• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.41 no.5
• /
• pp.581-591
• /
• 2016

RFID(Radio Frequency IDentification) is a key technology in ubiquitous computing and is expected to be employed in more fields in the near future. Nevertheless, the RFID system is vulnerable to attacks by eavesdropping or altering of the messages transmitted in wireless channels. In 2013, Oh et al. proposed a mutual authentication protocol between a tag and a reader in RFID systems. Their protocol is designed to resist location tracking for privacy protection. However, all tags and readers use only one network-wide key in their protocol and tags are usually vulnerable to physical attacks. We found that their protocol is still vulnerable to tag/reader impersonation attacks and location tracking if an attacker obtains the network-wide key from a tag. In this paper, we propose a security improved authentication protocol for privacy protection in RFID systems. In addition, we demonstrate that the proposed scheme is efficient in terms of computation and communication costs.

• KIPS Transactions on Computer and Communication Systems
• /
• v.9 no.5
• /
• pp.101-106
• /
• 2020

Since computer became available, much effort has been made to achieve information security. Even though memory protection defense mechanisms were studied the most among of them, the problems of existing memory protection defense mechanisms were found due to improved performance of computer and new defense mechanisms were needed due to the advent of the side-channel attacks. In this paper, we propose JMP+RAND that embedding random values of 5 to 8 bytes per page to defend against memory sharing based side-channel attacks and bridging the gap of existing memory protection defense mechanism. Unlike the defense mechanism of the existing side-channel attacks, JMP+RAND uses static binary rewriting and continuous jmp instruction and random values to defend against the side-channel attacks in advance. We numerically calculated the time it takes for a memory sharing-based side-channel attack to binary adopted JMP+RAND technique and verified that the attacks are impossible in a realistic time. Modern architectures have very low overhead for JMP+RAND because of the very fast and accurate branching of jmp instruction using branch prediction. Since random value can be embedded only in specific programs using JMP+RAND, it is expected to be highly efficient when used with memory deduplication technique, especially in a cloud computing environment.

• Journal of Korea Multimedia Society
• /
• v.16 no.10
• /
• pp.1163-1170
• /
• 2013

Digital watermarking techniques have been used as one of the means for copyright protection and authentication of multimedia data. Conventional Chinese Remainder Theorem(CRT)-based spatial domain watermarking techniques do not perform well under JPEG compression. However, it is seen that the CRT-based watermarking technique in Discrete Cosine Transform(DCT) domain performs well for JPEG compression. In this paper, an improved CRT-based image watermarking method in the DCT domain is proposed. The proposed method provides better robustness which decreases changes of absolute difference of residues against rounding errors due to DCT conversion and various attacks. Experimental results show that the proposed method has a good robustness against various attacks compared with the conventional CRT-based watermarking in DCT domain.

• Korean Journal of Cognitive Science
• /
• v.21 no.1
• /
• pp.145-156
• /
• 2010

This paper presents a new contents-based digital still image protection method which includes a copyright message. Since the existing method using gradient values used a pixel based $3{\times}3$ Sobel operator, it was sensitive to attacks and could not extract exact copyright message. Therefore, in this paper, we present a algorithm which uses block based OCL(Orientation Certainty Level) instead of pixel. The experimental results show that the proposed scheme not only has good image quality, but also is robust to JPEG lossy compression, filtering, sharpening, blurring and noise. Moreover, the proposed algorithm has good performance more than 10% in rotation attacks than the existing method.

• Journal of information and communication convergence engineering
• /
• v.8 no.6
• /
• pp.618-622
• /
• 2010

The damages from DDoS attacks are increasing as DDoS attacks are taking various forms. This has resulted not only in decreased reliability of organizations and corporations but also in the threat of national security. Organizations and corporations are making significant efforts in developing a system through which they can appropriately correspond to DDoS attacks. However, the studies on objective index for evaluating the performance of DDoS correspondence are lacking. The majority of the existing studies have been on the information protection & management system on a large scale. Accordingly, the scope of this thesis will be limited to DDoS correspondence to propose correspondence index for quantitatively measuring and managing them. The statistical techniques such as SMART technique and factor analysis will be utilized accordingly.

