• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.5
• /
• pp.818-828
• /
• 2018

Nowadays, various security systems are developed and used for protecting information on the network. Although security solutions can prevent some of the security risks, they provide high performance only if used appropriately in accordance with their purposes and functionality. Security solutions commonly used in information protection systems include firewalls, IDS, and IPS. However, despite various information protection systems are introduced, there are always techniques that can threaten the security systems through bypassing them. The purpose of this paper is to develop effective training techniques for responding to the bypass attack techniques in the information security systems and to develop effective techniques that can be applied to the training. In order to implement the test bed we have used GNS3 network simulator, and deployed it on top of virtual operating system using VirtualBox. The proposed correspondence training scenario against bypassing information protection system attacks could be very effectively used to counteract the real attacks.

• Journal of the military operations research society of Korea
• /
• v.31 no.2
• /
• pp.28-44
• /
• 2005

The previous studies approach the field artillery fire scheduling problem as deterministic and do not explicitly include information on the potential scenario changes. Unfortunately, the effort used to optimize fire sequences and reduce the total time of engagement is often inefficient as the collected military intelligence changes. Instead of modeling the fire sequencing problem as deterministic model, we consider a stochastic artillery fire scheduling model and devise a solution methodology to integrate possible enemy attack scenarios in the evaluation of artillery fire sequences. The goal is to use that information to find robust solutions that withstand disruptions in a better way, Such an approach is important because we can proactively consider the effects of certain unique scheduling decisions. By identifying more robust schedules, cascading delay effects will be minimized. In this paper we describe our stochastic model for the field artillery fire sequencing problem and offer revised robust stochastic model which considers worst scenario first. The robust stochastic model makes the solution more stable than the general two-stage stochastic model and also reduces the computational cost dramatically. We present computational results demonstrating the effectiveness of our proposed method by EVPI, VSS, and Variances.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.5
• /
• pp.2186-2203
• /
• 2020

Security administrators of companies and organizations need to come up with proper countermeasures against cyber-attacks considering infrastructures and security policies in their possession. In order to develop and verify such countermeasures, the administrators should be able to reenact both cyber-attacks and defenses. Simulations can be useful for the reenactment by overcoming its limitations including high risk and cost. If the administrators are able to design various scenarios of cyber-attacks and to develop simulation models from their viewpoints, they can simulate desired situations and observe the results more easily. It is challenging to simulate cyber-security issues, because there is lack of theoretical basis for modeling a wide range of the security field as well as pre-defined basic components used to model cyber-attacks. In this paper, we propose a modeling method for cyber-security simulations by developing a basic component and a composite model, called Abstracted Cyber-Security Unit Model (ACSUM) and Abstracted Cyber-security SIMulation model (ACSIM), respectively. The proposed models are based on DEVS(Discrete Event systems Specification) formalism, a modeling theory for discrete event simulations. We develop attack scenarios by sequencing attack behaviors using ACSUMs and then model ACSIMs by combining and abstracting the ACSUMs from a security perspective. The concepts of ACSUM and ACSIM enable the security administrators to simulate numerous cyber-security issues from their viewpoints. As a case study, we model a worm scenario using ACSUM and simulate three types of simulation models based on ACSIM from a different security perspective.

• Structural Engineering and Mechanics
• /
• v.84 no.2
• /
• pp.167-180
• /
• 2022

A strategic structure when exposed to direct hit of conventional bomb/projectile are severely damaged because of large amounts of energy released by the impact and penetration of bomb. When massive concrete slabs suffer a direct hit, the energy released during impact and penetration process are able to easily break up large mass of concrete. When over stressed under such impact of bombs, the concrete structure fails showing brittle behavioural nature. This paper is intended to study and suggest the protective measures for structures used for strategic application by adopting a means to dissipate the large quantum of energy released. To quantitatively evaluate the force, displacement and energy in such scenario, a fine numerical model of the proposed layered structure of different combinations was built in ANSYS programme in which tri-nitrotoluene (TNT) explosive was detonated at penetration depth calculated for GP1000 Lbs bomb. The distinct blast mitigation effect of the proposed structure was demonstrated by adopting various layers/barriers created as protective measures for the strategic structure. The calculated result shows that the blast effect on the structure is potentially reduced due to provision of buster slab with sand cushioning provided as protective measure to the main structure. This concept of layered protective measures may be adopted for safeguarding strategic structures such as Domes, Tunnels and Underground Structures.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.14 no.2
• /
• pp.303-308
• /
• 2019

Spring framework is widely used as a base technology for e-government frameworks and to the extent it is a standard for web service development tools of Korean public institutions. However, recently, a remote code execution vulnerability(CVE-2018-1270) was found in an application using a spring framework. This paper proposes a method of analyzing the vulnerability experiment using a hacking scenario, Proof Of Concept(POC), in which the spring framework is a hazard to the server. We propose the patch to version 4.3.16 and version 5.0.5 or later as an ultimate response. It is also expected that the proposed experiment analysis on vulnerability of hacking scenario will be used as a data for improving performance of security programs and establishing a new authentication system.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.10a
• /
• pp.261-264
• /
• 2008

