변화 및 정보통신 기술의 발전으로 인한 전자금융리스크가 계속 확대되고 있는 추세에 있다. 이러한 금융환경 변화와 함께 서비스채널이 인터넷에 집중되는 인터넷전문은행은 기존의 전통적인 은행과 차별되는 리스크에 추가적으로 노출될 위험성이 높다. 이러한 리스크에 대한 인식 및 대비 부재는 금융소비자가 금융권 전자금융거래에 대한 불신으로 확산되거나, 금융시장의 불안정성을 야기하는 금융사고로 이어져 자칫 국내 전자금융의 발전을 저해하는 심각한 요소가 될 수 있다. 본 논문에서는 국내 금융환경과는 차이가 있지만, 인터넷전문은행이 가져올 전자금융의 기술적 변화는 유사하다는 점에서 해외 주요국가의 인터넷전문은행 현황과 전자금융부문을 중심으로 인터넷전문은행 설립인가 사례를 살펴보고, 국내에서 인터넷전문은행 설립시 우리가 취해야 할 입장에 대해 시사점을 얻고자 하였다. 그리고 국내 전자금융 환경에서 전통적인 일반은행과 차별되거나 인터넷전문은행 고유의 특성으로 발생되는 주요 전자금융리스크를 다섯 가지로 분석하였고, 이러한 전자금융리스크를 줄이기 위한 대응방안을 모색해 보았다. 정부의 금융규제 완화는 금융자유화를 진전시켜 금융거래가 자유경쟁원리에 입각해 이루어짐에 따라 국민경제의 발전에 있어서 바람직한 결과를 얻고자 하는 것이다. 그러나 다른 한편으로 과도한 리스크에 노출 될 경우에는 금융시장의 불안정성을 야기하고 이로 인해 역 선택과 도덕적 해이를 야기 시키는 등 여러 가지의 폐해를 줄 수도 있다 이러한 폐해를 줄이기 위해서는 인터넷전문은행의 고유한 특성으로 수반되는 리스크와 상대적으로 그 중요성이 부각되는 전자금융리스크에 대한 관리 감독을 강화해야 한다. 또한 이러한 리스크 관리강화를 위한 제도적 장치는 인터넷전문은행의 자율성과 책임성을 부여하는 방향으로 이루어지는 것이 바람직하다. 인터넷전문은행이 실질적으로 다수의 금융이용자에게 다양한 혜택과 효율적인 금융서비스를 제공하기 위해서는 초기 사업계획 심사 단계에서부터 위험성이 크게 증가하는 전자금융리스크에 대해서, 적절한 관리방안 수립을 통해 예상되는 리스크를 줄이기 위한 노력이 필요하다고 생각한다. 그리고 인터넷전문은행에 대한 구체적인 인가요건이 마련되지 못한 현 상황에서, 국내 인터넷전문은행 설립이 우리나라 전자금융거래에 발전적 역할을 할 수 있도록 앞으로 더 많은 논의와 연구가 진행될 필요가 있다.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.43 no.7 s.349
• /
• pp.93-103
• /
• 2006

Network solutions for protecting against worm attacks that complement partial end system patch deployment is a pressing problem. In the content-based worm filtering, the challenges focus on the detection accuracy and its performance enhancement problem. We present a worm filter architecture using the bloom filter for deployment at high-speed transit points on the Internet, including firewalls and gateways. Content-based packet filtering at multi-gigabit line rates, in general, is a challenging problem due to the signature explosion problem that curtails performance. We show that for worm malware, in particular, buffer overflow worms which comprise a large segment of recent outbreaks, scalable -- accurate, cut-through, and extensible -- filtering performance is feasible. We demonstrate the efficacy of the design by implementing it on an Intel IXP network processor platform with gigabit interfaces. We benchmark the worm filter network appliance on a suite of current/past worms, showing multi-gigabit line speed filtering prowess with minimal footprint on end-to-end network performance.

• KIPS Transactions on Computer and Communication Systems
• /
• v.9 no.5
• /
• pp.101-106
• /
• 2020

Since computer became available, much effort has been made to achieve information security. Even though memory protection defense mechanisms were studied the most among of them, the problems of existing memory protection defense mechanisms were found due to improved performance of computer and new defense mechanisms were needed due to the advent of the side-channel attacks. In this paper, we propose JMP+RAND that embedding random values of 5 to 8 bytes per page to defend against memory sharing based side-channel attacks and bridging the gap of existing memory protection defense mechanism. Unlike the defense mechanism of the existing side-channel attacks, JMP+RAND uses static binary rewriting and continuous jmp instruction and random values to defend against the side-channel attacks in advance. We numerically calculated the time it takes for a memory sharing-based side-channel attack to binary adopted JMP+RAND technique and verified that the attacks are impossible in a realistic time. Modern architectures have very low overhead for JMP+RAND because of the very fast and accurate branching of jmp instruction using branch prediction. Since random value can be embedded only in specific programs using JMP+RAND, it is expected to be highly efficient when used with memory deduplication technique, especially in a cloud computing environment.

• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.12
• /
• pp.471-480
• /
• 2016

Recently, the damage of cyber attack toward infra-system, national defence and security system is gradually increasing. In this situation, military recognizes the importance of cyber warfare, and they establish a cyber system in preparation, regardless of the existence of threaten. Thus, the study of Intrusion Detection System(IDS) that plays an important role in network defence system is required. IDS is divided into misuse and anomaly detection methods. Recent studies attempt to combine those two methods to maximize advantagesand to minimize disadvantages both of misuse and anomaly. The combination is called Hybrid IDS. Previous studies would not be inappropriate for near real-time network environments because they have computational complexity problems. It leads to the need of the study considering the structure of IDS that have high detection rate and low computational cost. In this paper, we proposed a Hybrid IDS which combines C4.5 decision tree(misuse detection method) and Weighted K-means algorithm (anomaly detection method) hierarchically. It can detect malicious network packets effectively with low complexity by applying mutual information and genetic algorithm based efficient feature selection technique. Also we construct upgraded the the hierarchical structure of IDS reusing feature weights in anomaly detection section. It is validated that proposed Hybrid IDS ensures high detection accuracy (98.68%) and performance at experiment section.

• Proceedings of the Korea Society of Information Technology Applications Conference
• /
• 2006.06a
• /
• pp.46-66
• /
• 2006

새로운 지능기반사회(ubiquitous society) 패러다임이란 전제 아래 미국을 비롯해 일본, 유럽 등 세계 각국에서는 모바일, 브로드밴드, 극소형 컴퓨터, IPv6의 기술이 창출해 내는 컴퓨팅 혁명의 실체를 유비궈터스 IT로 파악하고 각 국의 걸부, 기업, 연구소들이 주도권을 잡기 위해 많은 노력을 기울이고 있다. 현재 유비쿼터스 IT를 활용한 u-비즈니스를 활성화하고 관련 시장을 선점하기 위한 전 세계적인 경쟁은 매우 치열한 양상을 보이고 있다. 주요 국가들은 서로 지향하는 영역은 다르지만 궁극적으로 지능기반사회 구현이라는 대명제 아래 독자적인 산업 구축을 위해 노력하고 있다. 이러한 이유는 기본적으로 지능기반사회로의 이행과정에서 발생하는 경제적 파급효과, 예컨대 디지털 가전, 이동통신기기, 전자의료기기, 디스플레이, 2차 전지, 보안 등 관련 산업에 미치는 영향 및 새로운 시장 창출의 기회가 있기 때문이다. 기존의 많은 연구 및 문헌에서는 아직도 유비쿼터스 IT에 대한 개념적인 논의에 치중되어 있고 시장 중심적 또는 수요자 중심적 사고의 논의가 부족하다. 성공적으로 유비쿼터스 산업을 육성하기 위해서는 유비쿼터스 IT자체기술 개발사업(tangible service) 뿐만 아니라 비가시적(intangible) 서비스, 그리고 컨버전스(convergence) 서비스에 대한 상용화 모델과 성공적 사업 전개 방법론에 대한 깊은 연구가 수행되어야 한다. 본 연구에서는 먼저 유비쿼터스 IT의 기술동향과 시장 동향 및 산업 규모에 대한 문헌연구를 통해 u-비즈니스의 가능성을 고찰해보고, u-비즈니스 추진 전략을 탐색적으로 제시하고자 한다.되었다. SPME-GC/MS에 의한 휘발성분 분석 결과, 기능성 유지에서 홍국쌀 에탄올 추출물로부터 기인되는 특유의 휘발성분은 관찰되지 않았으나, RT=12.1 min인 hexanal의 함량이 control에 비하여 유의적인 감소 경향을 나타내는 것이 확인되었다(p<0.05).히지 못하여, 이의 기전을 밝히기 위한 추후 연구가 필요하다./TEX>로서 p<0.01 수준에서 현저히 증가하였다. 혈청의 인지질과 콜레스테롤 에스테르의 지방산 조성에서 vitamin C를 혼합 투여한 3,5,7군에서 PUFA 함량이 증가한 반면, SFA 함량은 감소하여 P/S 비율, n-3P/n-6P 비율은 증가하는 경향이었으며 이는 간장의 인지질, 콜레스테롤 에스테르, 총 지질의 지방산조성에서도 같은 경향을 볼 수 있었다.X>$(C_{18:2})$와 n-3계 linolenic acid$(C_{18:3})$가 대부분을 차지하였다. 야생 돌복숭아 과육 중의 지방산 조성은 포화지방산이 16.74%, 단불포화지방산 17.51% 및 다불포화지방산이 65.73%의 함유 비율을 보였는데, 이 중 다불포화지방산인 n-6계 linoleic acid$(C_{18:2})$와 n-3계 linolenic acid$(C_{18:3})$가 지질 구성 총 지방산의 대부분을 차지하는 함유 비율을 나타내었다.했다. 하강하는 약 4일간의 기상변화가 자발성 기흉 발생에 영향을 미친다고 추론할 수 있었다. 향후 본 연구에서 추론된 기상변화와 기흉 발생과의 인과관계를 확인하고 좀 더 구체화하기 위한 연구가 필요할 것이다.게 이루어질 수 있을 것