• Journal of Positioning, Navigation, and Timing
• /
• 제11권3호
• /
• pp.163-172
• /
• 2022

Typical anti-jamming technologies based on array antennas, Space Time Adaptive Process (STAP) & Space Frequency Adaptive Process (SFAP), are very effective algorithms to perform nulling and beamforming. However, it does not perform equally well for all types of jamming signals. If the anti-jamming algorithm is not optimized for each signal type, anti-jamming performance deteriorates and the operation stability of the system become worse by unnecessary computation. Therefore, jamming classification technique is required to obtain optimal anti-jamming performance. Machine learning, which has recently been in the spotlight, can be considered to classify jamming signal. In general, performing supervised learning for classification requires a huge amount of data and new learning for unfamiliar signal. In the case of jamming signal classification, it is difficult to obtain large amount of data because outdoor jamming signal reception environment is difficult to configure and the signal type of attacker is unknown. Therefore, this paper proposes few-shot jamming signal classification technique using meta-learning and transfer-learning to train the model using a small amount of data. A training dataset is constructed by anti-jamming algorithm input data within the GNSS receiver when jamming signals are applied. For meta-learning, Model-Agnostic Meta-Learning (MAML) algorithm with a general Convolution Neural Networks (CNN) model is used, and the same CNN model is used for transfer-learning. They are trained through episodic training using training datasets on developed our Python-based simulator. The results show both algorithms can be trained with less data and immediately respond to new signal types. Also, the performances of two algorithms are compared to determine which algorithm is more suitable for classifying jamming signals.

• 한국시뮬레이션학회논문지
• /
• 제15권4호
• /
• pp.69-77
• /
• 2006

위치 선정이나 설비배치문제를 기존의 정성적 접근방법에서 벗어나 수학적 방법을 통해 해결하려는 시도가 여러 분야에서 이루어지고 있다. 지역담당모형은 이러한 연구 분야중 하나로 주어진 문제를 수학적으로 현실과 유사하게 구현시킬 수 있고 모형에 대한 해법절차도 다양하기 때문에 여러 형태의 배치문제들에도 폭넓게 적용되어 왔으며 최근 들어서는 군사설비분야에서도 그 활용도가 높아지고 있다. 본 연구는 미사일 방어를 위하여 한국해군 KDX 함정의 최적배치에 대한 시뮬레이션 모델을 구축하였다. 시뮬레이션 모델은 부분지역담당모형을 바탕으로 공격자와 방어자의 측면을 단계적으로 평가하는 방법으로 구현되어 있으며, 구축된 모형에 대하여 가능한 시나리오를 설정하고 실험을 통하여 결과를 분석하였다. 구현된 모형실험은 공격자의 공격계획과 공격계획에 따른 최적의 KDX 배치선정과 방어미사일 할당에 대한 의사결정방안을 제시하고 있다. 본 연구의 최적배치모형은 한국적 미사일방어 체계구축을 위하여 도입될 최신무기체계의 위치선정에 대한 최적의 대안을 제시하고 효율적인 부대배치를 위한 참고자료로 활용할 수 있을 것이다.

• 정보보호학회논문지
• /
• 제24권6호
• /
• pp.1045-1053
• /
• 2014

본 논문에서는 카드 단말기로부터 발생할 수 있는 부채널 신호를 통해 금융 중요 정보의 누수가 발생할 수 있다고 가정하고, 실제 적용 가능한 공격 모델을 새로이 제안한다. 논문에서 제안하는 공격 모델은 소형 센서를 카드 단말기에 부착하여 카드 단말기에서 발생하는 진동 신호를 이용한 진동 신호 기반 부채널 공격이다. 이 소형 센서를 통해 카드결제 승인 단말기의 버튼을 누를 때 발생되는 진동신호를 알아낼 수 있으며, 이러한 정보는 금융 정보를 탈취하는 기반이 된다. 이러한 연구는 기존에 실시된 다른 부채널 연구들과 어느 정도 유사한 면도 있으나, 본 논문은 비언어적 모델을 기반으로 한다는 점에서 그 성격이 다르다. 왜냐하면 금융 결제에 필요한 카드 번호, 비밀번호, 휴대전화 번호 등은 일정한 패턴을 가질 수 없기 때문이다. 또한 소형 카드 단말기를 이용한 연구가 거의 없었다는 점에서 본 연구는 의미를 가진다. 이에 소형 무선 센서를 데이터를 수집하고, 데이터 특성을 고려해 주파수 영역의 스펙트럼 및 주성분 분석 방법을 이용한 통계적 신호처리 및 패턴 인식 알고리즘을 이용해 수집 정보를 분석을 실시한 뒤, 그 실험 결과를 선보인다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권3호
• /
• pp.1502-1522
• /
• 2019

