• Convergence Security Journal
• /
• v.13 no.6
• /
• pp.11-16
• /
• 2013

Mobile node must move optionally and perform the router and the host functions at the same time. These characteristics of nodes have become a potential threatening element of a variety of attacks. In particular, a black hole which malicious node causes packet loss among them is one of the most important issues. In this paper, we propose distributed detection technique using monitoring tables in all node and cooperative detection technique based cluster for an efficient detection of black hole attack. The proposed technique performs by dividing into local detection and cooperative detection process which is composed of process of step 4 in order to improve the accuracy of the attack detection. Cluster head uses a black hole list to cooperative detection. The performance of the proposed technique was evaluated using ns-2 simulator and its excellent performance could be confirmed in the experiment result.

• Journal of Convergence Society for SMB
• /
• v.4 no.4
• /
• pp.1-6
• /
• 2014

A wireless sensor network is being actively researched around the world that are connected to the mesh are a plurality of sensor nodes in a wireless manner that span different regions of the techniques. However, wireless communications use the limitation of resources, so it is very weak due to the properties of the network itself secure in comparison to the normal network. Wireless sensor network is divided into tapped-based attacks, forgery based attacks, denial of service attacks based largely by securities laws must defend against various attacks such as insertion of the wrong information being sent eavesdropping or modification of information, which is usually sensor network applications need to do. The countermeasure of sensor network attack is described in this research, and it will contribute to establish a secure sensor network communication.

• Convergence Security Journal
• /
• v.21 no.3
• /
• pp.49-56
• /
• 2021

Recently, artificial intelligence is regarded as an essential technology in our society. In particular, the invasion of privacy in artificial intelligence has become a serious problem in modern society. Split learning, proposed at MIT in 2019 for privacy protection, is a type of federated learning technique that does not share any raw data. In this study, we studied a safe and accurate segmentation learning model using known differential privacy to safely manage data. In addition, we trained SVHN and GTSRB on a split learning model to which 15 different types of differential privacy are applied, and checked whether the learning is stable. By conducting a learning data extraction attack, a differential privacy budget that prevents attacks is quantitatively derived through MSE.

• Convergence Security Journal
• /
• v.20 no.4
• /
• pp.209-215
• /
• 2020

The environment of the Internet provides an efficient communication of the things which are connected. While internet and online service provide us many valuable benefits, online services offered and accessed remotely through internet also exposes us to many different types of security threats. Most security threats were just related to information leakage and the loss of authentication on client-server environment. In 2016, Ahmed et al. proposed an efficient lightweight remote user authentication protocol. However, Kang et al. show that it's scheme still unstable and inefficient. It cannot resist offline identity guessing attack and cannot provide session key confirmation property. Moreover, there is some risk of biometric information's recognition error. In this paper, we propose an improved scheme to overcome these security weaknesses by storing secret data in device. In addition, our proposed scheme should provide not only security, but also efficiency since we only use hash function and XOR operation.

• Convergence Security Journal
• /
• v.23 no.5
• /
• pp.73-79
• /
• 2023

Cyber threats are evolving and becoming more sophisticated with the development of new technologies, and consequently the number of service failures caused by DDoS attacks are continually increasing. Recently, DDoS attacks have numerous types of service failures by applying a large amount of traffic to the domain address of a specific service or server. In this paper, after generating the data of the Syn Flooding attack, which is the representative attack type of bandwidth exhaustion attack, the data were compared and analyzed using Random Forest, Decision Tree, Multi-Layer Perceptron, and KNN algorithms for the effective detection of attacks, and the optimal algorithm was derived. Based on this result, it will be useful to use as a technique for the detection policy of Syn Flooding attacks.

• Convergence Security Journal
• /
• v.6 no.1
• /
• pp.83-90
• /
• 2006

Recently, the security for RFID/USN environment is divided into network security and RFID security. The authentication protocol design for RFID security is studied to protect user privacy in RFID system. However, the study of efficient authentication protocol for RFID system is not satisfy a security for low-cost RFID tag and user privacy. Therefore, this paper proposes a secure matrix-based RFID authentication protocol that decrease communication overhead and computation. In result, the Matrix-based RFID authentication protocol is an effective authentication protocol compare with HB and $HB^+$ in traffic analysis attack and trace location attack.

• Convergence Security Journal
• /
• v.20 no.4
• /
• pp.91-101
• /
• 2020

We analyzed APT attack cases that occurred overseas in the past using a cyber kill chain model and a TTP model. As a result of the analysis, we found that the cyber kill chain model is effective in figuring out the overall outline, but is not suitable for establishing a specific defense strategy, however, TTP model is suitable to have a practical defense system. Based on these analysis results, it is suggested that defense technology development which is based on TTP model to build defense-in-depth system for preparing cyber attacks.

• Journal of information and communication convergence engineering
• /
• v.7 no.1
• /
• pp.7-12
• /
• 2009

The advanced computer network and Internet technology enables connectivity of computers through an open network environment. Despite the growing numbers of security threats to networks, most intrusion detection identifies security attacks mainly by detecting misuse using a set of rules based on past hacking patterns. This pattern matching has a high rate of false positives and can not detect new hacking patterns, making it vulnerable to previously unidentified attack patterns and variations in attack and increasing false negatives. Intrusion detection and prevention technologies are thus required. We proposed a network based hybrid Probe Intrusion Detection model using Fuzzy cognitive maps (PIDuF) that detects intrusion by DoS (DDoS and PDoS) attack detection using packet analysis. A DoS attack typically appears as a probe and SYN flooding attack. SYN flooding using FCM model captures and analyzes packet information to detect SYN flooding attacks. Using the result of decision module analysis, which used FCM, the decision module measures the degree of danger of the DoS and trains the response module to deal with attacks. For the performance evaluation, the "IDS Evaluation Data Set" created by MIT was used. From the simulation we obtained the max-average true positive rate of 97.064% and the max-average false negative rate of 2.936%. The true positive error rate of the PIDuF is similar to that of Bernhard's true positive error rate.

• Journal of information and communication convergence engineering
• /
• v.20 no.4
• /
• pp.250-258
• /
• 2022

The emerging scope of the Internet-of-Things (IoT) has piqued the interest of industry and academia in recent times. Therefore, security becomes the main issue to prevent the possibility of cyberattacks. Jamming attacks are threads that can affect performance and cause significant problems for IoT device. This study explores a smart jamming attack (coalition attack) in which the attackers were previously a part of the legitimate network and are now back to attack it based on the gained knowledge. These attackers regroup into a coalition and begin exchanging information about the legitimate network to launch attacks based on the gained knowledge. Our system enables jammer nodes to select the optimal transmission rates for attacks based on the attack probability table, which contains the most probable link transmission rate between nodes in the legitimate network. The table is updated constantly throughout the life cycle of the coalition. The simulation results show that a coalition of jammers can cause highly successful attacks.

• Journal of Industrial Convergence
• /
• v.16 no.2
• /
• pp.25-31
• /
• 2018

An APT attack is a new hacking technique that continuously attacks specific targets and is called an APT attack in which a hacker exploits various security threats to continually attack a company or organization's network. Protect employees in a specific organization and access their internal servers or databases until they acquire significant assets of the company or organization, such as personal information leaks or critical data breaches. Also, APT attacks are not attacked at once, and it is difficult to detect hacking over the years. This white paper examines ongoing APT attacks and identifies, educates, and proposes measures to build a security management system, from the executives of each organization to the general staff. It also provides security updates and up-to-date antivirus software to prevent malicious code from infiltrating your company or organization, which can exploit vulnerabilities in your organization that could infect malicious code. And provides an environment to respond to APT attacks.