• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.2
• /
• pp.327-334
• /
• 2016

Contrary to the common belief, DRAM which is used for the main memory of various computing devices retains its content even though it is powered-off. Especially, the data-retaining time can increase if DRAM is cooled down. The Cold Boot Attack, a kind of side-channel attacks, tries to recover the sensitive information such as the cryptographic key from the powered-off DRAM. This paper proposes a new algorithm which recovers the AES key under the symmetric-decay cold-boot-attack model. In particular, the proposed algorithm uses the strategy of reducing the size of the candidate key space by testing the randomness of the extracted AES key bit stream.

• The Journal of Society for e-Business Studies
• /
• v.12 no.1
• /
• pp.89-97
• /
• 2007

Recently, a large number of authentication schemes based on smart cards have been proposed, using the thinking of OTP (one-time password) to withstand replay attack. Unfortunately, if these schemes implement on PCs instead of smart cards, most of themcannot withstand impersonation attack and Stolen-Verifier attack since the data on PCs is easy to read and steal. In this paper, a secure authentication scheme based on a security key and a renewable token is proposed to implement on PCs. A comparison with other schemes demonstrates the proposed scheme has following merits: (1) Withstanding Stolen-Verifier attack (2) Withstanding Impersonation attack (3) Providing mutual authentication; (4) Easy to construct secure session keys.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.5
• /
• pp.1027-1037
• /
• 2019

Conventional cyber-attack detection solutions are generally based on signature-based or malicious behavior analysis so that have had difficulty in detecting unknown method-based attacks. Since the various information occurring all the time reflects the state of the system, by modeling it in a steady state and detecting an abnormal state, an unknown attack can be detected. Since a variety of system information occurs in a string form, word embedding, ie, techniques for converting strings into vectors preserving their order and semantics, can be used for modeling and detection. Novelty Detection, which is a technique for detecting a small number of abnormal data in a plurality of normal data, can be performed in order to detect an abnormal condition. This paper proposes a method to detect system anomaly by cyber attack using embedding and novelty detection.

• Journal of Korea Multimedia Society
• /
• v.25 no.2
• /
• pp.221-236
• /
• 2022

BLE protocol prevents MITM attacks with user interaction through some input/output devices such as keyboard or display. Therefore, If it use a device which has no input/output facility, it can be vulnerable to MITM attack. If messages to be sent to a control device is forged by MITM attack, the device can be abnormally operated by malicious attack from attacker. Therefore, we describes a scenario which has the vulnerabilities of the BLE network in this paper and propose countermeasure method against MITM attacks integrity violations. Its mechanism provides data confidentiality and integrity with MD5 and security key distribution of Diffie Helman's method. In order to verify the effectiveness of the countermeasure method proposed in this paper, we have conducted the experiments. ​As experiments, the message was sent 200 times and all of them successfully detected whether there was MITM attack or not. In addition, it took at most about 4.2ms delay time with proposed countermeasure method between devices even attacking was going on. It is expected that more secure data transmission can be achieved between IoT devices on a BLE network through the method proposed.

• Korean Journal of Applied Biomechanics
• /
• v.15 no.1
• /
• pp.1-18
• /
• 2005

The purpose of this study was to evaluate performance characteristics. in the success of team attack during volleyball competition. For this, real game was analyzed using S-VHS video camera for three dimensional cinematography. The contents of this research were receive to set time, set to spike time, setter moving distance, ball position during set and attacker's relative ball position during jump and spike, and open area at spike. Among the various kinematical factors considered in this study, the ball height relative spiker and open area were found to be related to offensive performance. This finding implies that although their direct impact were not significant the other factors could have indirect impact on offensive performance by increasing open area. Thus, receiver, setter, assistant attacker, and main attacker should practice for successful performance in each stage. Lastly, it is necessary to develop kinematic variables to evaluate performance characteristics of players. Further study may consider the best defense position against the attack of the opponent player.