Leakage of secret keys may be the most devastating problem in public key cryptosystems because it means that all security guarantees are missing. The forward security mechanism allows users to update secret keys frequently without updating public keys. Meanwhile, it ensures that an attacker is unable to derive a user's secret keys for any past time, even if it compromises the user's current secret key. Therefore, it offers an effective cryptographic approach to address the private key leakage problem. As an extension of the forward security mechanism in certificate-based public key cryptography, forward-secure certificate-based signature (FS-CBS) has many appealing merits, such as no key escrow, no secure channel and implicit authentication. Until now, there is only one FS-CBS scheme that does not employ the random oracles. Unfortunately, our cryptanalysis indicates that the scheme is subject to the security vulnerability due to the existential forgery attack from the malicious CA. Our attack demonstrates that a CA can destroy its existential unforgeability by implanting trapdoors in system parameters without knowing the target user's secret key. Therefore, it is fair to say that to design a FS-CBS scheme secure against malicious CAs without lying random oracles is still an unsolved issue. To address this problem, we put forward an enhanced FS-CBS scheme without random oracles. Our FS-CBS scheme not only fixes the security weakness in the original scheme, but also significantly optimizes the scheme efficiency. In the standard model, we formally prove its security under the complexity assumption of the square computational Diffie-Hellman problem. In addition, the comparison with the original FS-CBS scheme shows that our scheme offers stronger security guarantee and enjoys better performance.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제12권6호
• /
• pp.2881-2894
• /
• 2018

Cyber attacks are increasing continuously. On average about one million malicious codes appear every day, and attacks are expanding gradually to IT convergence services (e.g. vehicles and television) and social infrastructure (nuclear energy, power, water, etc.), as well as cyberspace. Analysis of large-scale cyber incidents has revealed that most attacks are started by PCs infected with malicious code. This paper proposes a method of detecting an attack IP automatically by analyzing the characteristics of the e-mail transfer path, which cannot be manipulated by the attacker. In particular, we developed a system based on the proposed model, and operated it for more than four months, and then detected 1,750,000 attack IPs by analyzing 22,570,000 spam e-mails in a commercial environment. A detected attack IP can be used to remove spam e-mails by linking it with the cyber removal system, or to block spam e-mails by linking it with the RBL(Real-time Blocking List) system. In addition, the developed system is expected to play a positive role in preventing cyber attacks, as it can detect a large number of attack IPs when linked with the portal site.

• 한국정보과학회논문지:소프트웨어및응용
• /
• 제31권9호
• /
• pp.1218-1225
• /
• 2004

S/KEY 시스템은 공격자의 패스워드 재공격을 방지하기 위해 제안되었다. 하지만 S/KEY 시스템은 공격자가 자신이 가지고 있는 사전에서 패스프레이즈(passphrase)를 유추해 낼 경우, 결국 인증을 하는데 필요한 일회용 패스워드를 알아낼 수 있는 취약점을 가지고 있다. 이 논문에서는 passphrase에 대한 사전공격을 방지하기 위해 EKE(Encrypted Key Exchange) 프로토콜을 적용한 새로운 S/KEY 시스템을 제시한다. 그리고 새로 제안된 S/KEY 시스템의 안전성을 검증하기 위해 Casper와 CSP로 프로토콜을 명세하고, FDR 모델 체커를 이용하여 그 안전성을 검증하였다.