IPv6 has been proposed and deployed to cater the shortage of IPv4 addresses. It is expected to foresee mobile phones, pocket PCs, home devices and any other kind of network capable devices to be connected to the Internet with the introduction and deployment of IPv6. This scenario will bring in more challenges to the existing network infrastructure especially in the network security area. Firewalls are the simplest and the most basic form of protection to ensure network security. Nowadays, firewalls' usage has been extended from not only to protect the whole network but also appear as software firewalls to protect each network devices. IPv6 and IPv4 are not interoperable as there are separate networking stacks for each protocol. Therefore, the existing states of the art in firewalling need to be reengineered. In our context here, we pay attention only to the IPv6 firewalls configuration anomalies without considering other factors. Pre-evaluation of security risk is important in any organization especially a large scale network deployment where an add on rules to the firewall may affect the up and running network. We proposed a new probabilistic based model to evaluate the security risks based on examining the existing firewall rules. Hence, the network administrators can pre-evaluate the possible risk incurred in their current network security implementation in the IPv6 network. The outcome from our proposed pre-evaluation model will be the possibilities in percentage that the IPv6 firewall is configured wrongly or insecurely where known attacks such as DoS attack, Probation attack, Renumbering attack and etc can be launched easily. Besides that, we suggest and recommend few important rules set that should be included in configuring IPv6 firewall rules.

• Journal of the Korea Convergence Society
• /
• v.5 no.3
• /
• pp.1-5
• /
• 2014

The development of communication method for a variety of intelligent automobiles are delivering comfortable and safe information. However the development of such communication method must also think about security. Even the update of navigation to be used for intelligent automobiles uses the wireless updating methods but the updating methods currently being used has no reliable security measures. The navigation communications used in the intelligent automobiles are being provided with TTI(Traffic and Travel Information) service using a variety of methods by the countries. In the case of Korea, most are based on T-DMB using the TPEG method for transmitting the information. By identifying the characteristics on the navigation wireless update, a security solution is proposed for delivering the reliable update information after creating the attack scenario.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.245-248
• /
• 2011

Voice over Internet protocol(VoIP) is call's contents using the existing internet. Thus, in common with the Internet service has the same vulnerability. In addition, unlike traditional PSTN remotely without physical access to hack through the eavesdropping is possible. Cyber terrorism by anti-state groups take place when the agency's computer network and telephone system at the same time work is likely to get upset. In this paper is penetration testing for security threats(Call interception, eavesdropping, misuse of services) set out in the NIS in the VoIP. In addition, scenario writing and penetration testing, hacking through the Voice over Internet protocol at the examination center will study discovered vulnerabilities. Vulnerability discovered in Voice over Internet protocol presents an attack and defense plan.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.9
• /
• pp.4727-4741
• /
• 2019

The lightweight block cipher Piccolo adopts Generalized Feistel Network structure with 64 bits of block size. Its key supports 80 bits or 128 bits, expressed by Piccolo-80 or Piccolo-128, respectively. In this paper, we exploit the security of reduced version of Piccolo from the first round with the pre-whitening layer, which shows the vulnerability of original Piccolo. As a matter of fact, we first study some linear relations among the round subkeys and the properties of linear layer. Based on them, we evaluate the security of Piccolo-80/128 against the meet-in-the-middle attack. Finally, we attack 13 rounds of Piccolo-80 by applying a 5-round distinguisher, which requires $2^{44}$ chosen plaintexts, $2^{67.39}$ encryptions and $2^{64.91}$ blocks, respectively. Moreover, we also attack 17 rounds of Piccolo-128 by using a 7-round distinguisher, which requires $2^{44}$ chosen plaintexts, $2^{126}$ encryptions and $2^{125.49}$ blocks, respectively. Compared with the previous cryptanalytic results, our results are the currently best ones if considering Piccolo from the first round with the pre-whitening layer.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2017.04a
• /
• pp.340-342
• /
• 2017

국내 기업과 기관을 대상으로 하는 APT(Advanced Persistent Treat) 공격은 꾸준히 발생하고 있다. 이에 대응하기 위해 보안 담당자는 다양한 보안솔루션을 도입하고 있지만, 반대로 보안 솔루션에 의해 공격당하는 사례가 발생하고 있다. 보안 솔루션에 의한 침해사고는 백신과 같은 엔드 포인트(End Point) 보안 솔루션을 공격하는 사례가 많지만, 네트워크 보안솔루션의 취약점을 이용하여 직접적으로 공격할 수 있는 가능성이 충분히 있다. 본 논문은 네트워크 보안 솔루션을 분석하여 확인한 취약점을 바탕으로 공격 시나리오를 제시한다. 이를 통해 네트워크 보안 솔루션에 의한 공격을 사전에 고려하여 대비할 수 있도록 한다.