• Journal of the Korean Society of Systems Engineering
• /
• v.6 no.1
• /
• pp.33-39
• /
• 2010

Anti-surface missiles have been the most dangerous threat to the surface ships, therefore analyzing the defense effectiveness of surface ships against diverse anti-surface missiles attack strategies is very important to evaluate and anticipate the naval combat ship's abilities in terms of AAW (Anti-Air Warfare). In this paper, we don't study on the defense effectiveness of a ship against a missile, but focus on the defense effectiveness for surface ships against multiple missiles specialized in strategies of anti-surface missiles; ripple fire attack and simultaneous time on target attack (STOT). So, we conduct a variety of monte-carlo simulations with high-fidelity simulators, analyze the measure of defense effectiveness for the key factors of strategies and evaluate the effects and possible interactions of several factors through the analysis of the design of experiment (DOE).

• Journal of Convergence Society for SMB
• /
• v.6 no.1
• /
• pp.17-23
• /
• 2016

Recently, Internet services via various devices including smartphone have become available. Because of the development of ICT, numerous hacking incidents have occurred and most of those attacks turned out to be APT attacks. APT attack means an attack method by which a hacker continues to collect information to achieve his goal, and analyzes the weakness of the target and infects it with malicious code, and being hidden, leaks the data in time. In this paper, we examine the information collection method the APT attackers use to invade the target system in a short time using big data, and we suggest and evaluate the countermeasure to protect against the attack method using big data.

• Journal of Korea Multimedia Society
• /
• v.22 no.2
• /
• pp.242-249
• /
• 2019

Old people and patients with cardiovascular disease could die of a heart attack in the bath with heated water for a long time. Various researches have been studied to prevent these accidents from happening such as measuring the ECG signal when taking bath. However, these devices are hard to use and the higher price is not easily accepted by the public. In this paper, a low-cost and use-friendly, real time high precision water temperature monitoring device to prevent heart attack in the bath was developed. The device with waterproof design that lets the device can float on the surface of the water, and an accurate way to make water temperature measurement method was proposed by this paper that is immerging the sensor into water with 4cm depth to measure the temperature of underwater. The manufactured device was conducted to two experiments; one was to verify the basic functions of the device, and another one was for compare the proposed device with commercial products for monitoring the water temperature in the bathtub. As the experimental results shown, the proposed device has stable performance for the water temperature measurement and communicating with laptop in wireless.

• ETRI Journal
• /
• v.43 no.5
• /
• pp.941-949
• /
• 2021

In this study, a spatial spectrum method is proposed to cope with the pilot spoofing attack (PSA) problem by exploiting the of uplink-downlink channel reciprocity in time-division-duplex multiple-input multiple-output systems. First, the spoofing attack in the uplink stage is detected by a threshold derived from the predefined false alarm based on the estimated spatial spectrum. When the PSA occurs, the transmitter (That is Alice) can detect either one or two spatial spectrum peaks. Then, the legitimate user (That is Bob) and Eve are recognized in the downlink stage via the channel reciprocity property based on the difference between the spatial spectra if PSA occurs. This way, the presence of Eve and the direction of arrival of Eve and Bob can be identified at the transmitter end. Because noise is suppressed by a spatial spectrum, the detection performance is reliable even for low signal-noise ratios and a short training length. Consequently, Bob can use beamforming to transmit secure information during the data transmission stage. Theoretical analysis and numerical simulations are performed to evaluate the performance of the proposed scheme compared with conventional methods.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.6
• /
• pp.83-99
• /
• 2011

OTP (One Time Password) is widely used for protecting accounts on Internet banking, portal services and online game services in Korea. OTP is very strong method for enforcing account security but there are several ways for exploiting vulnerabilities caused by implementation errors. These attacks can work because of the weakness from OTP enabled system's vulnerabilities, not for OTP's algorithm itself. In this paper, we present the known attack scenarios such as MITM (Man-in-the-Middle) attack and various reverse engineering techniques; also, we show the test result of the attacks and countermeasures for these attacks.