• Journal of applied mathematics & informatics
• /
• v.24 no.1_2
• /
• pp.461-470
• /
• 2007

In CRYPTO 1995, Bellare, $Gu\'{e}rin$, and Rogaway proposed a very efficient message authentication scheme. This scheme is secure against adaptive chosen message attacks, under the assumption that its underlying primitive is a pseudorandom function. This article studies how to weaken that assumption. For an adaptive chosen message attack, we take into account two scenarios. On the one hand, the adversary intercepts the authenticated messages corresponding to messages chosen adaptively by herself, so the verifier does not receive them. On the other hand, the adversary can only eavesdrop the authenticated messages corresponding to messages chosen adaptively by herself, so the verifier receives them. We modify the original scheme. In the first scenario, our scheme is secure if the underlying primitive is a pseudorandom function. In the second scenario, our scheme is still secure under a weaker assumption that the underlying primitive is an indistinguishable-uniform function.

• Journal of the Korea Society for Simulation
• /
• v.12 no.1
• /
• pp.73-83
• /
• 2003

This paper presents armed vehicle BAttle Group Simulation model(called BAGSim) which is an object-oriented simulation system for representing battle group engagement consisting of tanks and helicopters. BAGSim is designed in the evolutionary software life cycle approach with the Unified Software Development Process, and implemented with C++ language. BAGSim consists of a preprocessor for engagement scenario definition and simulation data set up, a main processor for triggering engagement event and advancing simulation clock, and a post processor to record simulation histories. Application scenario covers several type of engagement among command tanks, fight tanks, scout helicopters, attack helicopters, anti-tank guided missiles, and decoys. Thus, BAGSim can be effectively used as an analytic tool to examine some operational concepts and tactics, further experimentally fine tune tank design options.

• Journal of Positioning, Navigation, and Timing
• /
• v.5 no.4
• /
• pp.165-172
• /
• 2016

A Global Navigation Satellite System (GNSS), which is typically exemplified by the Global Positioning System (GPS), employs a open signal structure so it is vulnerable to spoofing electronic attack using a similar malicious signal with that used in the GPS. It is necessary to require a spoofing test evaluation environment to check the risk of spoofing attack and evaluate the performance of a newly developed anti-spoofing technique against spoofing attacks. The present paper proposed a simulation method of spoofing environment based on simulator that can be implementable in a test room and analyzed the spoofing simulation performance using commercial GPS receivers. The implemented spoofing simulation system ran synchronized two GPS simulator modules in a single scenario to generate both of spoofing and GPS signals simultaneously. Because the signals are generated in radio frequency, a commercial GPS receiver can be tested using this system. Experimental test shows the availability of this system, and anti-spoofing performance of a commercial GPS receiver has been analyzed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.5
• /
• pp.873-883
• /
• 2013

Security vulnerability quantification is the method that identify potential vulnerabilities by scoring vulnerabilities themselves and their countermeasures. However, due to the structural feature of smart grid system, it is difficult to apply existing security threat evaluation schemes. In this paper, we propose a network model to evaluate smartgrid security threat for AMI and derive attack scenarios. Additionally, we show that the result of security threat evaluation for proposed network model and attack scenario by applying MTTC scheme.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.8 no.9
• /
• pp.1313-1318
• /
• 2013

In order to actively respond to cyber attacks, not only the security systems such as IDS, IPS, and Firewalls, but also ESM, a system that detects cyber attacks by analyzing various log data, are preferably deployed. However, as the attacks be come more elaborate and advanced, existing signature-based detection methods start to face their limitations. In response to that, researches upon symptom detection technology based on attack modeling by employing big-data analysis technology are actively on-going. This symptom detection technology is effective when it can accurately extract features of attacks and manipulate them to successfully execute the attack modeling. We propose the ways to extract attack features which can play a role as the basis of the modeling and detect intelligent threats by carrying out scenario-based modeling.

