• 한국항공운항학회지
• /
• 제24권3호
• /
• pp.55-61
• /
• 2016

Among the method of aerial fire firefighting, the indirect attack is efficiency way to protect main facilities and it is the aerial fire line construction. According to this study is suggested the fire line construction strategy of indirect attack by helicopter suitable Korea forest fire on theory consideration of indirect attack and experience in practical scene. This study defined that main key points of the fire line construction are accuracy, large quantity, and quickness. Main protection facilities are devided as caution area, warning area, danger area and concern area. Also, it suggested stage-by-stsge from 1 step to 3 step for the aerial fire firefighting correspondence strategy and the fire line construction model. I regard that this study's indirect attack method of the aerial fire firefighting of the fire line construction may be understand about indirect attack tactics and application of indirect attack which is assistance to raise of capability of the aerial fire firefighting with effectiveness and efficiency.

• 한국통신학회논문지
• /
• 제33권7B호
• /
• pp.592-600
• /
• 2008

In this paper, a Hybrid Scaling based DTW (HS-DTW) mechanism is proposed for detection of periodic shrew TCP attacks. A low-rate TCP attack which is a type of shrew DoS (Denial of Service) attacks, was reported recently, but it is difficult to detect the attack using previous flooding DoS detection mechanisms. A pattern matching method with DTW (Dynamic Time Warping) as a type of defense mechanisms was shown to be reasonable method of detecting and defending against a periodic low-rate TCP attack in an input traffic link. This method, however, has the problem that a legitimate link may be misidentified as an attack link, if the threshold of the DTW value is not reasonable. In order to effectively discriminate between attack traffic and legitimate traffic, the difference between their DTW values should be large as possible. To increase the difference, we analyze a critical problem with a previous algorithm and introduce a scaling method that increases the difference between DTW values. Four kinds of scaling methods are considered and the standard deviation of the sampling data is adopted. We can select an appropriate scaling scheme according to the standard deviation of an input signal. This is why the HS-DTW increases the difference between DTW values of legitimate and attack traffic. The result is that the determination of the threshold value for discrimination is easier and the probability of mistaking legitimate traffic for an attack is dramatically reduced.

• ETRI Journal
• /
• 제37권6호
• /
• pp.1108-1119
• /
• 2015

Multicast communication of mobile ad hoc networks is vulnerable to internal attacks due to its routing structure and high scalability of its participants. Though existing intrusion detection systems (IDSs) act smartly to defend against attack strategies, adversaries also accordingly update their attacking plans intelligently so as to intervene in successful defending schemes. In our work, we present a novel indirect internal stealthy attack on a tree-based multicast routing protocol. Such an indirect stealthy attack intelligently makes neighbor nodes drop their routing-layer unicast control packets instead of processing or forwarding them. The adversary targets the collision avoidance mechanism of the Medium Access Control (MAC) protocol to indirectly affect the routing layer process. Simulation results show the success of this attacking strategy over the existing "stealthy attack in wireless ad hoc networks: detection and countermeasure (SADEC)" detection system. We design a cross-layer automata-based stealthy attack on multicast routing protocols (SAMRP) attacker detection system to identify and isolate the proposed attacker. NS-2 simulation and analytical results show the efficient performance, against an indirect internal stealthy attack, of SAMRP over the existing SADEC and BLM attacker detection systems.

• 전기학회논문지
• /
• 제65권12호
• /
• pp.2240-2250
• /
• 2016

MIFARE Classic is the most popular contactless smart card, which is primarily used in the management of access control and public transport payment systems. It has several security features such as the proprietary stream cipher Crypto 1, a challenge-response mutual authentication protocol, and a random number generator. Unfortunately, multiple studies have reported structural flaws in its security features. Furthermore, various attack methods that target genuine MIFARE Classic cards or readers have been proposed to crack the card. From a practical perspective, these attacks can be partitioned according to the attacker's ability. However, this measure is insufficient to determine the optimal attack flow due to the refined random number generator. Most card-only attack methods assume a predicted or fixed random number, whereas several commercial cards use unpredictable and unfixable random numbers. In this paper, we propose optimal MIFARE Classic attack procedures with regards to the type of random number generator, as well as an adversary's ability. In addition, we show actual attack results from our portable experimental setup, which is comprised of a commercially developed attack device, a smartphone, and our own application retrieving secret data and sector key.

• 대한기계학회논문집B
• /
• 제24권7호
• /
• pp.976-983
• /
• 2000

The flow characteristics around an elliptic cylinder with axis ratio of AR=2 located near a flat plate were investigated experimentally to study the interaction between the cylinder wake and the turbulent boundary layer. The pressure distributions on the cylinder surface and on the flat plate were measured with varying the angle of attack of the cylinder. In addition, the velocity profiles of wake behind the cylinder were measured using a hot-wire anemometry As the angle of attack increases, the location of peak pressure on the windward and leeward surfaces of the cylinder moves toward the rear and front of the cylinder, respectively. At positive angles of attack, the position of the minimum pressure on the flat plate surface is moved downstream, but it is moved upstream at negative angles of attack. With increasing the angle of attack, the vortex shedding frequency is gradually decreased and the critical angle of attack exists in terms of the gap ratio. By installing the elliptic cylinder at negative angle of attack, the turbulent boundary layer over the flat plate is disturbed more than that at positive incidence. This may be attributed to the shift of separation point on the lower surface of the cylinder due to the presence of a ground plate nearby.