• International Journal of Computer Science & Network Security
• /
• v.23 no.12
• /
• pp.1-12
• /
• 2023

Ensuring the security of Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems (ICS) is paramount to safeguarding the reliability and safety of critical infrastructure. This paper addresses the significant threat posed by reconnaissance attacks on SCADA/ICS networks and presents an innovative methodology for enhancing their protection. The proposed approach strategically employs imbalance dataset handling techniques, ensemble methods, and feature engineering to enhance the resilience of SCADA/ICS systems. Experimentation and analysis demonstrate the compelling efficacy of our strategy, as evidenced by excellent model performance characterized by good precision, recall, and a commendably low false negative (FN). The practical utility of our approach is underscored through the evaluation of real-world SCADA/ICS datasets, showcasing superior performance compared to existing methods in a comparative analysis. Moreover, the integration of feature augmentation is revealed to significantly enhance detection capabilities. This research contributes to advancing the security posture of SCADA/ICS environments, addressing a critical imperative in the face of evolving cyber threats.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.8 no.2
• /
• pp.59-65
• /
• 2012

Emergency medical information center performs role of medical direction about disease consult and pre-hospital emergency handling scheme work to people. Emergency medical information system plays a major role to be decreased mortality and disability of emergency patient by providing information of medical institution especially when emergency patient has appeared. But, various attacks as a hacking have been happened in Emergency medical information system recently. In this paper, we proposed security structure which can protect the system securely by detecting attacks from outside effectively. Intrusion detection was performed using rule based detection technique according to protocol for every packet to detect attack and intrusion was reported to control center if intrusion was detected also. Intrusion detection was performed again using decision tree for packet which intrusion detection was not done. We experimented effectiveness using attacks as TCP-SYN, UDP flooding and ICMP flooding for proposed security structure in this paper.

• Journal of the Korea Society for Simulation
• /
• v.17 no.3
• /
• pp.27-34
• /
• 2008

Wireless sensor networks are comprised of sensor nodes with resource-constrained hardware. Nodes in the sensor network without adequate protection may be compromised by adversaries. Such compromised nodes are vulnerable to the attacks like false reports injection attacks and false data injection attacks on legitimate reports. In false report injection attacks, an adversary injects false report into the network with the goal of deceiving the sink or the depletion of the finite amount of energy in a battery powered network. In false data injection attacks on legitimate reports, the attacker may inject a false data for every legitimate report. To address such attacks, the probabilistic voting-based filtering scheme (PVFS) has been proposed by Li and Wu. However, each cluster head in PVFS needs additional transmission device. Therefore, this paper proposes a fuzzy logic-based false report detection method (FRD) to mitigate the threat of these attacks. FRD employs the statistical en-route filtering scheme as a basis and improves upon it. We demonstrate that FRD is efficient with respect to the security it provides, and allows a tradeoff between security and energy consumption, as shown in the simulation.

• International Journal of Computer Science & Network Security
• /
• v.23 no.11
• /
• pp.190-194
• /
• 2023

By looking the importance of communication, data delivery and access in various sectors including governmental, business and individual for any kind of data, it becomes mandatory to identify faults and flaws during cyber communication. To protect personal, governmental and business data from being misused from numerous advanced attacks, there is the need of cyber security. The information security provides massive protection to both the host machine as well as network. The learning methods are used for analyzing as well as preventing various attacks. Machine learning is one of the branch of Artificial Intelligence that plays a potential learning techniques to detect the cyber-attacks. In the proposed methodology, the Decision Tree (DT) which is also a kind of supervised learning model, is combined with the different cross-validation method to determine the accuracy and the execution time to identify the cyber-attacks from a very recent dataset of different network attack activities of network traffic in the UNSW-NB15 dataset. It is a hybrid method in which different types of attributes including Gini Index and Entropy of DT model has been implemented separately to identify the most accurate procedure to detect intrusion with respect to the execution time. The different DT methodologies including DT using Gini Index, DT using train-split method and DT using information entropy along with their respective subdivision such as using K-Fold validation, using Stratified K-Fold validation are implemented.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.2
• /
• pp.329-337
• /
• 2013

Cyber threats of the ICS(Industrial Control System) has been researched on the level to the threat to the network service as well as a specific system, even if the extent of damage was not intended. Although some range of "security" just include the protection of systems against the deliberate attacks of terrorists or cyber hackers, often more damage is done by carelessness, and equipment failures than by those deliberate attacks. This paper presented a taxonomy for classifying all abnormal behaviors of ICS, including deliberate attacks, inadvertent mistakes, equipment failures, and software problems. The classification criteria of ICS abnormal behaviors was selected to highlight commonalities and important features of deliberate attacks as well as inadvertent actions.