• 융합보안논문지
• /
• 제19권4호
• /
• pp.77-85
• /
• 2019

인터넷은 지속적으로 발전하고 이에 따라 사이버 공격도 더욱 정밀하고 은밀하게 이루어지고 있다. 개인의 사생활 보장의 목적으로 사용되는 익명통신도 사이버 공격에 활용되고 있다. 익명통신은 공격자의 IP주소를 숨길 뿐만 아니라 암호화된 트래픽으로 통신이 이루어져 대부분의 기관이나 조직에서 사이버 공격의 방어목적으로 사용하고 있는 정보보호시스템을 우회할 수 있다. 이런 이유로 익명통신은 악성코드의 공격명령을 내리거나, 추가적인 악성코드 다운로드의 통신수단 등으로 활용된다. 그러므로 본 연구는 암호화된 익명통신을 인공지능을 통해 빠른 시간 내에 최대한 정확히 탐지하고 차단하는 방안을 제시하고자 한다. 나아가 이를 국방에 적용하여 악의적인 통신을 탐지하여 중요자료의 외부유출 및 사이버공격 방지에 기여하고자 한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제11권12호
• /
• pp.5759-5779
• /
• 2017

As the main means to cope with the stubborn problem of drunk driving, the inspection of drunk driving has already been paid more attention and thus reinforced. In this paper, we model this scenario as a Stackelberg game, where the police department (called defender) allocates resources dynamically in terms of the traffic situation on the traffic network to arrest drink drivers and drivers who drink (called attacker), whether choosing drunk driving or designated driving service, expect to minimize their cost for given travel routes. However, with the number of resources are limited, our goal is to calculate the optimal resource allocation strategy for the defender. Therefore, first, we provide an effective approach (named OISDD) to fulfill our goal, i.e., generate the optimal strategy to inspect drunk driving. Second, we apply OISDD to directed graphs (which are abstracted from Dalian traffic network) to analyze and test its correctness and rationality. The experimental results show that OISDD is feasible and efficient.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제11권2호
• /
• pp.846-864
• /
• 2017

Software Defined Network (SDN) realizes management and control over the underlying forwarding device, along with acquisition and analysis of network topology and flow characters through south bridge protocol. Data path Identification (DPID) is the unique identity for managing the underlying device, so forged DPID can be used to attack the link of underlying forwarding devices, as well as carry out DoS over the upper-level controller. This paper proposes a dynamic defense method based on Client-Puzzle model, in which the controller achieves dynamic management over requests from forwarding devices through generating questions with multi-level difficulty. This method can rapidly reduce network load, and at the same time separate attack flow from legal flow, enabling the controller to provide continuous service for legal visit. We conduct experiments on open-source SDN controllers like Fluid and Ryu, the result of which verifies feasibility of this defense method. The experimental result also shows that when cost of controller and forwarding device increases by about 2%-5%, the cost of attacker's CPU increases by near 90%, which greatly raises the attack difficulty for attackers.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제14권10호
• /
• pp.4157-4175
• /
• 2020

Moving target defense, as a 'game-changing' security technique for network warfare, realizes proactive defense by increasing network dynamics, uncertainty and redundancy. How to select the best countermeasure from the candidate countermeasures to maximize defense payoff becomes one of the core issues. In order to improve the dynamic analysis for existing decision-making, a novel approach of selecting the optimal countermeasure using game theory is proposed. Based on the signal game theory, a multi-stage adversary model for dynamic defense is established. Afterwards, the payoffs of candidate attack-defense strategies are quantified from the viewpoint of attack surface transfer. Then the perfect Bayesian equilibrium is calculated. The inference of attacker type is presented through signal reception and recognition. Finally the countermeasure for selecting optimal defense strategy is designed on the tradeoff between defense cost and benefit for dynamic network. A case study of attack-defense confrontation in small-scale LAN shows that the proposed approach is correct and efficient.