• Journal of Advanced Navigation Technology
• /
• v.14 no.5
• /
• pp.725-736
• /
• 2010

Nowadays, followed the internet service contents increasing makes also increase attack case on the web system. Usually web attack use mixed many kinds of attack mechanism for successfully attack to the server system. These increasing of the kinds attack mechanism, however web attack defence mechanism is not follow the spread of the attack. Therefore, for the defends web application, web attack should be categorizing and analysing for the effective defense. In this paper, we analyze web attack specification evidence and behavior system that use for effective expressions what we proposed. Also, we generate web attack scenario, it is for using verification of our proposed expressions.

• Proceedings of the IEEK Conference
• /
• 2002.06c
• /
• pp.185-188
• /
• 2002

This paper proposes a efficient way to use Database that is constructed about attack-pattern. For IDS that activate confrontation, we reconstruct by Layered Attack Tree after constructing attack pattern by Attack Tree. And then this paper has designed IDS that Layered Attack Tree is applied, verified them.

• Journal of KIISE
• /
• v.42 no.5
• /
• pp.652-663
• /
• 2015

Due to the popularity of location-based services, the amount of generated spatial data in daily life has been dramatically increasing. Therefore, spatial database outsourcing has become popular for data owners to reduce the spatial database management cost. The most important consideration in database outsourcing is meeting the privacy requirements and guarantying the integrity of the query result. However, most of existing database transformation techniques do not support both of the data privacy and integrity of the query result. To solve this problem, we propose a spatial data transformation scheme that utilizes the shearing transformation with rotation shifting. In addition, we described the attack models to measure the data privacy of database transformation schemes. Finally, we demonstrated through the experimental evaluations that our scheme provides high level of data protection against different kinds of attack models, compared to the existing schemes, while guaranteeing the integrity of the query result sets.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.8B
• /
• pp.947-953
• /
• 2011

These days, a consistent and fatal attack attribute toward a database has proportionally evolved in the similar development form to that of security policy. Because of access control-based defensive techniques regarding information created in closed networks and attacks on a limited access pathway, cases of infringement of many systems and databases based on accumulated and learned attack patterns from the past are increasing. Therefore, the paper aims to separate attack information by its types based on a virtual infringement pattern system loaded with dualistic VM in order to ensure stability to limited certification and authority to access, to propose a system that blocks infringement through the intensive management of infringement pattern concerning attack networks, and to improve the mechanism for implementing a test that defends the final database, the optimal defensive techniques, and the security policies, through research.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.2
• /
• pp.101-110
• /
• 2011

Recently, an attack to an application incapacitates the intrusion detection rule, the defense policy for a network and database and induces intrusion incidents. Thus, it is necessary to study integration security to ensure the security of an internal network and database from that attack. This article is about building an integration security system to prevent an attack to an application set with intrusion detection rules. It responds to network-based attack through detection, disperses attack with the internal integration security system through virtual clustering and load balancing, and sets up defense policy for attacking destination packets, analyzes and records attack packets, and updates rules through monitoring and analysis. Moreover, this study establishes defense policy according to attacking types to settle access traffic through virtual machine partition policy and suggests an integration security system applied to prevent attack and tests its defense. The result of this study is expected to provide practical data for integration security defense for hacking attack from outside.

• Convergence Security Journal
• /
• v.20 no.1
• /
• pp.49-57
• /
• 2020

It is no exaggeration to say that we live with cyber threats every day. Nevertheless, it is difficult for us to obtain objective information about cyber threats and attacks because it is difficult to clearly identify the attacker, the purpose of attack, and the range of damage, and rely on information from a single source. In the preceding research of this study, we proposed the new approach for establishing Database (DB) for cyber attacks using Open Source Intelligence(OSINT). In this research, we present the evaluation factors for cyber threats among cyber attack DB and analyze the priority of those factors in oder to quantify cyber threats. We select the purpose of attack, attack category, target, ease of attack, attack persistence, frequency of OSINT DB, and factors of the lower layer for each factor as the evaluation factors for cyber threats. After selection, the priority of each factor is analyzed using the Analytic Hierarchy Process(AHP).

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.2
• /
• pp.3-11
• /
• 2005

As the usage of Internet grows, we share many informations among the others and use more database systems for a various type of data. However, secure database system, which prevents the unauthorized users from modification, deletion, and access, is urgently required for sharing data in Internet. Conventional technologies of a data security are passive methods which depend on several steps with an access control, and these methods are vulnerable against the illegal attack because attacker can see the plain text that is private message. To prevent private data item for the special security from the malicious attack in web database, this paper is devoted to implement database system using steganography method, so we can protect the data item completely because attacker cannot know the secure message although he get the content of database.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.2
• /
• pp.892-911
• /
• 2019

Biometric recognition systems have been widely used for information security. Among the most popular biometric traits, there are fingerprint and face due to their high recognition accuracies. However, the security system that uses face recognition as the login method are vulnerable to face-spoofing attacks, from using printed photo or video of the valid user. In this study, we propose a fast and robust method to detect face-spoofing attacks based on the analysis of spatial frequency differences between the real and fake videos. We found that the effect of a spoofing attack stands out more prominently in certain regions of the 2D Fourier spectra and, therefore, it is adequate to use the information about those regions to classify the input video or image as real or fake. We adopt a divide-conquer-aggregate approach, where we first divide the frequency domain image into local blocks, classify each local block independently, and then aggregate all the classification results by the weighted-sum approach. The effectiveness of the methodology is demonstrated using two different publicly available databases, namely: 1) Replay Attack Database and 2) CASIA-Face Anti-Spoofing Database. Experimental results show that the proposed method provides state-of-the-art performance by processing fewer frames of each video.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.10a
• /
• pp.800-803
• /
• 2012

Recently, research on security of RFID system has been conducted actively in order to utilize RFID system in various fields including distribution and logistics. This paper suggests an authentication protocol which supplement the flaws of previous RFID authentication protocols and we improved its performance using matrix-based authentication. The suggested authentication protocol provides mutual authentication, protects from wiretapping attack, replay attack, spoofing attack, and traffic analysis attack and so on, and reduces overload of back-end database so that has efficient performance.

• International Journal of Computer Science & Network Security
• /
• v.24 no.1
• /
• pp.140-150
• /
• 2024

Database-as-a-Service is one of the prime services provided by Cloud Computing. It provides data storage and management services to individuals, enterprises and organizations on pay and uses basis. In which any enterprise or organization can outsource its databases to the Cloud Service Provider (CSP) and query the data whenever and wherever required through any devices connected to the internet. The advantage of this service is that enterprises or organizations can reduce the cost of establishing and maintaining infrastructure locally. However, there exist some database security, privacychallenges and query performance issues to access data, to overcome these issues, in our recent research, developed a database security model using a deterministic encryption scheme, which improved query execution performance and database security level.As this model is implemented using a deterministic encryption scheme, it may suffer from chosen plain text attack, to overcome this issue. In this paper, we proposed a new model for cloud database security using nondeterministic encryption, order preserving encryption, homomorphic encryptionand database distribution schemes, andour proposed model supports execution of queries with equality check, range condition and aggregate operations on encrypted cloud database without decryption. This model is more secure with optimal query execution performance.