• Journal of Communications and Networks
• /
• 제15권1호
• /
• pp.31-37
• /
• 2013

Mobile ad hoc networks (MANET) refers to a network designed for special applications for which it is difficult to use a backbone network. In MANETs, applications are mostly involved with sensitive and secret information. Since MANET assumes a trusted environment for routing, security is a major issue. In this paper we analyze the vulnerabilities of a pro-active routing protocol called optimized link state routing (OLSR) against a specific type of denial-of-service (DOS) attack called node isolation attack. Analyzing the attack, we propose a mechanism called enhanced OLSR (EOLSR) protocol which is a trust based technique to secure the OLSR nodes against the attack. Our technique is capable of finding whether a node is advertising correct topology information or not by verifying its Hello packets, thus detecting node isolation attacks. The experiment results show that our protocol is able to achieve routing security with 45% increase in packet delivery ratio and 44% reduction in packet loss rate when compared to standard OLSR under node isolation attack. Our technique is light weight because it doesn't involve high computational complexity for securing the network.

• Nuclear Engineering and Technology
• /
• 제52권5호
• /
• pp.995-1001
• /
• 2020

With the development of digital instrumentation and control (I&C) devices, cyber security at nuclear power plants (NPPs) has become a hot issue. The Stuxnet, which destroyed Iran's uranium enrichment facility in 2010, suggests that NPPs could even lead to an accident involving the release of radioactive materials cyber-attacks. However, cyber security research on industrial control systems (ICSs) and supervisory control and data acquisition (SCADA) systems is relatively inadequate compared to information technology (IT) and further it is difficult to study cyber-attack taxonomy for NPPs considering the characteristics of ICSs. The advanced research of cyber-attack taxonomy does not reflect the architectural and inherent characteristics of NPPs and lacks a systematic countermeasure strategy. Therefore, it is necessary to more systematically check the consistency of operators and regulators related to cyber security, as in regulatory guide 5.71 (RG.5.71) and regulatory standard 015 (RS.015). For this reason, this paper attempts to suggest a template for cyber-attack taxonomy based on the characteristics of NPPs and exemplifies a specific cyber-attack case in the template. In addition, this paper proposes a systematic countermeasure strategy by matching the countermeasure with critical digital assets (CDAs). The cyber-attack cases investigated using the proposed cyber-attack taxonomy can be used as data for evaluation and validation of cyber security conformance for digital devices to be applied, and as effective prevention and mitigation for cyber-attacks of NPPs.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권5호
• /
• pp.2651-2673
• /
• 2019

In order to detect Denial of Service (DoS) attacks, victim-side detection methods are used popularly such as static threshold-based method and machine learning-based method. However, as DoS attacking methods become more sophisticated, these methods reveal some natural disadvantages such as the late detection and the difficulty of tracing back attackers. Recently, in order to mitigate these drawbacks, source-side DoS detection methods have been researched. But, the source-side DoS detection methods have limitations if the volume of attack traffic is relatively very small and it is blended into legitimate traffic. Especially, with the subtle attack traffic, DoS detection methods may suffer from high false positive, considering legitimate traffic as attack traffic. In this paper, we propose an effective source-side DoS detection method with traffic seasonality aware adaptive threshold. The threshold of detecting DoS attack is adjusted adaptively to the fluctuated legitimate traffic in order to detect subtle attack traffic. Moreover, by understanding the seasonality of legitimate traffic, the threshold can be updated more carefully even though subtle attack happens and it helps to achieve low false positive. The extensive evaluation with the real traffic logs presents that the proposed method achieves very high detection rate over 90% with low false positive rate down to 5%.

• 정보보호학회논문지
• /
• 제14권5호
• /
• pp.57-68
• /
• 2004

블록 암호 분석 기법 중 Rectangle 공격과 연관키 공격은 잘 알려진 강력한 블록 암호 분석 도구이다. 본 논문에서는 Rectangle 공격과 연관키 공격을 결합한 연관키 Rectangle 공격을 소개한다. 두 가지 분석 기법의 특징과 장점을 적절히 이용하는 연관키 Rectangle 공격은 512-비트 키를 사용하는 59-라운드 SHACAL-1에 효과적으로 적용된다. 59-라운드 SHACAL-1의 연관키 Rectangle 공격은 2$^{149.72}$개의 선택 평문과 대략 2$^{498.30}$번의 59-라운드 SHACAL-1 암호화 과정으로 연관키를 구할 수 있다.

• 한국가시화정보학회지
• /
• 제20권1호
• /
• pp.18-28
• /
• 2022

In this study, a cavity shape measurement experiment was conducted by changing the diameter and the angle of attack of a disk cavitator. Since the gravity effect is proportional to the cavity volume, the larger the cavity, the greater the effect. It is concluded that the gravity effect becomes smaller as the cavitation number decreases because of a short cavity maintaining time. The cavity centerline rises in case of the positive angle of attack and descends in case of the negative angle of attack. Since the effect of the angle of attack is inversely proportional to the square of the cavity radius, the effect of the angle of attack becomes dominant in the vicinity of the cavitator. It is judged that the horizontal section of the cavity centerline cannot be extended because the factors affecting the gravity effect and the angle of attack effect are different.