• Journal of Platform Technology
• /
• v.9 no.1
• /
• pp.3-14
• /
• 2021

Cognitive Radio network (CR) is a promising paradigm that helps the unlicensed user (Secondary User) to analyse the spectrum and coordinate the spectrum access to support the creation of common control channel (CCC). The cooperation of secondary users and broadcasting between them is done through transmitting messages in CCC. In case, if the control channels may get jammed and it may directly degrade the network's performance and under such scenario jammers will devastate the control channels. Hopping sequences may be one of the predominant approaches and it may be used to fight against this problem to confront jammer. The jamming attack can be alleviated using one of the game modelling approach and in this proposed scheme stochastic games has been analysed with more single users to provide the flexible control channels against intrusive attacks by mentioning the states of each player, strategies ,actions and players reward. The proposed work uses a modern player action and better strategic view on game theoretic modelling is stochastic game theory has been taken in to consideration and applied to prevent the jamming attack in CR network. The selection of decision is based on Q learning approach to mitigate the jamming nodes using the optimal MDP decision process

• Journal of the Korea Convergence Society
• /
• v.6 no.4
• /
• pp.243-248
• /
• 2015

U-Healthcare is a convergence service with medical care and IT which enables to examine, manage and maintain the patient's health any time and any place. For communication conducted in U-Healthcare service, the transmission methods are used that patient's medical checkup analysis results or emergency data are transmitted to hospital server using wireless communication method. At this moment when the attacker who executes the malicious access makes DRDoS(Distributed Reflection DoS) attack to U-Healthcare devices or BS(Base Station), various damages occur that contextual information of urgent patients are not transmitted to hospital server. In order to deal with this problem, this study suggests DRDoS attack scenario and countermeasures against DRDoS and converges with Big Data which could process large amount of packets. When the attacker attacks U-Healthcare devices or BS(Base Station), DB is interconnected and the attack is prevented if it is coincident. This study analyzes the attack method that could occur in U-Healthcare devices or BS which are remote medical service and suggests countermeasures against the security threat using Big Data.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.449-456
• /
• 2018

Many organizations divide the network to manage the network in order to prevent the leakage of internal data between separate organizations / departments by sending and receiving unnecessary traffic. The most fundamental network separation method is based on physically separate equipment. However, there is a case where a network is divided and operated logically by utilizing a virtual LAN (VLAN) network access control function that can be constructed at a lower cost. In this study, we first examined the possibility of bypassing the logical network separation through VLAN ID scanning and double encapsulation VLAN hopping attack. Then, we showed and implemented a data leak scenario by utilizing the acquired VLAN ID. Furthermore, we proposed a simple and effective technique to detect and prevent the double encapsulation VLAN hopping attack, which is also implemented for validation. We hope that this study improves security of organizations that use the VLAN-based logical network separation by preventing internal data leakage or external cyber attack exploiting double encapsulation VLAN vulnerability.

• Journal of Industrial Convergence
• /
• v.18 no.5
• /
• pp.23-29
• /
• 2020

The Internet of things (IoT) is the extension of Internet connectivity into various devices and everyday objects. Embedded with electronics, Internet connectivity and other forms of hardware. The IoT poses significant risk to the entire digital ecosystem. This is because so many of these devices are designed without a built-in security system to keep them from being hijacked by hackers. This paper proposed a mutual authentication protocol for IoT Devices using symmetric-key algorithm. The proposed protocol use symmetric key cryptographic algorithm to securely encrypt data on radio channel. In addition, the secret key used for encryption is random number of devices that improves security by using variable secret keys. The proposed protocol blocked attacker and enabled legal deives to communicate because only authenticated devices transmit data by a mutual authentication protocol. Finally, our scheme is safe for attacks such as eavesdropping attack, location tracking, replay attack, spoofing attack and denial of service attack and we confirmed the safety by attack scenario.

• Proceedings of the Korean Information Science Society Conference
• /
• 2012.06d
• /
• pp.366-368
• /
• 2012

Network Coding approach to IP tracback was proposed by Sattari et al. [5] in order to reduce number of packets required to trace the source of a single attack scenario. In this paper, we analysis and point out limitations and problems of their proof for benefit of network coding to IP traceback.